Secure the MikroTik by securing the ARP

Also, another Layer2 Security feature is on the ARP level. As you know, every network device needs the source and destination MAC/IP to be able to send the data. In case the device doesn’t have the destination MAC address, he will issue an ARP request using broadcast, and the one who receives the broadcast and has the destination IP address will answer by his MAC address to the source.

The MikroTik Switch will leave the MAC addresses learned dynamically in his ARP Table. By default, MikroTik RouterOS ARP table can have up to 8192 entries, but of course, the more entries you have on the switch the more resources on CPU and memory are used.

For this reason, you can make the ARP entries that you want as static entries.

The best way to do this is in combination with the DHCP server. Once you know that your network is converged, meaning that you know that all devices have received the IP address of the DHCP Server, then you can make them Static.


Apologies, the Full Lesson Access is Only for Members....


Get Access to all Lessons from different Vendors


Affordable Price to Enhance your IT Skills!


Always Accessing all Lessons including the New Added Ones

100% Satisfaction Guaranteed!

You can cancel your membership at anytime.
No Questions Asked Whatsover!

Course Content


Submit a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.