From mboxrd@z Thu Jan 1 00:00:00 1970 From: gypsy Date: Mon, 20 Feb 2006 18:49:09 +0000 Subject: Re: [LARTC] Proxy ARP and UDP Message-Id: <43FA0F25.93FC4722@iswest.com> List-Id: References: <925A849792280C4E80C5461017A4B8A20320BA@mail733.InfraSupportEtc.com> In-Reply-To: <925A849792280C4E80C5461017A4B8A20320BA@mail733.InfraSupportEtc.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Greg Scott wrote: > I have 2 relevant interfaces. eth0 is external, eth1 is internal. My > internal LAN is 10.10.10.0/24. My External range is 1.2.3.0/27 (dummied > up). I have an H.323 videoconference device inside my internal LAN, but > at IP Address 1.2.3.11/27. (IP Address dummied up.) I want to proxy > ARP this device. > > My questions - was proxy ARP broken in the 2.4.27 days? Why doen't > tcpdump show me packets on both interfaces of the firewall? Am I > missing a setup ingredient someplace? Should the default GW on that > H.323 device be .2 (the firewall) or .1 (the Internet router)? Does > mixing NAT and proxy ARP create problems? Should I put the H.323 device > in its own little DMZ? > > Thanks > > - Greg Scott No, not broken; proxy ARP works fine in 2.4.25 - .32. You should have a look at Martin Brown's proxy ARP script http://yesican.chsoft.biz/lartc/proxy-arp.sh and its config file http://yesican.chsoft.biz/lartc/proxy-arp.conf but I bet the problem is rp_filter. -- gypsy _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc