On Sun, Feb 24, 2002 at 10:33:28AM -0500, Adrian Chung wrote: > On Sun, Feb 24, 2002 at 10:26:57AM +0100, Bernd Eckenfels wrote: > > In article <20020224004542.GA1783@enfusion-group.com> you wrote: > > >> The magic secret of proxy ARP is that Linux will only proxy if there is > > >> a route to the desired IP address that does not go out the same > > >> interface. So, if you have netmasks set to /24 in your setup, it will > > >> not work. > > > > Actually it will, as long as you have host routes for the hosts on the left > > hand side. [...] > But after a couple of minutes of inactivity, when I try to contact > .195 again, I get absolutely no response, and see no ARP requests even > from .195. > > So I'm not sure what's going on. It answers for the publishing ARP > entries sometimes, but not others. > > I'm going to put .226 on the ISP side and re-arrange the routes to see > if I can diagnose the ARP problems better. So I've changed the setup to look like this: .225 / .226 -- .224 FW .224 -- \ DSL modem -- .128/25 The symptoms I'm seeing are: .225 can resolve .226 via proxy ARP fine everytime it does an ARP request, with no problems. .226 can resolve everything on the right hand side of FW (.225, .128/25) fine everytime. It still cannot ping anything in .128/25 (except for .225) without an unsolicited ARPing first, at which point it can until the ARP cache on the remote machine cleans up. I don't know how to explain that one. I would assume that if I ping say .195, .195 would either have .224's MAC address in its ARP cache and attempt to send echo replies directly there, or it would send another ARP query out for .226, which I never see on the wire. My confusion increases because as I've mentioned before, when I do an unsolicited ARP reply, or request with .226 as the source, and directed at either .255 or .195, I can once again ping .195 for a short time afterwards. Any ideas? It seems like it might be something to do with the underlying infrastructure between me and the ISP. But there are other boxes on the .128/25 ISP subnet, that are running Linux, and exhibit the same behaviour. -- Adrian Chung (adrian at enfusion-group dot com) http://www.enfusion-group.com/~adrian GPG Fingerprint: C620 C8EA 86BA 79CC 384C E7BE A10C 353B 919D 1A17 [toad.enfusion-group.com] up 22:35, 11 users, load average: 0.01 - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
