NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Netgear Nighthawk M1 MR1100 ARP pollution and Devolo Magic 2 powerline network
I've been using a Devolo Magic 2 powerline network in the home for some time now and it's been known-good up until recently when I've added a MR1100 back into the network onto the powerline network instead of directly attached to the WAN of a OPNsense firewall.
The reason for adding the MR1100 back in was that the Teltonika RUTXR1 only has a single LTE module so is not able to load-balance between two SIMs, hence the MR1100 was re-added to give a second LTE module. The powerline network is involved as the MR1100 is on a different floor to the RUTXR1 and OPNsense firewall (a /30 subnet used on the powerline physical network for point-to-point communication).
My issue is that on the MR1100 Settings -> Account tab, I see a certain MAC Address 3c-37-86-XX-XX-0e listed, and I noticed in the OPNsense ARP Table for the powerline network that an increment of this MAC, 3c-37-86-XX-XX-0f was polluting the ARP Table as if it were answering to multiple IPv4 addresses that didn't belong to it.
This network instability initially manifested as DNS issues and some devices such as TVs had successful workaround with either static DNS or static IP configuration. Two Android devices seemed mostly unaffected, and they seemed to be able to update their ARP entry to remove the broken entry. Sadly, two Windows 10 laptops are severely impacted by the MR1100 sharing the powerline network and network function of these two laptops can reliability be restored by removing the MR1100 from the network.
Despite having taken steps to prevent the ARP Table pollution (e.g. banning the bad MAC), the Windows 10 laptops still do not function on the powerline network with the MR1100 connected. The gateway for the powerline network cannot be pinged by the impacted devices and therefore there's no onward routing to other services such as DNS, although impacted devices are still able to access WebGUIs of the Devolo devices on the very same 192.168.X.0/24 subnet (so it's confusing only the gateway 192.168.X.1 seems impacted).
My current work around is to use a different access point attached to the OPNsense firewall and then the Windows 10 laptops are able to route everywhere including into the impacted powerline subnet.
As I've been debugging this for multiple days, I'm not really expecting a resolution any time soon but thought I'd share these symptoms in case someone hits the same in the coming months or years.
Netgear Nighthawk M1 MR1100-100EUS
Firmware Version: NTG9X50C_12.06.39.00
2 Replies
Recording a Windows 10 fix in case this helps anyone else.
- Right-click Start menu and select "Windows PowerShell (Admin)", approve modifications to system.
- Run the command "arp -a" to diagnose the issue of the default gateway having an incorrect MAC address related to the MR1100 instead of the correct MAC address.
- Run the command "Get-NetAdapter" and make a note of the ifIndex.
- Run the command "New-NetNeighbor -InterfaceIndex <ifIndex> -IPAddress '<gateway_IP>' -LinkLayerAddress '<MAC_noseparators>' "
Single quotes are part of the command. Example of MAC_noseparators is '3cecefXXYY5f'. Remove-NetNeighbors -InterfaceIndex '<ifIndex>' -IPAddress '<gateway_IP>' # to reverse this fix.
Now I need a solution for Windows 10 S.
Quick summary that the same workaround also works when downloading PowerShell on Windows 10 S from the Microsoft Store which wouldn't be expected to run (e.g. WinDbg Preview doesn't, as expected) so it might be disabled at some point.
A longer walkthrough seems not to have posted.