[LARTC] Does anyone have a working proxyARP setup?

From: gypsy <gypsy@iswest.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Does anyone have a working proxyARP setup?
Date: Sat, 09 Oct 2004 04:41:54 +0000	[thread overview]
Message-ID: <41676C12.72F7D09D@iswest.com> (raw)

If you have a working proxyARP setup, will you please post it?

I've tried to insert a Linux box between the DSL connection and the
switch, but I'm getting nowhere.  Everything works correctly when all
the servers in this network use the switch to get to the DSL.  Any box
directly connected to the DSL also works correctly.

http://www.sjdjweis.com/linux/proxyarp/
makes it sound easy, but none of the machines except the new one can get
out when I set this up.  From any computer except the intended proxyARP
box, 'traceroute -n ANYTHING' stops after the first hop (.96) succeeds;
'ping .97' fails.  I don't know (or care yet) if anything gets in.

(I really have a /29 network, but for consistency I'm showing a /28):
gypsy> ifconfig eth0 x.x.x.96 broadcast x.x.x.111 netmask
255.255.255.240
gypsy> ifconfig eth1 x.x.x.96 broadcast x.x.x.111 netmask
255.255.255.240
gypsy> route add default gw x.x.x.97 metric 1

Weis> # interface definitions
Weis> BAD_IFACE=eth0
Weis> 
Weis> DMZ_IFACE=eth1
Weis> DMZ_ADDR=x.x.x.96/28
Weis> 
Weis> ip route del x.x.x.96/28 dev $BAD_IFACE
Weis> ip route del x.x.x.96/28 dev $DMZ_IFACE
Weis> ip route add x.x.x.97 dev $BAD_IFACE
Weis> ip route add x.x.x.96/28 dev $DMZ_IFACE
Weis> 
Weis> # we need proxy arp for the dmz network
Weis> echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
Weis> echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp
Weis> 
Weis> # turn on ip forwarding
Weis> echo 1 > /proc/sys/net/ipv4/ip_forward

The kernel is 2.4.26, iproute2 is 2-2.6.8
--
Call me stumped,
gypsy
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/