ARP Entries from public IPs

I have a huge problem, we want to free some public IP's from use to configure a vrrp-constellation. Some IP's have a arp entry present on the outside router, which is connected to our firewall. I cant get rid of that entry, which means there are still services running on that public ip?. I dont get that!! where can i find those configurations on my watchguard?


  • also this arp entry is icomplete on our side!

    Protocol Address Hardware Address Timeout Interface Type
    [my public IP] [hardware address] 01:19:14 [Interface] ARPA

    sh arp
    [my public IP] at on eth0

  • Power off/on of the outside router will clear its arp table.

    If someone on the Internet sends a packet to one of your unused public IP addrs, that will cause the outside router to try to forward that packet to your firewall and will result in an arp entry on the outside router.

Sign In to comment.