All of lore.kernel.org
 help / color / mirror / Atom feed
From: Joseph Watson <jtwatson@datakota.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Proxy Arp question
Date: Fri, 02 May 2003 04:18:22 +0000	[thread overview]
Message-ID: <marc-lartc-105184920302860@msgid-missing> (raw)

Hello,

I have been digging around for a while trying to get a good understanding of 
how to configure linux to do proxy arp.  I understand the conncept well 
(there is lots of info on this), but am struggling to get a clear 
understanding of implimenting it on linux. 

First question:
Is the following possible, or does the firewall have to have a address on 
192.168.1.0/24 network??  My thought was I could add a route on eth0 to the 
192.168.1.0/24 network, and a route on eth1 to the host 192.168.1.2 and then 
turn on proxy arp.

    192.168.1.0/24
              |
   eth0: 192.168.2.1
        Firewall
   eth1: 192.168.3.1
              |
      192.168.1.2


Second question:
I have been using Shorewall as a firewall, and it comes with proxyarp 
capability.  Here is the working configuration of my firewall using proxy 
arp:

    192.168.1.0/24
              |
   eth0: 192.168.1.1
        Firewall
   eth1: 192.168.3.1
              |
      192.168.1.2

There are the following routes:
 192.168.1.2 dev eth1  scope link
 192.168.1.0/24 dev eth0  scope link

This makes sence.  Where I am confused is when I check the proxy_arp settings:

[]# cat /proc/sys/net/ipv4/conf/eth0/proxy_arp
0
[]# cat /proc/sys/net/ipv4/conf/eth1/proxy_arp
1
[]#

Why is proxy_arp not turned on for eth0??  Every howto I can find says to turn 
on proxy_arp for both interfaces.  

Thanks for any help.

-- 
Regards

Joseph Watson
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

             reply	other threads:[~2003-05-02  4:18 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-05-02  4:18 Joseph Watson [this message]
2003-05-02  7:31 ` [LARTC] Proxy Arp question christopher cuse
2003-05-03  5:02 ` Joseph Watson
2003-05-03  7:35 ` christopher cuse
2003-05-03 15:27 ` Joseph Watson
2003-05-04 18:53 ` Don Cohen
2003-05-04 19:41 ` christopher cuse
2003-05-04 20:56 ` Martin A. Brown
2003-05-04 22:53 ` Joseph Watson
2003-05-04 23:15 ` Martin A. Brown
2003-05-06  0:15 ` Joseph Watson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-105184920302860@msgid-missing \
    --to=jtwatson@datakota.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.