ARP

This section includes the following topics:

ARP configuration

ARP, Address Resolution Protocol, is used to perform translation between Ethernet addresses (MAC addresses) and IP addresses. The ARP configuration section is used to define static ARP entries (static binding of IP addresses to hardware addresses) or to publish IP addresses with a specific hardware address.

Static ARP items may help in situations where a device is reporting incorrect hardware address in response to ARP requests. Some workstation bridges, such as radio modems, have such problems. It may also be used to lock an IP address to a specific hardware address for increasing security or for avoiding denial-of-service effects if there are rogue users in a network. Note however that such a protection only applies to packets being sent to that IP address, it does not apply to packets being sent from that IP address.

Publishing an IP address using ARP can serve two purposes:
To aid nearby network equipment responding to ARP in an incorrect manner. This area of use is less common.

To give the impression that each interface of the firewall has more than one IP address.

To accomplish the above, the firewall provides responses to ARP requests concerning the IP addresses in published ARP items. The latter purpose is useful if there are several separate IP spans on a single LAN. The computers on each IP span may then use a gateway in their own span by publishing these gateway addresses on the firewall interface.

Another area of use is publishing multiple addresses on an external interface, enabling the firewall to statically address translate communication to these addresses and send it onwards to internal servers with private IP addresses.

The difference between XPublish and Publish is that XPublish "lies" about the sender address in the Ethernet header; this is set to be the same as the published hardware address rather than the actual hardware address of the network adapter.

Note: If a published hardware address is the same as the hardware address of the network adapter, it will make no difference if you select Publish or XPublish; the net result will be the same.

Note: In the ARP section, addresses may only be published one at a time. The Routes section on the other hand, can handle publishing entire networks using Proxy ARP.

ARP configuration

General parameters

Mode – Static, Publish or XPublish.

Interface – Indicates the interface to which the ARP entry applies; e.g. the interface the address shall be published on.

IP Address – The IP address to be published or statically bound to a hardware address.

MAC Address – The hardware address associated with the IP address. If this field is left blank, the network adapter’s local hardware address is used automatically.

Comments - A comment describing the ARP entry.