Diagnosing ARP requests in Transparent mode

• All FortiGate units.

In Transparent mode, the CLI command diagnose ip arp list, the "root" is the system management interface and "root.b" is the system bridge interface used by the Transparent mode VDOM.

The output from the command diagnose ip rtcache list is:

<source_IP_address>@(A - integer)(C - Optional interface identifier)-> <destination_IP_address@lt;@(B - integer)(D - Mandatory interface identifier)

The A and B values of the interface index will show the logical interface number. The mapping of this number to a name can be found by using the command diagnose netlink interface list.

An example of the output is:

FG300A# diag ip arp list
index=8 ifname=root 0.0.0.0 00:00:00:00:00:00 state=00000040 use=2705 confirm=13776 update=7776 ref=3
index=11 ifname=root.b 192.1.1.1 00:09:0f:40:16:24 state=00000002 use=251 confirm=251 update=252 ref=9
index=11 ifname=root.b 192.1.1.16 00:15:c5:3d:7b:21 state=00000002 use=0 confirm=22 update=6647 ref=2

The index indicated is the A or B integer and if gives the logical interface name, which may be a physical port, VLAN, SSID, VPN Phase 1, or system (root, port_ha, vsys_ha, etc.) interface.

You can use the CLI command diag sniffer packet any 'arp' 4 to show you the ARP learned in real-time.

See also

• Avoiding ARP problems with VLANs in Transparent mode
• VIP on vlan interface of redundant interface does not reply to ARP