I originally experienced this problem on two GX400 modems running firmware versions 3.4.4 and 3.4.5, have since updated the 3.4.4 one to 4.4.4 and found no change in behavior. I’m running the Telstra firmware if that makes a difference.
My problem is that I need to stop the modem from spoofing ARP responses as it is causing problems on our network. The setup is like this:
PCs: 192.168.10.X/16, with gateway 192.168.10.4, running Windows 7 Embedded
Network Devices: 192.168.2.X/16 (no gateway)
GX400 Modem: 192.168.10.4/24
For various reasons I can’t move the PCs and Network Devices into the same /24 subnet.
The PC needs to communicate with:
- Other PCs
- The network devices
- An internet server (via the modem)
The problem I’m having is that when the initial ARP request is broadcast for one of the network devices (192.168.2.X), the device is responding first with its MAC address, and then the modem is responding with its MAC address which overwrites the authentic device in the PC’s ARP table. I manage to get a single ping response from the network device prior to the modem taking over. As the modem is in a /24 subnet it doesn’t have any way to reach 192.168.2.X and so passes the packet up to the ISP router which then drops it with a ‘no route to host’ error. The PC has the modem configured as a gateway and so doesn’t need this ARP spoofing behavior to function correctly - any IP address it knows it needs the modem for it will pass to the modem without making an ARP request, the modem is only getting in the way.
Unfortunately setting “Primary Gateway” to “Disabled” doesn’t stop the ARP spoofing.
I tried setting the subnet mask for the modem to 255.255.0.0, but the modem was no longer contactable after a reboot - given the way the settings are laid out on the ethernet configuration page in the ALEOS UI it isn’t clear if I’m setting the DHCP details there or the modem’s details. I’ve managed to work around the issue by configuring “Host Network 2” as 192.168.0.0 and “Host Network Subnet Mask 2” as 255.255.0.0, which I believe is convincing the modem that the ARP requests it is receiving are inside the host network and don’t require spoofing.
Questions:
- Have I misunderstood the ‘Primary Gateway’ setting? What behavior should I expect when disabling that option?
- Is there another way to disable ARP spoofing behavior?
- Is setting the “Host Network” options an appropriate way to work around this problem? It seems to work in preliminary testing but I’m concerned that I’m misunderstanding this feature.
Thanks,
Darrell