What is "static ARP" doing when enabled ?

[waldorf]

This is related to my 2 previous topics and turned out te be the cause of the problems.

It seems that when "static ARP" is enabled (and no static ARP entries are created) the corresponding VLAN is not working as expected.  (See 2 posts mentioned below)

According to my understanding a static ARP entry is nothing more than binding a specific IP address to a MAC address.  So when enabling static ARP, without any definitions, nothing should change. 

But when I enable static ARP entries, I am unable to ping the gateway, WAN access does not work as expected and some other strange things happen.  Is there some misunderstanding at my side about the static ARP feature, or is this a bug ?

See as well:
https://forum.opnsense.org/index.php?topic=44215.0
https://forum.opnsense.org/index.php?topic=44237.0

[Patrick M. Hausen]

Did you enable Static ARP in the DHCP server settings?

The help text quite explicitly says:

Warning: This option persists even if DHCP server is disabled. Only the machines listed below will be able to communicate with the firewall on this NIC.

This "Enable Static ARP" button also disables regular (dynamic) ARP entirely.

To add just a single entry I guess Interfaces > Neighbours is the correct section of the UI. Never used it myself.

[waldorf]

I un-intendently switched it on for this interface. It took me quite some time to find out why I had this behavior. So I didn't read the info text beforehand.

Since I only know static ARP as a mechanism for just bypassing the ARP request  and statically map an IP address to a map address, I never looked into this direction. This is more like a MAC whitelist :-)

Anyway, I am glad it's clear to me and the issue is solved now.