ARP table

RouterOS Beginner Basics
1

If the Mikrotik is operating as a layer 2 bridge the only ARP traffic destined to or from the Mikrotik will be for its management and the gateway addresses, typically you would have a single ARP table entry on the Mikrotik for the gateway. The gateway ARP table will contain entries for all of the client devices and the Mikrotik.

2

I’m not sure how the entries have appeared in the Mikrotik ARP table unless those devices have been attempting IP communications with it.

The Mikrotik ARP modes are detailed in the manual https://help.mikrotik.com/docs/spaces/ROS/pages/100892687/ARP#ARP-ARPModes. There is no equivalent to the ARP-Request mode you mention, I’m not sure why you would want or need it.

3

Depending on setup, MAC addresses of “neighbouring” devices can be in different places:

  1. /ip/arp/print
    As already mentioned, this table contains MAC addresses and IP addresses of devices, which somehow communicated with RB device on IP layer.
    Values in Status column are explained in this article: https://help.mikrotik.com/docs/spaces/ROS/pages/100892687/ARP
  2. /interface/bridge/host/print and/or /interface/ethernet/switch/host/print
    These tables contain MAC addresses (but not IP addresses) of devices communicating through RB device. They are FDB tables of bridge and switch chip respectively. The later is only populated if bridge is somehow offloaded to switch chip (either because bridge configuration allows automatic offload or because configuration explicitly configures switch chip).

Table, mentioned in bullet #1, can only be updated if device actually communicates with RB device … because it’s L3 table.

[edit] a typo

4

[quote=wfburton post_id=1110965 time=1732472944 user_id=215408]
I do have the mikrotik router acting as a dns server, basically a caching server.
[/quote]

Why? If the Mikrotik is configured in bridge mode it is acting as a switch, I would expect all of the usual gateway functions (DHCP, DNS, firewall) to be handled by your WatchGuard device.



If the Mikrotik is providing some IP services rather than merely operating as a switch there will be ARP table entries for devices on the same L2 network communicating with it.