C3510XZ router, how do you flush the ARP cache without a factory reset?
Have a Zyxel C3510XZ router on Quantum Fiber. Everything is running well except I cannot re-use private range IP addresses for days because the router's ARP cache will not release bindings. For example:
I create a VM on my server on a private static IP 192.168.1.10, for example a SMB server that needs to be on a static. The MAC address on the server's NIC is AA:AA:AA:AA:AA:AA. The router puts this MAC in the table for 192.168.1.10.
After some testing I wipe the server and build a new one at the same IP, MAC address BB:BB:BB:BB:BB:BB. The new machine now cannot communicate with anything outside its local broadcast domain. I look in the router's ARP table through the control panel and see the old MAC in there locked to the IP and no way to change it or flush the cache.
I have asked this question repeatedly to Quantum and their only advice is to reset the router to factory defaults, which is unacceptable as it would destroy all my other settings and I can't just rebuild my configuration every time I need to put a new machine on a previously used static IP. Is there a way to flush the ARP cache or just remove one entry from it? I cannot find anything in the control panel or going through the CLI menus over SSH. Thanks.
All Replies
-
Hello,
If your VM is a VMware ESXi then the following article might help with NOTIFY SWITCH option being set on the VM.
See https://kb.vmware.com/s/article/90045
There can also be Windows 10 issues with gratuitous ARP on VMs, see
https://noelalvarez.net/microsoft-windows-10-false-duplicate-ip-address-detected/
I hope that this is helpful.
Kind regards Tony
0 -
Thanks. The VM (this time) is a Debian VM not W10. I went in and enabled Notify Switch on the vSwitch to send gratuitous ARPs but it had no effect. The ARP cache on the router stays the same. I'm pretty sure this is a problem that could be solved either with an ARP flush command or (less good) a change to the ARP timeout value in the router.
1 -
Maybe. but do you want a workaround for now? @muranternet
There is also a way to send a gratuitous ARP on (Debian) Linux by using arping -U , see point 9 at https://www.baeldung.com/linux/arping-command#:~:text=We%20can%20use%20the%20%2DU,neighboring%20hosts%20ask%20for%20it.
Kind regards Tony
0 -
Thanks, but gratuitous ARP still does not cause the C3510XZ to update its ARP table. I did the following (the new address I had to use was 192.168.1.11, the locked address is 192.168.1.10):
sudo apt install iputils-arping
(changed IP address to 192.168.1.10 in /etc/network/interfaces, rebooted)
ip add (to confirm new address)
ping 8.8.8.8 (fail)
(check the arp table in the modem, unchanged, old bad MAC address still there)
sudo arping -U -s 192.168.1.10 192.168.1.1 (this worked, got ARP responses from the router)
ping 8.8.8.8 (fail again)
(check the ARP table again, nothing has changed)
I think at this point there is an SSH command that flushes the ARP cache in the router that someone at Zyxel can tell me about, or I have to find a new router that works with my ONT that fixes this problem.1 -
Maybe. @muranternet
Before I let Zyxel employees step in, I wonder if arping -A command might work...
See choice 10 at https://www.baeldung.com/linux/arping-command
10. Sending Only ARP Replies
Using arping with the -A option also updates the ARP table of the destination host. However, it doesn’t use unsolicited ARP but uses ARP reply as if an ARP request were made:
$ arping –A -c 1 192.39.59.17 ARPING 192.39.59.17 from 192.39.59.17 eth0 Sent 1 probes (1 broadcast(s)) Received 0 response(s)Copy
Since arping sends an ARP reply, in this case, we don’t get any responses. We observed this behavior in the last line of the output, Received 0 response(s). arping set the source IP address to the destination IP address as it did with the –U option.
Kind regards Tony
0 -
Tried this as well, no good. Changed IP address to .10, used sudo arping -A -s 192.168.1.10 192.168.1.1, no responses as expected but the ARP cache did not update.
1
Guru Member
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 79 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 909 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 209 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 898 Nebula FAQ
- 415 Security FAQ
- 234 Switch FAQ
- 205 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight
