On Friday May 2 2003 03:30 am, you wrote: > Hi Joseph, > > In order to set proxy_arp, and lots of other great stuff, check out > > [root@xxxx etc]# man sysctl > <snip> > > [root@xxxx etc]# sysctl -a | grep proxy_arp > net.ipv4.conf.ppp1.proxy_arp = 0 > net.ipv4.conf.ppp0.proxy_arp = 0 > net.ipv4.conf.eth1.proxy_arp = 0 > net.ipv4.conf.eth0.proxy_arp = 0 > net.ipv4.conf.lo.proxy_arp = 0 > net.ipv4.conf.default.proxy_arp = 0 > net.ipv4.conf.all.proxy_arp = 0 > snip..... Here is the settings on my firewall: [jtwatson]# sysctl -a | grep proxy_arp net.ipv4.conf.ipsec0.proxy_arp = 0 net.ipv4.conf.eth3.proxy_arp = 0 net.ipv4.conf.eth1.proxy_arp = 1 net.ipv4.conf.eth0.proxy_arp = 0 net.ipv4.conf.lo.proxy_arp = 0 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.all.proxy_arp = 0 Only eth1 has proxy_arp on, but as described earlier, this machine is working correctly. I have servers in my dmz (eth1) that are on the same network as my wan (eth0) and proxy_arp is doing its job. Why do all the howto's say to turn on proxy_arp on both interfaces, and I have working proof that is not the case. Maybe I am missing something else?? Bottom line is I am trying to understand in detail how the kernel need to be configured. I don't like to just make it work, and not understand why it is working. -- Regards Joseph Watson
