problem with proxy-arp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello everyone,

I have the following network setup:

machine A<---->RouterA<---CIPE VPN--->RouterB<--->MachineB

machineA & Router A are in LAN A and machine B & router B are in LAN B

-Router A has interfaces eth0,eth1 and vpn interface 'cipcb0'
-Router B also has eth0,eth1, and cipcb0
-Gateway of machine A is cipcb0
-Gateway of machine B is not any interface in Router B

machine A wants to access machine B, so i have decided to use proxy-arp
approach by reserving one IP address in range of LANB to use for proxy-arp
in the Router B.
The idea is that when a packet from A reaches Router B, it is SNATed to that
reserved IP address (call it 10.10.10.10)
So machine B will receive the packet as if it coming from 10.10.10.10( in
LAN B=10.10.10.0/24)
When machine B replies, its arp request broadcast will be answered by Router
B (with proxy-arp entry /sbin/arp -i eth1 -Ds 10.10.10.10 eth1 pub).

However, the situation is that when i do the tcpdump on Router B, i observe
the following
12:02:56.227511 10.10.10.10 > 10.10.10.5: icmp: echo request (DF)
12:02:56.227649 arp who-has 10.10.10.10 tell 10.10.10.5
12:02:57.226258 10.10.10.10 > 10.10.10.5: icmp: echo request (DF)
12:02:57.226399 arp who-has 10.10.10.10 tell 10.10.10.5
12:02:58.227317 10.10.10.10 > 10.10.10.5: icmp: echo request (DF)
12:02:58.227452 arp who-has 10.10.10.10 tell 10.10.10.5

where machine B = 10.10.10.5

According to this tcpdump i suspect that my proxy-arp configurations are not
working i.e. routerB doesn't accept arp request for 10.10.10.10.
Where can be the problem then? What i know is that for proxy-arp i only have
to execute one line "/sbin/arp -i eth1 -Ds 10.10.10.10 eth1 pub". Is there
some more commands i should do? Or is the vpn interface (cipcb0) causing the
problems?

Please advice,

Thanks,
Steven

<<attachment: winmail.dat>>


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux