From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joseph Watson Date: Fri, 02 May 2003 04:18:22 +0000 Subject: [LARTC] Proxy Arp question Message-Id: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Hello, I have been digging around for a while trying to get a good understanding of how to configure linux to do proxy arp. I understand the conncept well (there is lots of info on this), but am struggling to get a clear understanding of implimenting it on linux. First question: Is the following possible, or does the firewall have to have a address on 192.168.1.0/24 network?? My thought was I could add a route on eth0 to the 192.168.1.0/24 network, and a route on eth1 to the host 192.168.1.2 and then turn on proxy arp. 192.168.1.0/24 | eth0: 192.168.2.1 Firewall eth1: 192.168.3.1 | 192.168.1.2 Second question: I have been using Shorewall as a firewall, and it comes with proxyarp capability. Here is the working configuration of my firewall using proxy arp: 192.168.1.0/24 | eth0: 192.168.1.1 Firewall eth1: 192.168.3.1 | 192.168.1.2 There are the following routes: 192.168.1.2 dev eth1 scope link 192.168.1.0/24 dev eth0 scope link This makes sence. Where I am confused is when I check the proxy_arp settings: []# cat /proc/sys/net/ipv4/conf/eth0/proxy_arp 0 []# cat /proc/sys/net/ipv4/conf/eth1/proxy_arp 1 []# Why is proxy_arp not turned on for eth0?? Every howto I can find says to turn on proxy_arp for both interfaces. Thanks for any help. -- Regards Joseph Watson _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/