Proxy ARP doesn't seem to be working. Please assist.

Proxy ARP doesn't seem to be working. Please assist.

[Aaron Stavens]

Martijn Lievaart over on the netfilter list suggested I post my query
here. I am trying to set up proxy ARP. As far as he can tell, I'm doing
it right, but it is working for neither him nor me. Martijn claims this
method used to work in the 2.2 kernel. Has something changed?

On the proxy arp machine I issue:

    arp -i eth0 -s 10.128.240.1 00:c0:4f:68:ab:e6 pub

and

    arp -i eth0 -Ds 10.128.240.2 eth0 pub

"arp -a" then reports:

    ? (10.128.1.1) at 00:06:53:02:F8:51 [ether] on eth0
    ? (10.128.240.1) at * PERM PUP on eth0
    ? (10.128.240.2) at * PERM PUP on eth0

The "*" instead of eth0's MAC address bothers me, but maybe that is
normal. I don't know.

On a separate machine I then

    ping 10.128.240.1

and

    ping 10.128.240.2

while sniffing the network. In the network trace I see the ARP requests
go out for the two different IP addresses, but not ARP responses come
back. I do not understand why there is no response. Does what I am doing
appear reasonable? Is there some kernel configuration option I must,
well, configure? Is there a /proc setting I need to tweak? What am I
missing?

Martijn also suggested that the proxy ARP server will only respond when
it has a route to the associated IP address. However, he says he tried
it and that didn't work either.

I am using RedHat 9 with a 2.4.23 kernel. I do not know what Martijn is
using.

Thanks,
Aaron Stavens

Re: Proxy ARP doesn't seem to be working. Please assist.

[Martijn Lievaart]

Aaron Stavens wrote:

>Martijn Lievaart over on the netfilter list suggested I post my query
>here. I am trying to set up proxy ARP. As far as he can tell, I'm doing
>  
>

I actually said the net-devel list , not the netfilter-devl list, but 
maybe someone here knows about this too.

>it right, but it is working for neither him nor me. Martijn claims this
>method used to work in the 2.2 kernel. Has something changed?
>  
>

It also may have been the 2.0 kernel, I'm not actually sure anymore.

Cheers and thanks if anyone can solve this.

M4

Re: Proxy ARP doesn't seem to be working. Please assist.

[Balazs Scheidler]

Though very off-topic here, the solution probably is that you need to
have a route pointing to a different interface for the kernel to respond
to a proxy arp request.

E.g. add a route entry for the specific IP address(es) pointing to a
different interface. If you want to process those packets locally
(instead of forwarding it) then configure an alias IP address (using
either the ifconfig eth0:1 trick or using ip addr add)

On Mon, 2005-01-31 at 21:15 +0100, Martijn Lievaart wrote:
> Aaron Stavens wrote:
> 
> >Martijn Lievaart over on the netfilter list suggested I post my query
> >here. I am trying to set up proxy ARP. As far as he can tell, I'm doing
> >  
> >
> 
> I actually said the net-devel list , not the netfilter-devl list, but 
> maybe someone here knows about this too.
> 
> >it right, but it is working for neither him nor me. Martijn claims this
> >method used to work in the 2.2 kernel. Has something changed?
> >  
> >
-- 
Bazsi