Duplicate ARP for Same MAC Address with Static ARP Enabled



  • Hi,

    I would like to know if it is expected behavior of DHCP and ARP in pfsense to duplicate ARP entries for hosts with static DHCP mapping and static ARP enabled for the DHCP mapping when they are assigned a different static IP address . The setup is as follows:

    • Client is added under DHCP server with "ARP Table Static Entry" checked

    • Both "Deny unknown clients" and "Enable Static ARP entries" are unchecked under the DHCP server settings

    • Client doesn't use DHCP but instead sets a static IP address within DHCP lease range

    Client is given assigned IP address when it requests is via DHCP. However, when it sets a static IP address, it still can communicate with pfSense.

    Through command line arp -a command, I can see that client MAC address is added to ARP table twice; one for the permanent entry in DHCP and another for the set static IP address. Below is an example output:

    (192.168.100.145) at d0:df:9a:b0:e3:c6 on vtnet0 permanent [ethernet]
    (192.168.100.226) at d0:df:9a:b0:e3:c6 on vtnet0 expires in 1181 seconds [ethernet]

    This is tested under 2.2.2-RELEASE (i386)



  • Apple wifi hubs/routers are known to do this. Is one device a WAP and the other a wireless client?



  • @tim.mcmanus

    Unfortunately, I experience this on non-Apple devices. I tried at least three computers and get the same result. I'm unsure if this is expected behavior or a bug in static ARP handling so I was hoping someone has encountered the same in their setup.



  • Given what you are doing, yes it is normal.

    The reason it has two ARP table entries is because the permanent (static) one is there all the time regardless of the actual device status.  That's the intention of the static ARP table entry.  Then if the device is configured with some other IP address a "normal" ARP table entry gets created for that IP address too.  Thus you have two ARP table entries for the same MAC.