Lot of ARP traffic in network while IPFS is running

Whenever I run IPFS I notice a large amount ARP traffic on the network. Basically the router constantly asking the connected devices for IP addresses in 169.254.x.x IP range. If I stop the IPFS daemon, the requests stop.

Given that all devices on the network have assigned IP addresses ARP-ing for link local addresses is futile.

Can someone explain why this happens? Is there a way to mitigate this?

AFAIK the 169.254.0.0/16 block is used for automagical link-local IP address assignment (defined in RFC 3927) and usually it comes from… MS Windows hosts (KB220874). Microsoft’s term for this is Automatic Private Internet Protocol Addressing (APIPA).

My guess is that Windows boxes published these addresses to DHT and your IPFS node simply tries to connect to them.

If you look at the output of ipfs swarm addrs you will see that there are peers which have more than one IP from this block. It usually means node running on a machine that had more than one NIC and each of them got auto-generated IP.

Not sure if we can do anything about this. Technically, you want to be able to connect to a node that has such IP.

I can’t see any peers in the swarm from that block. That’s understandable bacause all devices on my network have regular IP address, and not link local ones.

The problem is private IP address ranges (10.x.x.x, 192.168.x.x, 169.254.x.x, etc) are not routable from the internet. So one cannot connect to them.

Public and private addresses should be kept in a separate database. Private addresses shouldn’t be broadcasted to the internet only to peers on the LAN.

Are you sure you had none? Each peer can advertise itself on multiple addresses.
For example, my node’s peers have a lot of APIPAs:

$ ipfs swarm addrs | grep '/ip4/169.254' | wc -l
249

To stop your node from dialing local addresses (and disable mDNS) initialize ipfs with the ‘server’ profile:

ipfs init --profile=server

You can also apply blacklist manually by editing config file, as described in this comment.

There is an open issue about making local dialing smarter, but if you just want to disable it entirely, AddrFilters should be enough.