Skip to content

Instantly share code, notes, and snippets.

@kralo

kralo/ubiquiti-unifi-offline-but-configure-gateway-arp-spamming.md

Created February 9, 2026 10:16
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save kralo/259886a1bc8cbffe89ffcedf50abb1b1 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save kralo/259886a1bc8cbffe89ffcedf50abb1b1 to your computer and use it in GitHub Desktop.
Download ZIP
ubiquiti unifi : why you should always configure a (reachable) gateway + dns (even if it doesn't route traffic)!
Raw
ubiquiti-unifi-offline-but-configure-gateway-arp-spamming.md

Reducing WiFi ARP Requests

Ubiquiti unifi : why you should always configure a (reachable) gateway + dns (even if it doesn't route traffic)!

So you already know that multicast traffic is slowing down your wifi?!

And you're using your unify APs "offline", that is, they have no planned internet connection?

You must configure Gateway and DNS IPs in your APs that are reachable in the local lan.

Even if you have enabled "broadcast and multicast blocker", various Unify APs will send ARP Requests on the wifi side for their Gateway IPs or DNS IPs. And they will do this every second.

This is bad, because all your wifi stations (clients) will receive these useless broadcast ARP requests.

  • Confirmed bad, UniFi AP-AC-Lite Ver 6.6.65.15248

    will send ARP Requests for its Gateway on IP xx.xx.xx.1 , even if none is configured (the field is empty)

  • Confirmed bad, Nano HD Ver 6.7.31

    will send ARP Requests for its DNS IP on the wifi side.

.

You can look out for this with a linux client and tcpdump -i wlan0 -n -vv

and get an example output like (172.24.0.32 is a unify AP with DNS xx.xx.0.3):

09:41:18.474612 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.32, length 46
09:41:18.781854 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.33, length 28
09:41:19.396186 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.39, length 46
09:41:19.703437 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.32, length 46
09:41:19.703750 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.34, length 46
09:41:20.317946 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.39, length 46
09:41:20.318622 IP (tos 0x0, ttl 128, id 12669, offset 0, flags [none], proto UDP (17), length 67)
    172.24.0.9.49998 > 172.24.89.42.54210: [udp sum ok] UDP, length 39
09:41:20.625029 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.32, length 46
09:41:20.932213 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.34, length 46
09:41:21.853817 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.34, length 46
09:41:23.697075 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.24.0.3 tell 172.24.0.32, length 46
09:41:23.876854 IP (tos 0x0, ttl 64, id 40338, offset 0, flags [DF], proto UDP (17), length 201)
    172.24.89.42.54210 > 172.24.0.9.49998: [udp sum ok] UDP, length 173
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment