therave wrote:
It reappears in ARP table despite not being on network for weeks. Hence my admittedly non-expert theory that something is being drawn in from the ARP cache.

Devices listed in the ARP cache have either been 'seen' on the network or added as a Static entry. In the case of a Draytek Vigor, everything in the Bind to IP list seems to be added to the ARP cache as a Static entry - so you may be correct ... but the other way round, to the way you described it.

So, the question naturally arising from what we both seem to now agree is occurring, in respect of the ARP cache and static entries, whichever “way around” it occurs, is how do I delete a single entry without flushing the entire cache? Otherwise (I think you are now more fully understanding my original post) the re-use of the IP with a different MAC is likely to conflict with the static cache entry I can’t delete.

therave wrote:
...how do I delete a single entry without flushing the entire cache?

I don't think you need to...
but you can use the Router's telnet interface (and the IP ARP command) :-

Code:

Vigor> ip arp status -v 0 [ARP Table] Index IP Address MAC Address HOST ID Interface VLAN Port 1 192.168.100.64 06-FB-F2-XX-XX-XX Janes-Galaxy-A41 LAN1 VLAN0 P6 // // Abbreviated for clarity // 17 192.168.100.3 00-21-63-XX-XX-XX SAMSUNG LAN1 VLAN0 P6 Vigor> ip arp flush % All ARP cache is flushed !!! Vigor> ip arp status -v 0 [ARP Table] Index IP Address MAC Address HOST ID Interface VLAN Port 1 192.168.100.3 00-21-63-XX-XX-XX SAMSUNG LAN1 VLAN0 P6 Vigor> ip arp del 192.168.100.3 LAN Vigor>

I used IP ARP STATUS to show the cache (or some of it)
Then IP ARP FLUSH to clear the cache
The IP ARP STATUS command then reveals that a node has instantly reappeared (on Port 6)
I deleted its entry using IP ARP DEL

When I checked again a few seconds later, it had reappeared along with a load of others. This is normal, expected behaviour. It makes for quite a useful diagnostic process, on occasion. Of course, if things had appeared in the cache that were supposedly switched off, that would be a different matter!

I was quite surprised to see that the 'Flush' removed the entries that the Vigor had added itself, from the 'Bind to MAC' list. However, this is not a problem; they will come back in the fullness of time.

(A cache is just a temporary store, to prevent having to send a Broadcast to the entire LAN. On a tiny domestic network (like mine), it would make no discernible difference if the cache didn't exist).

Had tried “ip arp del” seeing same result as you. ARP flush entire is last resort. Will wait until I get new PC delivered to deduce course of action because another issue I discovered after several hours of puzzling is that IPad displays an empty Bind table, whereas android phone does not! Obviously if the Bind table is present flushing entire cache on home system is viable....I was concerned it was not until finding this iOS quirk!

In theory, ARP cache entries can flush themselves...

ip arp setCacheLife [time]

allows users to configure the duration in which
ARP caches can be stored on the system. If ip arp setCacheLife is set with “60”, it means you
have an ARP cache at 60 second. Sixty seconds later without any ARP messages received, the
system will think such ARP cache is expired. The system will issue a new ARP request to see if
this cache is still valid.

and

Usage:
ip arp setCacheLife
where time = 10, 20, 30,....2550 seconds
e.g. ip arp setCacheLife 10, sets the cache life to 10 seconds

I say "in theory", because it doesn't appear to work on my Vigor 2860