Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Find out what is causing an ARP?

    Firewalling
    3
    8
    2413
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cybercare last edited by

      I am getting:

      kernel: arplookup 10.118.125.16 failed: host is not on local network under the system logs.

      I do not have anything either local or remote on that subnet so how can I find out what is trying to make that request so I can take any needed actions?

      I looked at firewall logs but dont see that address listed… I get a lot of these every day and it just adds more overhead.

      Thx!

      1 Reply Last reply Reply Quote 0
      • H
        hoba last edited by

        Check for incorrect static routes, dhcp interfaces that lost the lease, situations where the default gateway dies and/or for systems on your local subnet with different subnetranges. There is always the option to silence arp errors by ticking the option at system>advanced.

        1 Reply Last reply Reply Quote 0
        • C
          cybercare last edited by

          I rather try to resolve it than just silance the arp. :)

          But not using DHCP on pfsense, no static routes and do have another subnet that our phones are on but the pfsense also has a 2nd nic for that… Both subnets are 10.10.100.x and 10.10.200.x...

          1 Reply Last reply Reply Quote 0
          • H
            hoba last edited by

            Are both subnets running on the same Layer2 network? Did you check for incorrectly configured clients on your network?

            1 Reply Last reply Reply Quote 0
            • C
              cybercare last edited by

              Both on same network. All clients are setup correct, as are all the phones.

              I have the option on so that the two subnets cant arp eachother but just not sure what this one comes from. No way to get a MAC addy of whats doing it or anything?

              1 Reply Last reply Reply Quote 0
              • dotdash
                dotdash last edited by

                Run a tcpdump. When I've seen this, it has been due to an incorrectly configured machine on the network.

                1 Reply Last reply Reply Quote 0
                • H
                  hoba last edited by

                  You can download a packet capture from diagnostcs>packet capture for further analysis with wireshark.

                  1 Reply Last reply Reply Quote 0
                  • C
                    cybercare last edited by

                    Well I found what it is.

                    The 2nd WAN modem has its own public IP as its the gateway for pfsense, but it seems it also has that IP… Found if I give my PC an IP on that subnet and plug into the modem I can ping it. Cant get any other prot. to talk though... It seems the modem arps from that local subnet as well as its public...

                    This normally would not be allowed as the WAN has that options to block local networks on the wan port but this is a 2nd WAN and does not have that option..

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post

                    Products

                    • Platform Overview
                    • TNSR
                    • pfSense Plus
                    • Appliances

                    Services

                    • Training
                    • Professional Services

                    Support

                    • Subscription Plans
                    • Contact Support
                    • Product Lifecycle
                    • Documentation

                    News

                    • Media Coverage
                    • Press
                    • Events

                    Resources

                    • Blog
                    • FAQ
                    • Find a Partner
                    • Resource Library
                    • Security Information

                    Company

                    • About Us
                    • Careers
                    • Partners
                    • Contact Us
                    • Legal
                    Our Mission

                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                    Subscribe to our Newsletter

                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                    © 2021 Rubicon Communications, LLC | Privacy Policy