Mike Benoit wrote:
> I'm pretty much shooting in the dark here, and I'm not even sure if I fully
> understand this entire concept with proxy arp.
OK; here's a brief guide to the "auto proxy-ARP" feature:
Suppose that:
1. You have a setup like this which works (this assumes a class C, but
it could be any size):
Internet
|
+---+----+ +-------+ +-------+ +-------+ +-------+
| Router | | Host | | Host | | Host | | Host |
+---+----+ +---+---+ +---+---+ +---+---+ +---+---+
|.1 |.101 |.102 |.201 |.202
---+------------+-----------+-----------+-----------+------ Ethernet
The routing tables would look like:
route add -net x.x.x.0 netmask 255.255.255.0 dev eth0
route add default gw x.x.x.1 # for the hosts, or ...
route add default dev ppp0 # ... for the router (.1)
2. You want to split it into multiple segments, e.g.
Internet
|
+---+----+ +-------+ +-------+ +--------+ +-------+ +-------+
| Router | | Host | | Host | | Router | | Host | | Host |
+---+----+ +---+---+ +---+---+ +-+---+--+ +---+---+ +---+---+
|.1 |.101 |.102 .199| |.200 |.201 |.202
---+------------+-----------+---------+ +----------+-----------+------ Ethernet
but you want the 199/200 router to be "transparent", i.e. all systems
apart from 199/200 (including .1) remain configured for a single
segment.
NB: it doesn't make any difference if there aren't any hosts between
the two routers (e.g. 101, 102 above are absent); this is quite
common.
If 199/200 is configured for auto proxy-ARP on both NICs, then:
1. Any ARP request for 200-254 which is seen on 199 will be answered
from 199 with 199's MAC address.
2. Any ARP request for 1-199 which is seen on 200 will be answered
from 200 with 200's MAC address.
The remaining 2 cases are a consequence of the network topology and
the protocols involved (i.e. you can't change it centrally):
3. Any ARP request for 200-254 which is seen on 200 will be answered
from the host having that IP address with its own MAC address.
4. Any ARP request for 1-199 which is seen on 199 will be answered
from the host having that IP address with its own MAC address.
NB: The router's ARP cache is still going to contain the same
IP/MAC/NIC values that it always would; it wouldn't be able to send
packets without this data. The auto proxy-ARP feature doesn't require
any cache entries; all of the values can be deduced from the NICs
configuration and the routing tables.
--
Glynn Clements <glynn@sensei.co.uk>
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
