Just trying to learn all I can about the ER605 in standalone.

Looking at the setting, ARP Spoofing Defense, which was enabled by default, and I see it has added some devices to the IP-MAC Binding List. I have about 30 devices on my LAN, and it has added two. What triggered it to add those devices, and not the other ones?

Does ARP Spoofing Defense work on devices not listed in the IP-MAC Binding List, or do I have to add them? I assume if I have to add them, then I should assign a static, or reserve the IP for that device. Correct?

I read about ARP spoofing, and most of what I read says it's really only an issue on the LAN side. Any reason to enable it on the WAN side, which is an option?

Also, is ARP Spoofing Defense really needed in a home, non-business environment? Someone posted on Reddit that a TP-Link tech told them to disable it, which is why I ask.

Thanks!