proxy arp on 6.1
Chuck Swiger
cswiger at mac.com
Wed Oct 24 11:56:26 PDT 2007
On Oct 24, 2007, at 11:17 AM, Stephen Clark wrote:
> I must be doing something wrong. I can't seem to get proxy arp to
> work. Is there some
> magic.
>
> I have the following setup isp router 205.x.x.1 <-> 205.x.x.100/25
> rl1 freebsd vr0 205.x.x.129/25
> <-> 205.x.x.193/25
I'm not really sure what you're trying to do from the description above.
> arp -an
> (205.x.x.1) at 00:13:7f:5a:b5:50 on rl1 [ethernet]
> (205.x.x.193) at 00:30:18:a3:44:2d on vr0 permanent published
> (proxy only) [ethernet]
"proxy only" means that you're adding an ARP entry where you've
already got a routing table entry in place. But if you're using the
FreeBSD machine to do routing for these /25 netblocks, then you
shouldn't need to use ARP proxying at all-- just tell the Cisco
router to use 205.x.x.100 as the gateway for 205.x.x.128/25.
> tcpdump
> 13:09:51.386793 arp who-has 205.x.x.193 tell 205.x.x.1
>
> but there is no arp-reply from freebsd.
>
> rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> options=8<VLAN_MTU>
> inet 205.x.x.100 netmask 0xffffff80 broadcast 205.x.x.127
> ether 00:30:18:a3:47:a4
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
One normally uses ARP proxying to convince the ISP's router to send
traffic for machines on a publicly routable subnet to the BSD machine
which then re-writes the incoming traffic via NAT for machines behind
an unroutable RFC-1918 subnet.
--
-Chuck
More information about the freebsd-net
mailing list