Community discussions

MikroTik App
 
User avatar
broderick
Member Candidate
Member Candidate
Topic Author
Posts: 242
Joined: Mon Nov 30, 2020 7:44 pm

ARP Modes

Sat Apr 30, 2022 2:02 pm

Hi,
I think it's time for me to go deeper into ARP modes.
I read the Mikrotik wiki about that, but I sitll haven't completely understood what Proxy ARP, Reply Only, and Local Proxy Arp are really for,
and in which case they might come in handy.
Would someone be so kind as to explain me that please?
Thanks
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: ARP Modes

Sat Apr 30, 2022 2:15 pm

Did you read here https://wiki.mikrotik.com/wiki/Manual:IP/ARP#Summary
Also, on proxy-arp the photo missing is this one here viewtopic.php?t=71721 might help you understand
 
User avatar
broderick
Member Candidate
Member Candidate
Topic Author
Posts: 242
Joined: Mon Nov 30, 2020 7:44 pm

Re: ARP Modes

Sat Apr 30, 2022 2:31 pm

Did you read here https://wiki.mikrotik.com/wiki/Manual:IP/ARP#Summary
Also, on proxy-arp the photo missing is this one here viewtopic.php?t=71721 might help you understand
I had read this webpage:

https://help.mikrotik.com/docs/display/ ... ket_mylist

Thanks
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: ARP Modes

Sat Apr 30, 2022 2:35 pm

ARP, Address Resolution Protocol, permit to obtain MAC address from one IP.
Why?
The IP protocol work at layer 3, but the IP packet, from example to one ethernet to another, must be send with at least right destination MAC address.
The interface or the OS do not know what are the MAC address of remote device, but at least know the IP.
ARP permit to the OS to know what MAC have the remote device, using the IP.

If on the remote device the interface has ARP disabled, it does not communicate which MAC it has,
and for communicate with that device, a static MAC/IP corrispondence must be set on both remote and local devices.
This an be used for "hide" some device or for security settings...

If the ARP is enabled, MACs are discovered automatically and are added dynamic entries (with some timeout) added to the ARP table.
This is the normal behavior

If the interface act as Proxy ARP, acts as a transparent ARP proxy between different networks that the same interface can reach.
For example if you do a VPN between your PC and the office, you can browse remote LAN like is local, maintaining the same IP remote address pool
(no NAT, no Routes, etc.)

If the interface have reply-only ARP, reply only to his own MAC/IP but do not collect and do not request other MAC/IP
This device for reach other devices must have static ARP entry, but is reachable from other devices on LAN.
For example this can be used if the device must reply only to some specific static ARP entries, but must be visible from everyone.

If the interface have local proxy ARP set, it act like a proxy ARP, but the difference is: everytime reply with is own MAC address instead of the remote MAC
(act like a Acccess Point with Universal Repeater active, all device on DHCP have same MAC but differents IPs...)
With this settings all traffic pass inside "CPU" and is possible to do more checks and apply rules, the interface act as local MAC proxy and direct devices communication are impossible.

Probably my description is full of errors, but I hope help you to understand better.
 
User avatar
broderick
Member Candidate
Member Candidate
Topic Author
Posts: 242
Joined: Mon Nov 30, 2020 7:44 pm

Re: ARP Modes

Sat Apr 30, 2022 5:27 pm

...
If the interface have reply-only ARP, reply only to his own MAC/IP but do not collect and do not request other MAC/IP
This device for reach other devices must have static ARP entry, but is reachable from other devices on LAN.
For example this can be used if the device must reply only to some specific static ARP entries, but must be visible from everyone.

...
Ok, the picture helps me a lot.
Much clearer now. Still some doubt about the reply-only ARP feature though.
Thanks
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: ARP Modes

Sat Apr 30, 2022 7:38 pm

Much clearer now. Still some doubt about the reply-only ARP feature though.
The Router will only reply to its own MAC address.
Other than that, you have to manually add ARP entries in the ARP Table for the rest of the LAN devices you want to communicate with.
 
User avatar
broderick
Member Candidate
Member Candidate
Topic Author
Posts: 242
Joined: Mon Nov 30, 2020 7:44 pm

Re: ARP Modes

Sun May 01, 2022 11:48 am

Much clearer now. Still some doubt about the reply-only ARP feature though.
The Router will only reply to its own MAC address.
Other than that, you have to manually add ARP entries in the ARP Table for the rest of the LAN devices you want to communicate with.
hmmm, meaning that the router (on that interface) won't provide any arp resolution of other devices in the LAN other than its own?

Thanks
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 2990
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: ARP Modes

Sun May 01, 2022 8:40 pm


The Router will only reply to its own MAC address.
Other than that, you have to manually add ARP entries in the ARP Table for the rest of the LAN devices you want to communicate with.
hmmm, meaning that the router (on that interface) won't provide any arp resolution of other devices in the LAN other than its own?

Thanks
in reply-only mode the router will not learn dynamically any new arp entry

only manually set arp entries will be active

but even so router provides arp reply to any host arp request normally
 
User avatar
broderick
Member Candidate
Member Candidate
Topic Author
Posts: 242
Joined: Mon Nov 30, 2020 7:44 pm

Re: ARP Modes

Mon May 02, 2022 10:43 am

ah ok. I think I've understood it now. Thanks

Who is online

Users browsing this forum: EmuAGR, LeoNaXe and 45 guests