From: "Martin A. Brown" <mabrown-lartc@securepipe.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Enabling Proxy Arp
Date: Thu, 03 Apr 2003 13:28:22 +0000 [thread overview]
Message-ID: <marc-lartc-104937658205498@msgid-missing> (raw)
In-Reply-To: <marc-lartc-104936452525607@msgid-missing>
Nikolaos,
: I have read the section
: http://lartc.org/howto/lartc.bridging.proxy-arp.html . I configured my
: two ethernet devices with the same ip address . Should i configure them
: with a specific command ?
:
: I used : ifconfig eth0 192.168.47.104 netmask 255.255.255.0
: ifconfig eth1 192.168.47.104 netmask 255.255.255.0
:
: I tried to configure them with ip also .
You don't need to use the same IP on both interfaces, but I don't see a
problem if you do so.
<snip/>
: I checked for support in kernel
: # dmesg |grep ip_
: ip_conntrack version 2.1 (4095 buckets, 32760 max) - 292 bytes per conntrack
: ip_tables: (C) 2000-2002 Netfilter core team
: Is there any specific kernel option for proxy-arp ?
OK, so there's not much here, but you may find the tidbit you seek here:
http://linux-ip.net/html/ether-arp.html#ether-arp-proxy
See also Julian's remarks (this includes comments on medium_id, which you
don't need), which should give you a good idea of how to perform proxy ARP
with the kernel.
http://www.ssi.bg/~julian/#medium_id
Or, if you don't want the kernel to perform proxy ARP, you can use this
technique, which employs /sbin/arp directly to add proxy ARP entries:
http://linux-ip.net/html/adv-proxy-arp.html
The benefit of manual proxy ARP entries is a very fine-grained control
over which machines are visible to each side of your proxy ARP'ing router.
: then i tried to enable proxy arp with :
: echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
: echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp
: but proxy_arp remains 0 , whatever i do .
This is exactly what you wish to do, but you forgot one other sysctl:
echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp
See Oskar Andreasson's sysctl tutorial for some more details on how to use
the net/ipv4/conf sysctl variables.
http://ipsysctl-tutorial.frozentux.net/
Best of luck,
-Martin
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
prev parent reply other threads:[~2003-04-03 13:28 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-03 10:07 [LARTC] Enabling Proxy Arp nkef
2003-04-03 13:28 ` Martin A. Brown [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-104937658205498@msgid-missing \
--to=mabrown-lartc@securepipe.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.