1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Static DHCP/ARP

Discussion in 'Tomato Firmware' started by krneki, May 7, 2013.

  1. krneki

    krneki Networkin' Nut Member

    I would like to reserve IP address for a specific device (MAC). I believe that should be done under Basic -> Static DHCP/ARP, but I'm not sure what options "Bound to" and "IPTraffic" actually mean. Should I enable or disable them?
     
  2. Victek

    Victek Network Guru Member

    If you like to monitor the user traffic for this MAC enable it, if not leave blank.
     
  3. krneki

    krneki Networkin' Nut Member

    How about "Bound to" option?
     
  4. Victek

    Victek Network Guru Member

    Option but I'll say mandatory .. it means that the MAC will get always the IP you wrote..
     
  5. philess

    philess Networkin' Nut Member

    I was under the impression that leaving "Bound to" disabled will always give that MAC the specified
    IP address. But if the client does not use DHCP, he can freely pick a IP himself and still get all service
    from the router.
    If "Bound to" is enabled, the router will only accept that client MAC with that IP, if the client
    tries to get service from another (forbidden) IP he will not be able to.
    But i have no clue how exactly that will behave in reality, no service. Its just what i always thought that option means.
     
  6. Trent Bates

    Trent Bates Serious Server Member

    Interesting way to look at it philess! I have also wondered about that option.

    If that is true, the ebtables rule that force an IP/MAC connection wouldn't be necessary.
     
  7. philess

    philess Networkin' Nut Member

    Maybe, but to use "Bound to" you would need to know every guest MAC in advance... not practical.
     
  8. Trent Bates

    Trent Bates Serious Server Member

    I just tested the "bound to" theory and it doesn't seem to work that way. I was able to set up a different static IP for both a wired client and wireless client and browse the web on both. I'm typing this from the wireless on a different IP.
    I'm curious what that option box does!
     
  9. Trent Bates

    Trent Bates Serious Server Member

    I did find one change worth noting.
    By turning off "bound to", a person can now enter a second MAC for that IP.
    I have been wanting to do that for years! All my laptops and now my main TV can have the desired IP whether they are wired or wireless!

    How well and reliably the IP is handed out with two MACs is still to be determined, but that seems to be what "bound to" does. :)
     
  10. philess

    philess Networkin' Nut Member

    Some good explanations on the purpose of this feature here:
    https://secure.dslreports.com/forum/r27866899-ARP-Binding-vs.-DHCP-Address-Reservation
    and http://tomatousb.org/forum/t-323624

    That basically sums it up i guess.

    It doesnt prevent the client from using a different ip, but it adds that entry to the (in this case routers) ARP
    table. You can try it out yourself. Give a static IP to a client (eg 192.168.100.20) and then in Tomato add
    the ARP binding to the clients MAC but to a different IP (eg. .100). You should be able to access and ping
    the client from the router under the "false" ip adress.

    Edit: I can enter 2 different MAC adresses just fine WITHOUT activating that checkbox.
     
  11. Trent Bates

    Trent Bates Serious Server Member

    Interesting info! Thanks!

    philess, try entering two MAC's with the box "checked"/"activated". I can't do that here. I have to "uncheck" the box to type in the lower MAC box.

    [Edit]
    But then, with two MACs I can check the "bound to" box again. :)

    [Edit 2]
    Also, Windows 7 seems to dislike using the same IP for wireless and LAN. (Even if you turn off wireless first.)
     
  12. philess

    philess Networkin' Nut Member

    Yes and i would advice against using this option for 2 interfaces on the same computer or your TV.
    It can cause problems if for example you are using it from LAN with that IP, then you switch to WLAN,
    but everyones ARP table still has the old LAN MAC associated with at IP, and then TV appears with
    that IP suddenly. Sure, most stuff will figure out that the "old" LAN MAC is not responding anymore,
    but i would expect some small problems. And it will never really work if you want to use two
    interfaces at the same time (LAN and WLAN on your Windows laptop). Only if you toggle between them.
     
  13. Trent Bates

    Trent Bates Serious Server Member

    Those are good points. Certainly two client interfaces can't have the same IP at the same time. (<--Disclaimer for anyone reading this.)

    I have to wonder, what is the purpose of being able to enter two MAC addresses for an IP in the first place if not for this scenario? Why wouldn't there only be room for one MAC if that's all that it was meant for?

    I can understand that switching live might cause problems, but it seems like it was designed to handle this issue. If I boot up my laptop wirelessly, I get the same IP I'd get if I'd plugged into a physical port.

    I have watched the device list as I've plugged the TV into the LAN. It changes within a second.

    It's an interesting checkbox. Now that I've seen that the "bound to" box can be checked again after unchecking and entering the second MAC, I still wonder for sure what that option accomplishes.

    I'll have to play with it and see how stable I feel that it is. :)
     
  14. philess

    philess Networkin' Nut Member

    Well i suppose the option to add a second MAC is exactly for that. Devices that have LAN and WLAN.
    And as i said, in reality that will not cause much trouble using it. But i am just a bit sceptical about it,
    while the router itself will almost instantly recognize the new MAC (WLAN) and update its ARP table etc,
    other clients in the same network might not be that quick and still try to reach the old MAC. Until they
    are told by the router that now a different MAC has that IP... Again, it will very likely work fine.

    I just dont like it :)
     
  15. Trent Bates

    Trent Bates Serious Server Member

    Understood and respected! ;)
     
  16. jerrm

    jerrm Network Guru Member

    The router is not involved in address resolution on the client PCs. It does not notify the client PCs of any MAC changes. ARP on the clients handle that directly.
     
  17. philess

    philess Networkin' Nut Member

    Oh right, i forgot about broadcasts haha!
     
  18. Kevin Darbyshire-Bryant

    Kevin Darbyshire-Bryant Networkin' Nut Member

    I suggest you gentlemen have a look at the dnsmasq man page (yes it's dnsmasq again - you're favourite DNS, DHCPv4, DHCPv6 & RA handler) Mapping 2 MAC addresses to a single IPv4 address is expressly designed as a 'LAN/WLAN interface get the same IP' solution. You're not supposed to have both interfaces live at the same time - things go awry as you'd expect.

    As regard the static 'bound to' of MAC to IP, forces an entry in the router's ARP table....no idea what this is really for. Annoys me, as the devices status page shows the device as permanently heard on the 'br' interface.

    Someone I'm sure knows what this is really for :)
     
  19. gfunkdave

    gfunkdave LI Guru Member

    Read the notes at the bottom of the page. If the ARP binding is checked, you can have only one MAC address. Typing in a second and then checking the box either makes the router ignore the second MAC or something else.


    I think that the individual MAC-IP ARP checkboxes only have an effect if the "Enable static ARP for all devices on list" is also checked on the bottom.

    Yes, since I suspect that status page pulls from the router's current ARP table. You can still see if DHCP devices are actually connected by looking to see if there's a value in the rightmost Remaining Lease Time field in the active devices for that device.
     
  20. philess

    philess Networkin' Nut Member

    Thank you both for more insight into this!

    Yes i have suspected DNSmasq being behind this again hehe, but i couldnt find anything at a quick look
    at the online man page for it (probably shouldve scrolled through it all instead of searching for "bound").

    The Dual-MAC option makes sense to me. But simply as i mentioned to Trent Bates, it feels a bit hmm "unkosher"
    to me haha. But i am sure it works fine, no doubt. Maybe it is because i always expect the dumbest possible
    enduser, trying to use LAN and WLAN at the same time then... I remember a "long" time ago that was actually
    possible in Windows and ofcourse it didnt went well.
     
  21. FlashSWT

    FlashSWT LI Guru Member

    It works great! I have this setup on all my computers at home. However under OS X I also use network "Locations" so that only one interface is active at a time.

    On my MBP for example, I can change locations from wireless to ethernet and the computer grabs the same IP right away. In most cases I don't even lose network mounts (either a server mounted on the laptop OR the laptop's HD mounted on another computer through file sharing).
     
  22. Eddie55

    Eddie55 Serious Server Member

    do you need to have DHCP enabled for static ARP to work or does having static ARP bypass need for DHCP?
     

Share This Page