Date: Thu, 26 Sep 1996 02:31:19 +0930 (CST) From: Peter Childs <pjchilds@imforei.apana.org.au> To: dwhite@resnet.uoregon.edu, freebsd-questions@freebsd.org, hmmm@alaska.net, sa-feeds@tierzero.apana.org.au Subject: Re: Private network & routing to the internet via PPP w/one IP Message-ID: <199609251701.CAA00429@al.imforei.apana.org.au>
next in thread | raw e-mail | index | archive | help
: > reading iijPPP docs, i see that it does arp proxying. isn't this
: > good enough? do you still need SOCKS or other stuff?
: I've never gotten that to work, although I've never seen any documentation
: on it.
Proxy arp is not really like "proxying" as in "web-proxy's"
"ftp proxies" or sock's if'ied stuff.
The idea behind proxy arp is consider that your "tun0" interface has
a IP address. Your "ARP" table has a list of IP address to MAC
addresses (used in ethernet). A sample of this might be...
pasa: {1} arp -a
tierzero.apana.org.au (203.14.158.1) at 0:40:33:36:3d:b7
chuckie.apana.org.au (203.14.158.8) at 0:c0:58:21:f:67
Consider the situation where these three machines are on a
class C subnet (ie 255 addresses) and the machine "pasa" has
38 dialup serial connections.
A user connects with ppp to "pasa" and is assigned the IP
address anywhere between 203.14.158.20 and 203.14.158.60
dynamically.... (lets say it gets 203.14.158.25)
Now say a packet arrives at "tierzero" (which connects via
some other point-to-point link to another network) destined
for 203.14.158.25. Tierzero knows its IP address is
on a class C to which 203.14.158.25 belongs... so it can
"broadcast" a request to see if it can find some interface
on that class C that is 203.14.158.25.
The broadcast goes out.. and nothing comes back. But we
want the packet to get to the right spot (pasa) so it can
be delivered... we can do this by
1) adding a static route to all machines saying "if you
want to reach 203.14.158.20 then route the packet to
"pasa". this suxs :)
2) add a "proxy arp" entry on pasa so that when a broadcast
for 203.14.158.20 goes out pasa screams out "thats me..
send it here". Once the packet arrives at pasa's
ethernet interface it can get passed on without any
problems...
ijppp as a server supports adding these proxy entries
automatically, and deleting them when the ppp session
terminates... this proxy arp setting would then
be visable like such...
pasa: {4} arp -a
tierzero.apana.org.au (203.14.158.1) at 0:40:33:36:3d:b7
chuckie.apana.org.au (203.14.158.8) at 0:c0:58:21:f:67
async-5.pasa.apana.org.au (203.14.158.25) at 0:40:33:33:c9:37
The thing to note here is that the MAC address 0:40:33:33:c9:37
is actually pasa's ethernet interface MAC address. In this
way it is "proxy'ing" arp for the machine at the other
end of the ijppp session (ie async-5.pasa.apana.org.au)
Hope this helps.
Peter
--
Peter Childs --- http://www.imforei.apana.org.au/~pjchilds
Finger pjchilds@al.imforei.apana.org.au for public PGP key
Drag me, drop me, treat me like an object!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609251701.CAA00429>