Posted: Wed May 28, 2025 1:04 Post subject: arp spoofing because of repeater bridge
Hey guys,
my nerves are shot. Since two days I try to setup the repeater bridge on R7000 connecting to R6400 AP (both DD-WRT v3.0-r61423 std (05/25/25)), but my devices keep having trouble. Coming from a working setup with freshTomato, I have wasted a lot of time using ddwrt now. Being surrounded by potential issues everywhere (CTF, AES in WPA, Broadcom driver and so on), I have turned on and off everything I could think of. Two days of my life lost forever. Well well...
Internet works okayish on my desktop connected to RB router, but mobile devices (Fairphone 3 and iPhone) do not work. Directly after connecting to wifi, first moments browsing internet works, but then suddently connection drops and websites do not load anymore.
My AP router logs:
Code:
May 28 02:48:51.734 r6400 kern.err kernel: [ 1281.042490] arp spoofing detected ip=192.168.10.171 mac is xx:xx:xx:xx:xx:03 but should be xx:xx:xx:xx:xx:94
Also my gateway router, a fritzbox 6660, reports jumping and duplicate IP addresses spotted via ARP.
Why repeater bridge is recognized as arp spoofing? And why ARP spoofing protection is active even though I have not enabled it in security tab?
I presume this is on a Netgear R6400, but no idea what build version you've flashed. Keep in mind that repeater modes may be problematic on Broadcom Northstar (ARM) devices, and arp on these fake bridge modes is broken.
I have seen WDS, media bridge, repeater bridge, wifi ethernet bridge. WDS was slow as hell. Media bridge was never stable. Ethernet bridge worked, but has the same problems as repeater bridge with mac desaster.
What is the cleanest way to pair two wifi routers with ARP being healthy and connection bandwidth acceptable?
Joined: 08 May 2018 Posts: 16123 Location: Texas, USA
Posted: Wed May 28, 2025 2:02 Post subject:
Unfortunately, this issue is probably not going to go away save and except the developer removes the fake bridge modes entirely. Also, on current releases the following would apply since the shift to Linux 4.4:
Unfortunately, this issue is probably not going to go away save and except the developer removes the fake bridge modes entirely. Also, on current releases the following would apply since the shift to Linux 4.4:
The only 100% stable linking between two routers is over wired ethernet. The closest option is wireless station mode (not WDS) on one of the radios on the second router. Of course, I don't know *what* WDS configuration you used, and again, I have no idea what release build number your are using in this situation.
I have updated release number into my previous post. And also changed it to for better understandability.
Important: I have linked a solition from an old thread. Disabling ARP spoofing protection via commandline brings the repeater bridge back to life. I have also added that ARP spoofing protection is NOT ticked in webgui, but still it was active which seems to be bug.
In my wireless dropdown, I can only see:
AP, station, station bridge, repeater, repeater bridge, Ad-Hoc. Which of those modes represent the "Wireless bridge"?
