MAC flapping Drop-in

alexandr3 · January 15, 2020, 9:54am

Hey there,

I am new to peplink and something unusual has happened that i can’t figure out why.

So from the beginning, I have 2 ISP and a peplink in drop-in mode, everything is connected to a SW, I’ve done some nat-mapping on the peplink IP from ISP2 to ISP1 (drop-in).

the image describes the set up, inbound is working, and everything seems fine.

Different colors represent different vlans even tho the Blue and Red have the same address range, as per drop in specification.

Now is the weird part… during set up, by mistake ISP 1 (LEFT, the one for drop in) was plugged on the blue vlan.
So peplink announced his mac on the red vlan (expected)
Then we unplugged ISP 1 and plugged on the correct vlan red.
And pepelink announced his mac on blue (expected), but kept announcing it on the red as well, like pepelink was the owner or got that mac from any other source.

Basically pepelink was announcing at the same time the same mac on both interfaces??!! So where was he getting it from, did he kept it and didn’t expire?

Since i could not clear the arp/mac table on the pepelink, the only way that i got it to stop falpping on the switch was to reboot the pepelink.

So is there a way to view the arp/mac table? I tried to go on the clish but “support” commands were not possible.

Shouldn’t peplink flush his arp/mac table after not receiving traffic form that source for a while (this occurred for more than 24h)?

Ron_Case · January 15, 2020, 12:39pm

Drop-in mode uses both the LAN and a WAN interface to bridge the primary ISP network to your firewall but they have different MAC addresses. Be sure the firewall is pointing to the default gateway of ISP1 and not the Peplink.

You can download a network capture from the support.cgi page and view the ARP packets with Wireshark.

After logging into the Balance, type in this address to get the support.cgi page: http://<Peplink’s IP>/cgi-bin/MANGA/support.cgi

alexandr3 · January 16, 2020, 1:45am

Hey Ron,

I know they have different MAC for pepelink interfaces, the issue was that somehow pepelink stored the ISP Router MAC and was announcing it on both LAN and WAN.

Ron_Case · January 16, 2020, 10:35am

OK now I understand what you are asking. This is part of the magic with a drop-in mode deployment.

Your firewall would not be aware when it’s default gateway router goes down with drop-in mode. The Peplink uses the MAC address of the ISP router to communicate with the firewall and it can route inbound or outbound traffic through the secondary WANs to your firewall.

You mentioned the set up, inbound is working, and everything seems fine - until ISP1 was plugged into the wrong VLAN correct?

I hope this information helps and welcome to the Peplink forum community!

alexandr3 · January 17, 2020, 3:24am

Yes its working and all, I was just a bit concerned that the arp/mac tables didn’t expire as they usual do in other equipment.
Could have been a bug or something…