So, my FreeNAS Server started randomly spewing my log file with this:
Dec 24 16:16:10 zoe kernel: arp: 43:05:43:05:00:00 is multicast
Dec 24 16:16:10 zoe kernel: arp: 43:05:43:05:00:00 is multicast
Dec 24 16:16:10 zoe kernel: arp: 43:05:43:05:00:00 is multicast
It was going at a rate of about 1 a second (in bursts of 5 every 10 seconds or so).
I fired up Wireshark to work out what it was, turns out it was my OpenMesh Wifi Access points sending these packets out.
Read more to see how I fixed it ๐
I contacted the OpenMesh guys to see what they were all about, here’s the response I got from them:
Those ARP packets are part of normal usage, our nodes use those packets as part of the mesh connectivity, used mainly to track and remove possible loops from the mesh, but also to determine mesh speeds and connectivity.
Okay, no worries, not going to get my spamming problem fixed there ๐
So, more searching around. A few forums, some complaining about arp spam, a few patches (if you compile your own kernel) and a supposed ipfw fix that I couldn’t get to work.
The option I picked that worked was to just enable multicast ARP packets. It doesn’t feel like the best option, however it was the only one I could get to work. To do this, run this as root on your FreeNAS box:
sysctl net.link.ether.inet.allow_multicast=1
Boom, no more spam. Joy ๐
If anyone has a better solution to this (or how to make ipfw actually block it properly), let me know in the comments below ๐
Ducky
EDIT: Because I didn’t even think about it, sysctl settings are reset on boot.
You’ll need to go to System -> Tunables -> Add Tunable and enter the following in:
Variable: net.link.ether.inet.allow_multicast
Value: 1
Type: sysctl
Comment: Allow Multicast to stop spam
Hi, just came around your post here, and im having the same issue and also running a openmesh wifi.
When i goto my Tunables i do not have a type to pick.
I am running FreeNAS-9.2.1.7-RELEASE-x64, I added the varible and value to mine.
but it appears it has not solved my problem.
Hey dude, it just needs to be a sysctl. Try the first option I had on the post where you log in, su yourself to root, and change the sysctl manually. Then see if that fixes it.
Option 2 is to update FreeNAS, but there should be a way to change sysctl’s with 9.2. I just don’t have a machine running 9.2 anymore to test how to do it now.
Thank you for this post, saved me a lot of time! If you’d like to make this setting permanent and aren’t using a GUI, you can edit your ‘/etc/sysctl.conf’ and add this to the end.