From owner-freebsd-net@FreeBSD.ORG Thu Oct 25 19:31:52 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7F93B16A41A for ; Thu, 25 Oct 2007 19:31:52 +0000 (UTC) (envelope-from Stephen.Clark@seclark.us) Received: from smtpauth01.prod.mesa1.secureserver.net (smtpauth01.prod.mesa1.secureserver.net [64.202.165.181]) by mx1.freebsd.org (Postfix) with SMTP id 10C6513C4B7 for ; Thu, 25 Oct 2007 19:31:50 +0000 (UTC) (envelope-from Stephen.Clark@seclark.us) Received: (qmail 28127 invoked from network); 25 Oct 2007 19:31:50 -0000 Received: from unknown (24.144.77.243) by smtpauth01.prod.mesa1.secureserver.net (64.202.165.181) with ESMTP; 25 Oct 2007 19:31:49 -0000 Message-ID: <4720EF25.1050500@seclark.us> Date: Thu, 25 Oct 2007 15:31:49 -0400 From: Stephen Clark User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.16-22smp i686; en-US; m18) Gecko/20010110 Netscape6/6.5 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Peter Jeremy References: <471F8C41.7030503@seclark.us> <20071025190736.GE70883@server.vk2pj.dyndns.org> In-Reply-To: <20071025190736.GE70883@server.vk2pj.dyndns.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: proxy arp on 6.1 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Stephen.Clark@seclark.us List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Oct 2007 19:31:52 -0000 Peter Jeremy wrote: >On Wed, Oct 24, 2007 at 02:17:37PM -0400, Stephen Clark wrote: > > >>I must be doing something wrong. I can't seem to get proxy arp to work. Is >>there some magic. >> >> > >I've been using proxy ARP on FreeBSD between 4.x and 6.2 without problems >(though I think I skipped 6.1). > > > >>I have the following setup isp router 205.x.x.1 <-> 205.x.x.100/25 rl1 >>freebsd vr0 205.x.x.129/25 >><-> 205.x.x.193/25 >>arp -an >>(205.x.x.1) at 00:13:7f:5a:b5:50 on rl1 [ethernet] >>(205.x.x.193) at 00:30:18:a3:44:2d on vr0 permanent published (proxy only) >>[ethernet] >> >>tcpdump >>13:09:51.386793 arp who-has 205.x.x.193 tell 205.x.x.1 >> >> > >Which interface is being dumped and what does 'ifconfig vr0' show? >If you are dumping the rl0 interface then my suspicion is that the >subnet on 205.x.x.1 is wrong: 205.x.x.193 is not the same subnet >as 205.x.x.1/25 so 205.x.x.1 should not be doing ARP requests for >it, it should be accessing it via a gateway (router). > > > My understanding of proxy-arp, and how I have used it in the past, is that since my freebsd system is in the middle of the 2 subnets and I tell it to proxy arp for the ip 201.x.x.193 host on the vr0 interface that is should send an arp reply to 201.x.x.1 on the rl1 interface that says send the packet to me I know how to forward it to 201.x.x.193. I found a person on the freebsd questions list who was having the same problem. He solved by bridging the two interfaces, which I have done also since I can't seem to make proxy arp work either. See the following link for more details on proxy arp and why you would want to use. http://www.cisco.com/warp/public/105/5.html -- "They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin) "The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson)