FreeBSD/FreeNAS arp multicast spam

So, my FreeNAS Server started randomly spewing my log file with this:

Dec 24 16:16:10 zoe kernel: arp: 43:05:43:05:00:00 is multicast
Dec 24 16:16:10 zoe kernel: arp: 43:05:43:05:00:00 is multicast
Dec 24 16:16:10 zoe kernel: arp: 43:05:43:05:00:00 is multicast

It was going at a rate of about 1 a second (in bursts of 5 every 10 seconds or so).
I fired up Wireshark to work out what it was, turns out it was my OpenMesh Wifi Access points sending these packets out.

Read more to see how I fixed it ๐Ÿ™‚

I contacted the OpenMesh guys to see what they were all about, here’s the response I got from them:

Those ARP packets are part of normal usage, our nodes use those packets as part of the mesh connectivity, used mainly to track and remove possible loops from the mesh, but also to determine mesh speeds and connectivity.

Okay, no worries, not going to get my spamming problem fixed there ๐Ÿ˜›

So, more searching around. A few forums, some complaining about arp spam, a few patches (if you compile your own kernel) and a supposed ipfw fix that I couldn’t get to work.

The option I picked that worked was to just enable multicast ARP packets. It doesn’t feel like the best option, however it was the only one I could get to work. To do this, run this as root on your FreeNAS box:
sysctl net.link.ether.inet.allow_multicast=1

Boom, no more spam. Joy ๐Ÿ˜€

If anyone has a better solution to this (or how to make ipfw actually block it properly), let me know in the comments below ๐Ÿ™‚

Ducky

EDIT: Because I didn’t even think about it, sysctl settings are reset on boot.
You’ll need to go to System -> Tunables -> Add Tunable and enter the following in:
Variable: net.link.ether.inet.allow_multicast
Value: 1
Type: sysctl
Comment: Allow Multicast to stop spam
Screen Shot 2014-12-30 at 3.09.56 pm

2 comments

Hi, just came around your post here, and im having the same issue and also running a openmesh wifi.

When i goto my Tunables i do not have a type to pick.
I am running FreeNAS-9.2.1.7-RELEASE-x64, I added the varible and value to mine.

but it appears it has not solved my problem.

Hey dude, it just needs to be a sysctl. Try the first option I had on the post where you log in, su yourself to root, and change the sysctl manually. Then see if that fixes it.

Option 2 is to update FreeNAS, but there should be a way to change sysctl’s with 9.2. I just don’t have a machine running 9.2 anymore to test how to do it now.

Leave a Reply