Hello everyone,
I have been doing some research and looking on the forums and on Mikrotik Wiki Page. On how to do a static IP ARP MAC binding. I want to do this on a Mikrotik 4011 that is converted over into a Switch.
This is what I have done so far, I go into Winbox > IP > Arp > Add = IP Address > MAC Address > Interface = Port 8. However when I do this, it doesn't work, when I add the command it Reds out the information, telling me that this is invalid. I also made sure to goto Interface > Open Port 8> ARP Settings > Set to Reply-Only.
This still doesn't work.
What I have found out that the only way to get this to work, is to take Port 8 off my bridge, set a static IP address for Port 8, than set Port 8 to ARP Reply-Only: Than I can add the IP ARP> But than sense Port 8 is no longer part of the bridge, it has no internet access.
Am I doing something wrong? can anyone help me with this, with steps. Thank you so much.
Re: Help! IP ARP MAC Binding
When you add port to bridge, then config like this (static ARP, IP addresses, etc) belongs to bridge interface.
Re: Help! IP ARP MAC Binding
Further to what @sob wrote: when device wants to communicate with another one over IP, it has to find out MAC address of either the other device itself (if the other device is in the same IP subnet) or of a gateway. Then uses that MAC address to send out ethernet frames. The devices, which might be on the way (switches), are transparent and MAC addresses of those devices don't matter at all.
When one creates a bridge over multiple interfaces on ROS device, one actually creates a switch, which lies between interfaces and device's CPU. If some device in LAN wants to communicate with ROS device (either using some service, provided by ROS device, such as DNS or management, or because ROS device is gateway), it will communicate with MAC address assumed by ROS device's CPU (that's bridge interface in this case) and MAC address of individual interface physically connecting end device doesn't matter (remember, that interface is a part of a "switch" and should be transparent for LAN devices).
If the same LAN interface wants to communicate with another LAN interface, connected to different interface on OS device, it won't refer to any of ROS MAC addresses at all ...
When one creates a bridge over multiple interfaces on ROS device, one actually creates a switch, which lies between interfaces and device's CPU. If some device in LAN wants to communicate with ROS device (either using some service, provided by ROS device, such as DNS or management, or because ROS device is gateway), it will communicate with MAC address assumed by ROS device's CPU (that's bridge interface in this case) and MAC address of individual interface physically connecting end device doesn't matter (remember, that interface is a part of a "switch" and should be transparent for LAN devices).
If the same LAN interface wants to communicate with another LAN interface, connected to different interface on OS device, it won't refer to any of ROS MAC addresses at all ...