From mboxrd@z Thu Jan 1 00:00:00 1970 From: Martin Volf Date: Wed, 22 Dec 2004 18:01:16 +0000 Subject: Re: [LARTC] Is 'publish' proxy arp still broken ? Message-Id: <41C9B66C.5090201@inv.cz> List-Id: References: <09c301c4e79c$4b721a60$da529145@mtbrook.bozemanpass.com> In-Reply-To: <09c301c4e79c$4b721a60$da529145@mtbrook.bozemanpass.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org David Boreham wrote: ... > There seem to be a number of preconditions that > must be met before the arp...pub form of proxy arp > will work. If these conditions are not met the kernel > silently fails to answer the arp request (as oposed to > for example the user seeing an error message when > they run the user-space program). > > First, the /proc/sys/net/ipv4/conf//proxy_arp > must be enabled on the interface where you desire > arp responses to be sent. ... I don't have this enabled and the syntax "arp -i eth0 -Ds 1.2.3.4 eth0 pub" is working as expected. With /proc/.../proxy_arp enabled it seems that linux answers arp request for all ip addresses, which are routed to other interfaces, e.g. with this routing table: 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0 it answers arp request on eth1 for _all_ foreign ip addresses except 192.168.1.0/24. I saw it once, when a machine with ms windows was trying to find out its ip address from dhcp server, which I didn't have. It didn't get any and was trying to find unused one from the subnet 169.254.0.0/16 (link local addresses, RFC 3330) - it didn't succeed, because my linux router, which had /proc/.../proxy_arp enabled, answered all arp requests for this subnet... -- Martin _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/