From: gypsy <gypsy@iswest.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Is 'publish' proxy arp still broken ?
Date: Wed, 22 Dec 2004 04:02:18 +0000 [thread overview]
Message-ID: <41C8F1CA.773A31B0@iswest.com> (raw)
In-Reply-To: <09c301c4e79c$4b721a60$da529145@mtbrook.bozemanpass.com>
David Boreham wrote:
>
> Can't get proxy arp with arp -s <IPaddr> <MACaddr> pub
> to work with a 2.4 kernel. I see some evidence in the archive
> that this was broken in the 2.0.x timeframe and never fixed.
>
> Anyone know for sure if it's broken or working ?
It is working if you don't try to pass a MAC:
arp -s IPADDRESS -i INTERFACE -D INTERFACE pub
To delete:
arp -d IPADDRESS -i INTERFACE pub
http://linux-ip.net/html/scripts/proxy-arp
With a proper ip route, it is probably not necessary:
> NS="206.XXX.89.158/32"
> GW="206.XXX.89.153"
> BRD="206.XXX.89.159"
> YIC="206.XXX.89.154/32"
> NEWS="206.XXX.89.155/32"
> SON="206.XXX.89.156/32"
> NOP="206.XXX.89.157/32"
> IFI="eth0"
> IFE="eth1"
> IPNS="206.72.XXX.158"
> ifconfig lo 127.0.0.1
> route add -net 127.0.0.0 netmask 255.0.0.0 lo
> /etc/rc.d/rc.netdevice
> ip link set dev $IFE up
> ip address add dev $IFE local $NS broadcast $BRD
> ip link set dev $IFI up
> ip address add dev $IFI local $NS broadcast $BRD
>
> ip route add $YIC dev $IFI src $IPNS
> ip route add $NEWS dev $IFI src $IPNS
> ip route add $SON dev $IFI src $IPNS
> ip route add $NOP dev $IFI src $IPNS
> ip route add $GW dev $IFE src $IPNS
> ip route add 0/0 via $GW dev $IFE src $IPNS
>
> # we want proxyARP:
> echo 1 >/proc/sys/net/ipv4/conf/$IFE/proxy_arp
> echo 1 >/proc/sys/net/ipv4/conf/$IFI/proxy_arp
>
> # turn on ip forwarding
> echo 1 >/proc/sys/net/ipv4/ip_forward
>
> # Decide what to do about rp_filter.
> # turn on antispoofing protection
> #Off 23Oct04 for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 >$f; done
gypsy
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2004-12-22 4:02 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-21 20:33 [LARTC] Is 'publish' proxy arp still broken ? David Boreham
2004-12-22 4:02 ` gypsy [this message]
2004-12-22 16:09 ` David Boreham
2004-12-22 17:27 ` Martin Volf
2004-12-22 18:01 ` Martin Volf
2004-12-22 18:04 ` David Boreham
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41C8F1CA.773A31B0@iswest.com \
--to=gypsy@iswest.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.