Firewall; Anti Arp Spoofing - TP-Link SafeStream TL-ER6020 User Manual

Flags:
Logical Interface:
Physical
Interface:
Metric

3.4 Firewall

3.4.1 Anti ARP Spoofing

ARP (Address Resolution Protocol) is used for analyzing and mapping IP addresses to the
corresponding MAC addresses so that packets can be delivered to their destinations correctly.
ARP functions to translate the IP address into the corresponding MAC address and maintain an ARP
Table in which the latest used IP address-to-MAC address mapping entries are stored. ARP protocol
can facilitate the Hosts in the same network segment to communicate with one another or access to
external network via Gateway. However, since ARP protocol is implemented with the premise that all
the Hosts and Gateways are trusted, there are high security risks during ARP Implementation
Procedure in the actual complex network.
The attacker may send the ARP spoofing packets with false IP address-to-MAC address mapping
entries, and then the device will automatically update the ARP table after receiving wrong ARP
packets, which results in a breakdown of the normal communication. Thus, ARP defense technology is
generated to prevent the network from this kind of attack.
3.4.1.1 IP-MAC Binding
IP-MAC Binding functions to bind the IP address, MAC address of the host together and only allows the
Hosts matching the bound entries to access the network.
Choose the menu Firewall→Anti ARP Spoofing→IP-MAC Binding to load the following page.
The Flags of route entry. The Flags describe certain characteristics of the
route.
The logical interface of route entry.
The physical interface of route entry.
The Metric of route entry.
-69-