Hi,
I have an Opal Router (GL-SFT1200) that I use as accesspoint in my home network for all my IOT devices...
I do see the Opal generating a lot of broadcast messages on my network? (see picture)
Why is this and can I reduce/remove this?
I would expect my main router on 192.168.1.1 handling all of this, not the Opal on 192.168.1.248 as an accespoint?
We will try to optimize. Thank you.
Since it as a router, it is based on a router to develop the system, so it is normal to have ARP broadcast.
Under normal circumstances, it will not affect your network.
I understand...
Any setting I can change in "Luci" to change this behavior when using the Opal as access point?
There seems to be no way on Luci.
Please rest assured, this 'arp' package is not harmful.
Arp is actually a protocol on the physical layer also called layer 2.
Basicly devices use it to communicate who is who, and so can a mac address table be created and associated with ip addresses.
Under normal circumstances it is really normal there is chattyness.
But it is uncommon, when a device spoofs messages and pretend to be the router and spams more frequently.
That is actually called arp spoofing, and funny enough the drop in gateway feature can do this to.
^ although i'm not so fan of it (because it simulate it more like a attack, and peoples use case may be based on something like this which is against security, and very bad if that could happen i.e to wan on isp side as misconfiguration 
)
anyway, it is likely harmless, the only improvement especially if firmware is a bit older on the gl sdk side, is the drop in gateway feature, in the past i've seen ugly bugs with it like that it already activates when just visiting that options page and not even checking in that option.
Currently i do not longer see this behaviour anymore, but opal might be different.
Thanks for your explanation.
If I use Wireshark, and I setup a filter for "arp", and I see messages like
"Tell [ipaddress]"
which is not the ip address of the router, then that device at that IP is doing the arp spoofing?
is there a method to stop that device from spoofing, or just disconnect it from the LAN?
is arp spoofing bad, or does it just create chatty noise on the network which makes it harder to read the logs in Wireshark?
No, it works kinda like a discovery so clients know which ips belong to the coresponding mac address.
It is wrong if a different mac address unlike the router tells that he is the router.
If you dont want it, you can choose to use static ips but yea it is normal that it chats alot.
