Description
This article describes troubleshooting tips for the ARP protocol. Before any packet can be sent in Ethernet technologies, the network device should populate its own ARP table.
Scope
FortiGate.
Solution
Windows ARP commands:
Display ARP table:
C:\>arp –a
Interface: 192.168.157.80 --- 0x8
Internet address Physical address Type
192.168.157.1 00-ff-d9-ba-82-16 dynamic
192.168.157.2 9c-93-4e-5e-00-38 dynamic
192.168.157.11 08-5b-0e-5e-92-9e dynamic
192.168.157.18 08-5b-0e-08-85-a9 dynamic
Delete an ARP Table entry:
C:\> arp -d 192.168.157.2
FortiOS ARP Commands:
Display ARP table:
get system arp
If VDOMs are configured:
config vdom
edit <vdom_name>
get system arp
Clear the ARP Table:
execute clear system arp table
Remove a single ARP entry:
diag ip arp delete <interface_name> <IP Address>
Remove all entries associated with a particular interface:
diag ip arp flush <interface_name>
SNIFFER ARP PACKETS:
To ensure that ARP Packets are being sent and/or received:
diagnose sniffer packet <interface> ‘arp’ 4
E.g:
dia sniffer packet any "arp" 4 0 l
2024-08-13 19:18:41.004473 internal out arp who-has 192.168.1.113 tell 192.168.1.99 <- ARP Request packet.
2024-08-13 19:18:41.004487 lan out arp who-has 192.168.1.113 tell 192.168.1.99 <- ARP Request packet.
2024-08-13 19:18:41.005184 lan in arp reply 192.168.1.113 is-at 00:64:72:61:29:02 <- ARP Response packet.
2024-08-13 19:18:41.005193 internal in arp reply 192.168.1.113 is-at 00:64:72:61:29:02 <- ARP Response packet.
