OpenWrt router cause 'ARP list full' with my ISP

Enig123 · March 1, 2020, 3:20am

Since I use OpenWRT as my main router, it has already happened several times that the Internet service stopped after a firmware upgrade. As I called my ISP service, the technician told me that my 'ARP list is full' and the only way to solve it is to call them and they can reset it on their side.

They also told me it's because I'm using my own router instead of their crappy router that will also need me to pay monthly rent fees.

Anyone who is familiar with this kind of situation can tell me, is there a way, settings in OpenWRT perhaps, from my side that I can do to mitigate the situation?

bill888 · March 1, 2020, 3:26am

What is make & model of router ?
What is version of OpenWrt ?
What is the connection protocol (DHCP, PPPoE) ?
Who is your ISP ?
What is make & model of ISP supplied modem/router?

mbo2o · March 1, 2020, 3:28am

Suspect your ISP only allows one device MAC address. Try setting the MAC address of the openwrt WAN interface the same as that of the ISP device

Enig123 · March 1, 2020, 4:37am

Unfortunately I have returned their router long ago, and cannot get the MAC address.

@mbo2o, my ISP do allow us to use our own router, only emphasized that there may be compatible issues.

Through the calls I made with them, they can always easily tell what kind of router I was using. Before using the RPi 4B as my main router, I used to use Archer C7 v2 and DIR-860L B1.

dlakelan · March 1, 2020, 4:50am

My recommendation is to ask them to reset their ARP list... and then use your RPi4 mac from now on for any router device you connect. Just set the MAC manually for the interface.

Also, this might have something to do with leaky switch. Maybe get a good quality managed switch and put your WAN on a separate VLAN. Commercial managed switches don't leak for the first few seconds when they're turned on.

Enig123 · March 1, 2020, 5:11am

I have a managed switch behind the router, connected to the ethernet port RPi 4B possesses and a usb ethernet dongle is used as WAN.

Can't figure out how would the ARP would have leaked with my configuration.

dlakelan · March 1, 2020, 5:14am

With that config only the USB dongle should show up on your ISP side. On the other hand, when you were using the Archer C7 it was probably leaking MACs every time you restarted it, unless you did the special dance every time (turn everything off, turn on the router... wait for it to boot, then turn on the ISP equipment)

Enig123 · March 1, 2020, 5:20am

Actually I'm only using RPi 4B after last reset from ISP, the only action on the router is several upgrades/reboots. I mean I just can't get it, the ISP should always see exactly the same MAC of my RPi 4B right?

dlakelan · March 1, 2020, 5:29am

that would be what I would expect. this seems suspicious.

Enig123 · March 2, 2020, 5:51am

Guess I will have to practice like this:

Power off router;
Disconnect the ethernet on the WAN side;
Power on router and perform upgrade or else that need reboot;
Connect the WAN ethernet after the router fully reboot.

in order to avoid such issue. I will report back after some time's practice.

lleachii · March 2, 2020, 5:59am

I have an idea to test:

Disconnecting the WAN port and plugging a device that's running Wireshark/tcpdump into it. Reboot the router. See if your LAN devices make DHCP requests once or twice during the process.

dlakelan · March 2, 2020, 2:26pm

He's got a USB dongle on the WAN side so it can't be a leaky switch sending packets from LAN to WAN. this makes things quite suspicious on the ISP side.

Enig123 · March 3, 2020, 1:52am

Dig deeper and guess what I've found?

The arp command in a shell of the router showed my previously used ips with the router's arp;
Command 'ip neigh show' get a more detailed info:

root@OpenWrt:~# ip neigh show
192.168.1.224 dev br-lan lladdr xx:xx:xx:xx:xx:8e ref 1 used 0/0/0 probes 1 REACHABLE
xxx.xxx.79.43 dev eth1 lladdr xx:xx:xx:xx:xx:c0 used 0/0/0 probes 4 STALE
192.168.1.2 dev br-lan lladdr xx:xx:xx:xx:xx:b0 ref 1 used 0/0/0 probes 1 REACHABLE
xxx.xxx.64.1 dev eth1 lladdr xx:xx:xx:xx:xx:c0 ref 1 used 0/0/0 probes 1 REACHABLE
xxx.xxx.66.189 dev eth1 lladdr xx:xx:xx:xx:xx:c0 used 0/0/0 probes 4 STALE
xxxx::8616:f9ff:fe7c:c9b0 dev br-lan lladdr xx:xx:xx:xx:xx:b0 router used 0/0/0 probes 0 STALE
xxxx::219:92ff:fecb:f499 dev eth1 lladdr xx:xx:xx:xx:xx:99 router used 0/0/0 probes 0 STALE
xxxx::5e5e:abff:fed8:fdc0 dev eth1 lladdr xx:xx:xx:xx:xx:c0 router used 0/0/0 probes 0 STALE

in which the mac end with c0 is my router's mac, and mac ended with b0 belongs to the WiFi AP which is another OpenWRT router, the one ended with 8e is a host in the lan.

As you may noticed, the 2 lines with 'probes 4 STALE' in it, the corresponding ipv4 addresses are both the one I have been got.

Without any details on how my ISP set their configurations, what these info can mean? I am just hoping some digging can give more clues on what's wrong on my side, so I can take measures to mitigate the annoying issue.

dlakelan · March 3, 2020, 3:11am

this just shows that your router has had a few different IP addresses through Time. that is probably because the DHCP server is giving you a new IP. that seems like a dumb system in place by the ISP probably to mitigate limited ipv4 space.

whatever the problem is it's on the ISP none of this is seeming strange for your router

system · March 13, 2020, 3:16am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.