ARP static records and ARP reply-only on interface problem

PhilipLykov · February 8, 2013, 9:36pm

We have interface with ARP reply-only, DHCP server which issue static-only addresses. Also we have static ARP records for these addresses. But this combination doesn’t work as expected: after restart of Mikrotik no ping to devices, but when we delete static record, change ARP type to enable on interface - it creates new ARP record and works perfectly. Then we do “make static” for this ARP record, change ARP type to reply-only again and it still works, but for about 30 minutes only.
For some interfaces procedure of disable-enable of interface helps. For some interfaces there are no such problems.

We used latest stable version of RouterOS and latest 6.0 RC.

WTF?

PhilipLykov · February 11, 2013, 4:14pm

I found that Mikrotik work inadequate with ARP: there is ARP enabled in the interface settings, we ping from Mikrotik another device, ARP record creates on Mikrotik, ping doesn’t work, we send ARP ping → first packed without reply, second and all other with normal reply, then all communication works perfectly with this host.

Are all these problems with Mikrotik and ARP appears at me only?

Chupaka · February 12, 2013, 10:09am

try to remove static records and set ‘Add ARP for Leases’ in DHCP Server

PhilipLykov · February 12, 2013, 1:00pm

Then it works. Also mikrotik reboot helps. But why?

Chupaka · February 12, 2013, 1:59pm

look at FDBs on your switches, for example - maybe the reason is somewhere there

you can also add static ARP entry on the client and check whether the problem persists

PhilipLykov · February 12, 2013, 2:04pm

I suppose that problem may be in switch, but we have HP ProCurve switches with limited management functionality. All what I can see there is mac address table, and there are nothing wrong.

Chupaka · February 12, 2013, 2:08pm

check the table when ping does not work

PhilipLykov · February 12, 2013, 2:13pm

I checked: there are all right.
I find another problem: when I ping from ip address of Mikrotik - there is no answer, but when I ping from other IP (client behind Mikrotik on other IP network) - everything works fine. May be there is a problem with ARP answers from Mikrotik.

Chupaka · February 12, 2013, 2:25pm

maybe. you can check it with Tools → Packet Sniffer

PhilipLykov · February 12, 2013, 9:54pm

RESOLVED: “We cannot ping host, then we make ARP ping, then we can ping that host for some time.”
The source of problem is DHCP-snooping on HP ProCurve switch. Why does it work in such manner I don’t know, because there is no ip source-lockdown enabled and DHCP snooping should be passive.

But we STILL have a problem:
“We have interface with static-only ARP, we have manually created ARP records on Mikrotik for it, we change type of ARP on interface to ENABLE, there is no communication on it till reboot of Mikrotik”.

I believe that it’s a bug.

calman · August 8, 2013, 8:20pm

We have similar problems with hp-ProCurve , adding multiple ip on the interface, only responds the first ip added.
but not problems doing the same with a windows laptop. I tried with diferent routerboards 6.x.
The same configuration with cisco switch work’s well…