Community discussions

MikroTik App
 
User avatar
bobr
just joined
Topic Author
Posts: 14
Joined: Fri Feb 13, 2015 4:27 pm

What is ARP-published feature for?

Mon Jun 22, 2015 5:12 pm

Hi guys!
Can anyone "to drop some light" on such a question like: what for is ARP-published feature? And why the MAC-address field becomes readonly when I choose it?
 
Feklar
Forum Guru
Forum Guru
Posts: 1724
Joined: Tue Dec 01, 2009 11:46 pm

Re: What is ARP-published feature for?

Mon Jun 22, 2015 9:42 pm

For the MAC address, you edit by the command line, I don't know why it's not accessible by Winbox, but as far as I know it's never really been available.

ARP stands for address resolution protocol, it is used as part of IPv4 to tie MAC addresses to IP Addresses so that devices can communicate over layer2. The options available for ARP in a MikroTik are, and what they do is:
Disabled:do not reply to ARP requests on this interface
Enabled:reply to ARP requests normally on this interface
Proxy-arp:reply to all ARP requests on this interface as if you owned every IP address
Reply-only:only reply to ARP requests from MAC addresses that are in your ARP table on this interface
 
User avatar
bobr
just joined
Topic Author
Posts: 14
Joined: Fri Feb 13, 2015 4:27 pm

Re: What is ARP-published feature for?

Tue Jun 23, 2015 12:17 am

For the MAC address, you edit by the command line, I don't know why it's not accessible by Winbox, but as far as I know it's never really been available.
I don't quite understand. What do you mean saying "it's never really been available"? And what benefits gives me "published" option when I'm editing MAC address from command line? I think this option is supposed to do something else...
 
VK2XXY
newbie
Posts: 25
Joined: Mon Jun 15, 2015 5:01 am

Re: What is ARP-published feature for?

Tue Jun 23, 2015 8:53 am

what for is ARP-published feature
Proxy-Arp.

Lots of info on the web.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10195
Joined: Mon Jun 08, 2015 12:09 pm

Re: What is ARP-published feature for?

Tue Jun 23, 2015 10:36 am

I would recommend reading some text on internet what ARP is for, and about "proxy arp".
When you don't have detailed knowledge about ARP and a specific use case, you normally do not need to
configure anything in the ARP screen.
 
User avatar
boen_robot
Forum Guru
Forum Guru
Posts: 2400
Joined: Thu Aug 31, 2006 4:43 pm
Location: europe://Bulgaria/Plovdiv

Re: What is ARP-published feature for?

Tue Jun 23, 2015 12:59 pm

@Feklar, @pe1chl

The question is not about the "arp" setting of interfaces. It's about the "published" setting in "/ip arp" items, introduces somewhat silently in recent RouterOS versions, and which isn't yet documented in the manual.
arpPublished.png
You do not have the required permissions to view the files attached to this post.
 
iRSS
just joined
Posts: 5
Joined: Tue May 12, 2015 2:29 pm

Re: What is ARP-published feature for?

Wed Jun 24, 2015 4:23 pm

@Feklar, @pe1chl

The question is not about the "arp" setting of interfaces. It's about the "published" setting in "/ip arp" items, introduces somewhat silently in recent RouterOS versions, and which isn't yet documented in the manual.
arpPublished.png
I wonder the same thing. There's nothing on manual.
 
User avatar
bobr
just joined
Topic Author
Posts: 14
Joined: Fri Feb 13, 2015 4:27 pm

Re: What is ARP-published feature for?

Tue Jun 30, 2015 12:11 pm

@Feklar, @pe1chl

The question is not about the "arp" setting of interfaces. It's about the "published" setting in "/ip arp" items, introduces somewhat silently in recent RouterOS versions, and which isn't yet documented in the manual.
That's exactly what I've meant!
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: What is ARP-published feature for?

Tue Jun 30, 2015 12:32 pm

ARP "pub" or published ARP = static ARP entry (proxy-arp).
 
User avatar
boen_robot
Forum Guru
Forum Guru
Posts: 2400
Joined: Thu Aug 31, 2006 4:43 pm
Location: europe://Bulgaria/Plovdiv

Re: What is ARP-published feature for?

Tue Jun 30, 2015 12:41 pm

ARP "pub" or published ARP = static ARP entry (proxy-arp).
So if I'm reading that correctly...

If on that item's interface, the "arp" setting is "proxy-arp", then "published=no" would mean the router won't act as proxy-arp for that item, and "published=yes" would mean it will act as proxy-arp for it?
(And otherwise, this setting is ignored)
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: What is ARP-published feature for?

Tue Jun 30, 2015 12:48 pm

You'll never see a dynamic ARP entry with pub flag set AFAIK, if there's one It means you added a static entry for proxy-arp.

This can be useful in some situations like ppp tunnels (ages has passed since there's no need for it) or for WOL to work for example.

The pub flag is to set static proxy-ARP entries. This gives you more granularity (no need to set proxy-arp on the interface itself for all the MACs to be proxy-arp'ed)
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: What is ARP-published feature for?

Wed Feb 22, 2017 1:45 pm

Almost two years passed, still no info in the manual.

MT guys, please make some official statement :)
 
User avatar
TomjNorthIdaho
Forum Guru
Forum Guru
Posts: 1493
Joined: Mon Oct 04, 2010 11:25 pm
Location: North Idaho
Contact:

Re: What is ARP-published feature for?

Wed Feb 22, 2017 3:41 pm

Just had to plug in a statement here;

In any local network where the networked devices are in the same IP subnet. You don't really talk IP address to IP address, you actually talk MAC to MAC address - thus one of the reasons I really like Winbox.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10195
Joined: Mon Jun 08, 2015 12:09 pm

Re: What is ARP-published feature for?

Wed Feb 22, 2017 7:24 pm

Almost two years passed, still no info in the manual.
There are a lot of basic network principles that are not in the manual.
You should know what "arp publish" is, and if not you should google for it....
It is a bit like proxy arp, but in this case it is a static ARP entry. So you make a static ARP
entry and when others query it, your router will answer with the info from the ARP entry. Hence "publish".
 
User avatar
TomjNorthIdaho
Forum Guru
Forum Guru
Posts: 1493
Joined: Mon Oct 04, 2010 11:25 pm
Location: North Idaho
Contact:

Re: What is ARP-published feature for?

Wed Feb 22, 2017 7:38 pm

I just have to make another plug here ...
Know what happens when you have two different network cards with the same MAC address (aka same ARP) where both network cards are in the same subnet ?

I learned this one the hard way - a manufacturer of network cards sent me to cards with the same MAC.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10195
Joined: Mon Jun 08, 2015 12:09 pm

Re: What is ARP-published feature for?

Wed Feb 22, 2017 7:52 pm

Well that depends a bit on what the systems are exactly. When they are only hosts (not routers) and they use static addresses (no DHCP)
it can sort of work OK. Of course the CPU load will be higher as both systems receive the traffic for both of them, then discard it because
the destination IP is not their IP. (normally the ethernet hardware filters traffic based on MAC address but this obviously is the same)

However, when the systems are routers, use DHCP, or otherwise have more functionality it can be a big problem.
Some MikroTik users know about this because they restored backups from another router (e.g. as a starting point for configuration).
This will also copy the MAC address -> funny problems.
 
User avatar
ploquets
Member Candidate
Member Candidate
Posts: 162
Joined: Tue Nov 17, 2015 12:49 pm
Location: Uruguaiana, RS, Brazil
Contact:

Re: What is ARP-published feature for?

Sat May 05, 2018 2:43 pm

You'll never see a dynamic ARP entry with pub flag set AFAIK, if there's one It means you added a static entry for proxy-arp.

This can be useful in some situations like ppp tunnels (ages has passed since there's no need for it) or for WOL to work for example.

The pub flag is to set static proxy-ARP entries. This gives you more granularity (no need to set proxy-arp on the interface itself for all the MACs to be proxy-arp'ed)
If this is the real case, than this could go to the Wiki.
Very well explained.
 
bbs2web
Member Candidate
Member Candidate
Posts: 232
Joined: Sun Apr 22, 2012 6:25 pm
Location: Johannesburg, South Africa
Contact:

Re: What is ARP-published feature for?

Sun Aug 19, 2018 6:46 pm

Documentation from MikroTik would be appreciated, perhaps this is a bug?

We have a 10.1.1.0/28 subnet, where the router has 10.1.1.1, some hosts have 10.1.1.3 and 10.1.1.4. We route 10.1.1.2 to the nearest caching dns server, outside of this vlan.

Everything outside of the 10.1.1.0/29 subnet can communicate with either the hosts in the subnet or 10.1.1.2. Everything in the subnet, apart from the router, are unable to reach 10.1.1.2 as they don't receive an arp query response.

Adding an additional IP to the router would result in it not forwarding traffic via the 10.1.1.2 host route. Packets with a destination IP present in that router are processed locally so traffic isn't forwarded.

Enabling the local-proxy arp feature on the router's interface for this subnet works perfectly, except that the router responds to any and all ARP queues, albeit within 10.1.1.0/29.

I would like to disable local-proxy arp and specifically only have the router respond to arp queries for it's own IP and the 10.1.1.2 IP.

The following unfortunately does not work:
/ip arp add interface=hosting address=10.1.1.2 published=yes
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: What is ARP-published feature for?

Sun Aug 19, 2018 8:51 pm

If:

- 10.1.1.0/28 is on interface "hosting"
- this router has more specific route to 10.1.1.2

then it should work.
 
bbs2web
Member Candidate
Member Candidate
Posts: 232
Joined: Sun Apr 22, 2012 6:25 pm
Location: Johannesburg, South Africa
Contact:

Re: What is ARP-published feature for?

Mon Aug 20, 2018 8:12 am

That is how it's configured and it is working, but it requires the 'hosting' interface to be configured with 'arp=local-proxy-arp'.

I would like to selectively proxy-arp, exclusively for 10.1.1.2. The IP ARP publish feature should do this, in that it should responds to ARP queries but doesn't place this IP in the local address table (as would happen when adding a secondary IP), which would result in the router then routing according to the more specific route.

What people in this discussion are hoping for, is clarification from MikroTik on the '/ip arp add ... published=yes' feature. It currently doesn't work, as we've assumed, but no one is sure if this is due to it being buggy.

- 10.1.1.0/28 is on interface "hosting"
- this router has more specific route to 10.1.1.2

then it should work.
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: What is ARP-published feature for?

Tue Aug 21, 2018 1:33 pm

Not sure If I understood your scenario.

10.1.1.2 is a Caching DNS server? if so, let's say it's MAC is AA:BB:CC:DD:EE:FF.

You need to publish the entry with the MAC of the real device having 10.1.1.2, on the interface where the queries will come.
/ip arp add interface=hosting address=10.1.1.2 mac-address=AA:BB:CC:DD:EE:FF published=yes
 
pe1chl
Forum Guru
Forum Guru
Posts: 10195
Joined: Mon Jun 08, 2015 12:09 pm

Re: What is ARP-published feature for?

Tue Aug 21, 2018 1:50 pm

Not sure If I understood your scenario.

10.1.1.2 is a Caching DNS server? if so, let's say it's MAC is AA:BB:CC:DD:EE:FF.

You need to publish the entry with the MAC of the real device having 10.1.1.2, on the interface where the queries will come.
/ip arp add interface=hosting address=10.1.1.2 mac-address=AA:BB:CC:DD:EE:FF published=yes
No that is not correct, for this application you need to put the MAC address of the router itself in the entry.
 
User avatar
TomjNorthIdaho
Forum Guru
Forum Guru
Posts: 1493
Joined: Mon Oct 04, 2010 11:25 pm
Location: North Idaho
Contact:

Re: What is ARP-published feature for?

Tue Aug 21, 2018 7:12 pm

I just have to make another plug here ...
Know what happens when you have two different network cards with the same MAC address (aka same ARP) where both network cards are in the same subnet ?

I learned this one the hard way - a manufacturer of network cards sent me to cards with the same MAC.
It is OK to have two different network cards with the same MAC address - providing they are NOT on the same IP network.

It is never OK to have an IP network with two or more devices with the same MAC address.


North Idaho Tom Jones
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: What is ARP-published feature for?

Thu Aug 23, 2018 4:11 am

@bbs2web: No, you don't need any kind of proxy ARP on interface. I use published ARP entries and I specifically like it, because it's selective and I can have proxy ARP only for IP addresses I want, unlike per-interface proxy ARP which answers to anything.

I just tested it right now:
# no proxy ARP on interface:
/interface ethernet
set [ find default-name=ether1 ] arp=enabled ...
# addresses:
/ip address
add address=192.168.80.183/24 interface=ether1
add address=192.168.10.1/24 interface=ether2
# route part of ether1 subnet somewhere else:
/ip route
add dst-address=192.168.80.224/27 gateway=192.168.10.2
# proxy ARP for selected addresses:
/ip arp
add address=192.168.80.230 interface=ether1 published=yes
add address=192.168.80.240 interface=ether1 published=yes
When 192.168.80.x device connected to ether1 tries to access anything in 192.168.80.224/27, router answers with own MAC address only for .230 and .240.

Truth is, there must be some difference between this and per-interface proxy ARP. For example, per-interface proxy ARP will work even without any IP address assigned to ether1, while published ARP entry is shown as invalid and doesn't work. Also in the past, I've seen different treatment of different route types (reachable, blackhole, ...), but I can't reproduce that now.
 
cyberzeus
just joined
Posts: 2
Joined: Mon Nov 13, 2017 3:11 am

Re: What is ARP-published feature for?

Tue Sep 11, 2018 6:59 pm

Just in case there are still some lingering questions about this...

PUBLISHED means proxy-arp --- and NO, this is NOT the same thing as a static ARP entry. Proxy usually requires a static ARP entry but it is not the same thing.

The difference is this:

PROXY ARP means a device will respond to ARP requests for some other device.
STATIC ARP means a static ARP entry is pre-configured ion some device - i.e. the ARP entry will not change over time even if the device's IP\MAC relationship changes.

These two features work hand in hand but are not required to be used together. For example, one can have a static ARP entry and not enable proxying.

Who is online

Users browsing this forum: Bing [Bot], Joseph and 82 guests