Technical Tip: Gratuitous ARP for Virtual IP feature - FortiOS 4.0
Description
A gratuitous ARP request is an Address Resolution Protocol request packet where the source and destination IP are both set to the IP of the machine issuing the packet and the destination MAC is the broadcast address ff:ff:ff:ff:ff:ff. Ordinarily, no reply packet will occur. A gratuitous ARP reply is a reply to which no request has been made.
In a real network deployment this feature may be used to keep the L2 FDBs updated, or remote devices L3 ARP tables updated.
Scope
All FortiGate units running FortiOS 4.0 or higher, running in VDOM or NAT mode.
Solution
Configure gratuitous ARP from the CLI:
config firewall vip
edit "web"
set extip 10.174.1.80
set extintf "external"
set portforward enable
set gratuitous-arp-interval 10 (user specified 5-8640000 > (seconds) 0 to disable)
set mappedip 192.168.183.1
set extport 80
set mappedport 80
next
end