Personal tools

Static ARP Management

From UntangleWiki

Jump to: navigation, search

About ARP Entries

Each computer on your network has an IP address, but a computer's network interfaces have MAC addresses, not IP addresses. When on the same subnet (on the Untangle Server), if Computer A wants to send data to Computer B, it needs to know two things:

  • Destination IP address for Computer B
  • MAC address for Computer B

ARP (Address Resolution Protocol) is a protocol that associates a computer's IP address and MAC address so that Computer A has all the information it needs to communicate with Computer B. Basically, using an ARP broadcast, Computer A shouts out What's the MAC address for IP Address 216.27.180.1?, then Computer B shouts back, That's me! My MAC address is 00:90:1A:40:AA:4D. Talk to me baby!

Like other routers, the Untangle Server can automatically make this translation if Computer A and Computer B are on the same segment. But, sometimes you don't want to use this automatic mapping; you'd rather have fixed (static) associations between an IP address and a MAC address. The Untangle Server provides you the ability to add static ARP entries to:

  • Protect your network against ARP spoofing. An unauthorized computer can sniff around, waiting for the right ARP request. Then, responds with its own MAC address, claiming to have the IP address of an important server or router.
  • Prevent network confusion as a result of misconfigured computers. A host that has been misconfigured with the ip address of another router or server will confuse all the other computers on its subnet. A host with a static ARP entry for the true router or server will not be confused. Don't forget to clear the misconfigured client's cached ARP table.
  • Enable computers to talk to primitive network devices. Some devices don't speak the ARP protocol, so their MAC addresses must add as ARP entries so that they can communicate with other network computers. This situation is rare these days.


Adding ARP Entries

As outlined in About ARP Entries, there are specific reasons why you might not want to use dynamic ARP. The Untangle Server provides you the ability to add static ARP entries to bypass dynamic ARP.

To add an ARP entries:

  1. Retrieve the IP address and MAC address of the device that requires the ARP entry.
    • From Windows Server command prompt, run ipconfig/all command.
    • From Solaris and Linux command prompt, run ifconfig -a command.
  2. From the Navigation pane, choose Config > Networking.
  3. In the Advanced drop-down list, select ARP.
  4. Click the Add button. A new row appears in the Static ARP Entries table.
  5. Specify the IP address and MAC address of the device, then click Save.
  6. If the entry is for a misconfigured client, clear the client's ARP table. For ARP to be efficient, each computer caches IP-to-MAC address mappings to eliminate repetitive ARP broadcast requests. There are various public scripts that use the arp command to do the trick.
  7. From any network computer, test that the entry is working. From a command prompt, run arp -a command.
Retrieved from "http://wiki.untangle.com/index.php/Static_ARP_Management"