Greetings,
My Routerboard is consistently making ARP requests for non-existent hosts on my network. That is, I own the IP block, but there is nothing assigned to the IP in question.
As far as I can tell something on the Internet is making a request or pinging this IP.
However, I’m a little confused as to why the MikroTik keeps asking the network who has…?
Shouldn’t it remember nothing was there?
Is there anything I can do to keep this ARP traffic down? I actually have a good deal of it.
It’s expected behavior that the router tries to ARP for all directly connected IP addresses it receives traffic for, but that aren’t already in its ARP table.
To prevent this drop that IP traffic in the forward chain of the firewall filters. If you do that, the router won’t try to forward that traffic, and won’t try to ARP for the destination hosts. Alternatively - though this arguably scales even less - turn off dynamic ARP on the interface and make static ARP entries for all existing hosts. At that point the router will automatically drop the packet if there is no static entry in the ARP table.
I understand both of those points. I was asking if there is any kind of negative ARP cache. There’s no reason to keep ARPing for a host that isn’t on the network.
There is not.
Could someone not cause a DoS by repeatedly pinging addresses that aren’t assigned?