I have set up my router and everything is working. What I have not been able to determine is why I see my private ARP requests on the “public” internet side. I must have a parameter wrong somewhere. I have a static public IP on eth1 and private network on the other ports. In looking at the dynamic ARP table everything is on the correct port. Should I have disable ARP on the public port?
Thanks
Disabling ARP shouldn’t be neccessary. If you disable ARP on ether1, your router won’t be able to learn the MAC address of it’s default gateway, and you’d then have to create a static ARP entry for it.
How are you seeing the unexpected ARP requests? In a packet capture?
Yes. I see the requests in a packet capture.
Assuming that your sniffer is running on the Mikrotik itself, and also assuming that you’ve correctly limited the scope of the sniffer to listen on only ether1 - If you see your internal ARP traffic on the WAN interface, and the source MACs of these ARP requests are the actual MACs of the internal computers, this means that there is a bridge somewhere in your configuration. Check your bridging and switching configurations to make sure that the WAN interface is not included in any of them… also make sure there’s not a physical bridge - i.e. a switch that’s connected to your modem, your mikrotik’s wan interface, AND the lan network…
Hey Thanks for the response:
I am doing the sniffer from the WAN side and not using MikroTik. I have no switches nor bridges connected on the MikroTik side to the WAN side. In the MikroTik I have no bridges specified, the section is empty. In the switch section there is an entry for switch and the Atheros chip and when I go to Host under the switch tab I see many of my private devices listed and the ports on the MikroTik but they are all dynamic. I do not think I created the switch entry and I cannot delete it. I looked at PORT on the switch tab and all of my MikroTik physical ports are listed. Not sure where this came from.
Thanks
The switch is a built-in hardware switch. You didn’t create it - it’s really in the router. Just like ether1, ether2, etc are really in the router also.
If you never made any settings in the switch menus, then the defaults are fine.
Check in the interfaces > ethernet configuration - each interface has a setting “master port” - this is how to define which ports are “bridged” automatically by the switch chip. If ether3 is set with ether2 as its master port, then any configurations you put on ether2 will also include ether3. Anything you plug into ether3 will be directly visible from anything plugged into ether2 - just like if you used an unmanaged netgear switch or something like that.