Re: Internet IP address arp to single local MAC

ratha chum · ‎06-04-2020

Today I get a problem with internet access for some users and some destination and I show arp on router found that public IP address has been mapped to a local MAC address of a router in my network. more than 10000 IP addresses have been map. bellow is just a small part of the show arp output.

Internet 216.200.232.216 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.200.232.221 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.200.232.234 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.200.232.235 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.229.0.50 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.32.21 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.32.27 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.32.52 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.32.116 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.32.117 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.34.21 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.34.117 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.35.0 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.35.4 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.35.8 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.35.12 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.36.21 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.36.54 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.36.117 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.38.21 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 216.239.38.117 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.10.52.40 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.12.223.30 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.20.114.208 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.70.180.137 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.11.101 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.11.102 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.11.103 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.11.104 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.11.107 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.11.108 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.11.125 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.11.126 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.133 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.134 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.135 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.136 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.137 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.138 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.139 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.140 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.146.12.141 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.156.250.72 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.156.250.128 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.160.0.61 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.160.86.75 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.170.205.15 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.182.126.162 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0
Internet 217.182.200.20 29 188b.9dcf.15a0 ARPA FastEthernet0/0/0

what is a possible problem?

Giuseppe Larosa · ‎06-04-2020

Hello @ratha chum ,

the router with MAC 188b.9dcf.15a0 has proxy ARP enabled and one or likely multiple devices use a configuration like

ip route 0.0.0.0 0.0.0.0 <interface-name>

instead of using a static route with a next-hop

As a result of a static route pointing to a LAN interface the downstream device(s) need to ARP for every different destination just to get the same answer the MAC address of the router upstream.

To fix this the downstream device(s) default static route must specify the IP next-hop of the device upstream so that they will do a single ARP request for the IP address of the next-hop instead of doing one for each possible internet address.

Hope to help

Giuseppe