Re: [LARTC] Proxy Arp question

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Joseph,

In order to set proxy_arp, and lots of other great stuff, check out

[root@xxxx etc]# man sysctl
<snip>

[root@xxxx etc]# sysctl -a | grep proxy_arp
net.ipv4.conf.ppp1.proxy_arp = 0
net.ipv4.conf.ppp0.proxy_arp = 0
net.ipv4.conf.eth1.proxy_arp = 0
net.ipv4.conf.eth0.proxy_arp = 0
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.proxy_arp = 0

so now, add the the line 

net.ipv4.conf.all.proxy_arp = 1

to your /etc/sysctl.conf file and it will loaded each time your network
starts. This is also a good place to add net.ipv4.ip_forward = 1 as
well.

Hope this helps.

Cheers

Christopher CUSE



On Fri, 2003-05-02 at 06:18, Joseph Watson wrote:
> Hello,
> 
> I have been digging around for a while trying to get a good understanding of 
> how to configure linux to do proxy arp.  I understand the conncept well 
> (there is lots of info on this), but am struggling to get a clear 
> understanding of implimenting it on linux. 
> 
> First question:
> Is the following possible, or does the firewall have to have a address on 
> 192.168.1.0/24 network??  My thought was I could add a route on eth0 to the 
> 192.168.1.0/24 network, and a route on eth1 to the host 192.168.1.2 and then 
> turn on proxy arp.
> 
>     192.168.1.0/24
>               |
>    eth0: 192.168.2.1
>         Firewall
>    eth1: 192.168.3.1
>               |
>       192.168.1.2
> 
> 
> Second question:
> I have been using Shorewall as a firewall, and it comes with proxyarp 
> capability.  Here is the working configuration of my firewall using proxy 
> arp:
> 
>     192.168.1.0/24
>               |
>    eth0: 192.168.1.1
>         Firewall
>    eth1: 192.168.3.1
>               |
>       192.168.1.2
> 
> There are the following routes:
>  192.168.1.2 dev eth1  scope link
>  192.168.1.0/24 dev eth0  scope link
> 
> This makes sence.  Where I am confused is when I check the proxy_arp settings:
> 
> []# cat /proc/sys/net/ipv4/conf/eth0/proxy_arp
> 0
> []# cat /proc/sys/net/ipv4/conf/eth1/proxy_arp
> 1
> []#
> 
> Why is proxy_arp not turned on for eth0??  Every howto I can find says to turn 
> on proxy_arp for both interfaces.  
> 
> Thanks for any help.
> 
> -- 
> Regards
> 
> Joseph Watson
> _______________________________________________
> LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux