MY80211.com

ARP Caching at the access point isn't something normally deployed in the field in my experience, but I wanted to cover it here.  I've done limited testing with this "nerd knob" function in the field. If you have this in production I would like to hear your feedback! 

ARP caching on an access point reduces the traffic on your wireless LAN by stopping ARP requests for client devices at the access point. The good is that you lessen the ARP traffic and lessen the use of the wireless medium. There is also a security benny. If you are familiar with aireplay-ng it works by capturing the ARP packet and replaying it back to the AP to generate traffic. By blocking the ARP at the AP you lessen the upstream ARPs to the wireless clients to be sniffed, but you still have down stream ARPs (wireless clients to LAN). 

ARP CACHE DISABLED:

ap(config)#no dot11 arp-cache <-- Negate dot11 arp-cache with "NO"

ARP CACHE OPTIONAL: 

ap(config)#ap(config)#dot11 arp-cache optional <-- dot11 arp-cache OPTIONAL

When legacy and non-Cisco client devices are associated to an access point and not passing data, the access point might not know the client’s IP address. If this situation occurs frequently on your wireless LAN, you can enable optional ARP caching. When ARP caching is optional, the access point responds on behalf of clients with IP addresses known to the access point but forwards out its radio port any ARP requests addressed to unknown clients. When the access point learns the IP addresses for all associated clients, it drops ARP requests not directed to its associated clients.

By default, the Cisco autonomous AP records ten command lines in its history buffer. 

Beginning in privileged EXEC mode, enter this command to change the number of command lines that the wireless device records during the current terminal session:

Beginning in line configuration mode, enter this command to configure the number of command lines the access point records for all sessions on a particular line:

ap#config t
ap(config)#line vty 0 4
ap(config-line)#history size ?
 <0-256>  Size of history buffer

Negate 

ap#config t
ap(config)#line vty 0 4
ap(config-line)#no history

** NOTE ** If you select 100 for example, it will record 100 lines.

Below is the show history output:

In real world deployments you wouldn't likely use a Cisco AP as the DHCP server. But, during deployments I've used it for temporary setups. Lets step through the setup process

In this senerio we will set up a class C 192.168.1.0 DHCP Scope with IP exclusions and add additional info like the gateway and DNS server information.

1. Lets start with the client exclusion. We will exclude the following ranges, so that the AP doesn't assign these specific addresses out: 

192.168.1.1 - 192.168.1.10
192.168.1.200 - 192.168.1.254 

2. Next, we will name the DHCP Scope (pool) and set the network:

ap(config)#ip dhcp pool WIRELESS
ap(dhcp-config)#network 192.168.1.0

3. Next, we will set the LEASE time for the addresses (3 days,4 hours, 20 min) , setup the gateway and DNS:

ap(dhcp-config)#lease 3 4 20
ap(dhcp-config)#default-router 192.168.1.1
ap(dhcp-config)#dns-server 192.168.1.250

4. Next, we connect a wired laptop to the switch on the VLAN and see the results: 
(Note this will also hand out Wireless DHCP as well)

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Intel(R) 82567LM Gigabit Network Connection
        Physical Address. . . . . . . . . : 00-2A-A1-13-C2-33
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . : Yes
        IP Address. . . . . . . . . . . . . . : 192.168.1.11  <-- This is the first IP in our Scope
        Subnet Mask . . . . . . . . . . . : 255.255.255.0 <-- Our class C 
        Default Gateway . . . . . . . . . : 192.168.1.1   <-- This is the GW we set up
        DHCP Server . . . . . . . . . . . : 192.168.1.2      <-- This is the IP of our AP
        DNS Servers . . . . . . . . . . . : 192.168.1.250  <-- This is the DNS we set up 
        Lease Obtained. . . . . . . . . . : Saturday, March 06, 2010 5:48:12 PM <--- This is our lease time we set up
        Lease Expires . . . . . . . . . . : Tuesday, March 09, 2010 10:08:12 PM

I wanted to share this in case you may have a use for it. I've used it in the past, its a little hit or miss on what is supported and how the code is sometimes read. It was recently updated to support the Cisco WLCs show & debug commands

Output Interpreter is a troubleshooting tool that reports potential problems by analyzing supported "show" command output. Output Interpreter supports various "show" command output from your router, switch, PIX/ASA firewall, IOS® wireless access point, or Meeting Place Platform.

The Output Interpreter continues to support new features to better serve you. This month's list of new features includes support for GOLD diagnostics and other outputs, including:

• Cisco 12000 IOS XR Firmware, Hardware and Software Readiness Assessment (Up to version 3.8)
• Wireless LAN Controller - show & debug commands
• GOLD diagnostics - show diagnostic result
• ASA Commands - show tech-support, show running-config

https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl