diff --git a/src/tcp/quic.rs b/src/tcp/quic.rs
index d22067c..dfb50ec 100644
--- a/src/tcp/quic.rs
+++ b/src/tcp/quic.rs
@@ -9,7 +9,7 @@ use tokio::{sync::mpsc::{Receiver, Sender, channel}};
 use tokio_util::sync::CancellationToken;
 use tracing::{debug, error};
 
-use crate::{ConnectionInfo, ConnectionState, config::{NULL_MAC, TCP_PING_TIME}, get_edge, network::{Node, RegisterSuperFeedback, StartStopInfo, check_peer_registration_needed, handle_packet_peer_info}, pb::{SdlArpResponse, SdlPolicyResponse, SdlRegisterSuper, SdlRegisterSuperAck, SdlRegisterSuperNak, SdlSendRegisterEvent, encode_to_tcp_message}, tcp::{EventType, NakMsgCode, NatType, PacketType, RuleInfo, SdlanTcp, read_a_packet, send_stun_request, set_identity_cache}};
+use crate::{ConnectionInfo, ConnectionState, config::{NULL_MAC, TCP_PING_TIME}, get_edge, network::{ARP_REPLY, ArpHdr, EthHdr, Node, RegisterSuperFeedback, StartStopInfo, check_peer_registration_needed, handle_packet_peer_info}, pb::{SdlArpResponse, SdlPolicyResponse, SdlRegisterSuper, SdlRegisterSuperAck, SdlRegisterSuperNak, SdlSendRegisterEvent, encode_to_tcp_message}, tcp::{EventType, NakMsgCode, NatType, PacketType, RuleInfo, SdlanTcp, read_a_packet, send_stun_request, set_identity_cache}};
 
 static GLOBAL_QUIC_HANDLE: OnceLock<ReadWriterHandle> = OnceLock::new();
 
@@ -190,7 +190,31 @@ async fn handle_tcp_message(msg: SdlanTcp) {
             }
 
             // TODO: construct the arp reply, and write to tun;
+            let src_mac = resp.target_mac.try_into().unwrap();
+            let dst_mac = edge.device_config.get_mac();
+            let dst_ip = edge.device_config.get_ip();
 
+            let hdr = ArpHdr{
+                ethhdr: EthHdr {
+                    dest: dst_mac,
+                    src: src_mac,
+                    eth_type: 0x0806,
+                },
+                hwtype: 0x0001,
+                protocol: 0x0800,
+                hwlen: 6,
+                protolen: 4,
+                opcode: ARP_REPLY,
+                shwaddr: src_mac,
+                sipaddr: [((resp.target_ip >> 16) as u16) & 0xffff, (resp.target_ip as u16) & 0xffff],
+                dhwaddr: dst_mac,
+                dipaddr: [((dst_ip >> 16) & 0x0000ffff) as u16, (dst_ip & 0x0000ffff) as u16]
+            };
+
+            let data = hdr.marshal_to_bytes();
+            if let Err(e) = edge.device.send(&data) {
+                error!("failed to write arp response to device");
+            }
         }
         PacketType::PolicyReply => {
             let Ok(policy) = SdlPolicyResponse::decode(&msg.current_packet[..]) else {