hello guys,
i have a little problem that was not exist before.
i block unwanted customers from the ARP , my Local interface is set to “reply-only” and i’m adding my customers ips on ARP with it’s own MAC address and if any unwanted customers set the same ip as an active customer it wont work cz the ARP block the strange mac address. suddenly this is not working with me anymore when i put an active ip to any pc on my network it can access the internet even with a different mac address from the one specific for this ip on the ARP. so any idea about how can i solve this problem.
i’m using mikrotik 2.9.27
best regards
in 2.9.27, i faced situation, when one ip-address may contain 2 arp records with different mac-addresses. upgrade RouterOS to latest version
You may want to consider using a different method for controlling access, for example, a mac filter. If the legitimate customer is not online, and traffic comes in for that IP address, it will end up being flooded to all your bridged ports within your network as the router will not drop the traffic until it gets a response to an arp query, and the bridging devices within your network will flood traffic to an unlearned mac out all ports but the one the frame came in on.
I believe that a rogue user could also set their interface to promiscuous mode and surf, with their inbound traffic being flooded to the local broadcast domain, but I suppose that if a user is that sophisticated and intentional, they could also spoof mac addresses and couldn’t really just get away with claiming ignorance.