Proxy ARP
YUMI # sh start
!
Written by yumis (milk curry) a.k.a. red hair
Description Welcomes PO, please retain the author information
Homepage
http://www.show-tym.com
Jun.27th.2004
!
What is Proxy ARP?
The Proxy ARP is an ARP request response to another device as a specified device by using a host (usually router).
How does Proxy ARP work?
Device requirements:
Cisco 2500 Series Rourer
Cisco IOS Release 12.2 (10B)
The related pictures of this topic are as follows:
It is assumed that in an environment as shown above, host A (172.16.10.100) located in subnet A (172.16.20.200) is required to send a packet to the host D (172.16.20.200) in the subnet B. So host A will send the ARP request to D. Of course In order to be able to reach the host D, you need to know the MAC address of the host D. Therefore, the host A broadcasts the ARP request on the subnet A it is located, and the general content is as follows:
The related pictures of this topic are as follows:
Of course, the Router's E0 has also received the broadcast, but the ROUTER does not forward broadcast by default, so the ARP request still does not reach the host D. But Router knows that the host D is in another subnet B. So Router Answer your own MAC address Give the host a, as shown below:
The related pictures of this topic are as follows:
Note that the source IP address is the IP address of the host D, but the source MAC address is the MAC address of the Router E0 port. This is sent to the host A Proxy ARP response (agent, middleman). Such Proxy ARP Answer is generally Send to the requester as Unicast (host a)
Host A Receive this Proxy ARP response, start updating your own ARP TABLE, as shown below:
The related pictures of this topic are as follows:
So starting from now, host A will not forward the Packet to the host D through the Router E0 port (00-00-0C-94-36-AB), because Router knows how to reach the host D, it will forward the packet to the host Di
In addition, ARP Cache in the host of subnet A, as shown below:
The related pictures of this topic are as follows:
Note the above figure, 3 IP addresses are mapped to 1 MAC address (the MAC address of the Router E0), which means that you are using Proxy ARP
Cisco's Router interface should be configured to receive and answer proxy arp, of course, this default is enabled, but you can use some commands to close this feature, the command is as follows:
Router # config t
ENTER Configuration Commands, One Per Line. End with CNTL / Z.
Router (config) #int E 0
Router (config-if) #NO IP proxy-arp
ROUTER (config-if) # ^ z
Router #
To enable it again, use the ip proxy-arp command in interface configuration mode.
What are the advantages of Proxy ARP?
One of the main advantages is that it is possible to add a new Router on the network without affecting the routing table of other Router, which makes the subnet change to the host transparent
Proxy ARP should be used on the network that does not configure the default gateway or no routing policy.
Which negative impacts bringing PROXY ARP?
1. Added ARP traffic on a certain network segment
2. The host requires a larger ARP TABLE to process the IP address to the MAC address mapping
3. Safety issues, such as ARP spoof (spoofing)
4. Will not resolve the address of the address without using ARP
5. Cannot sum up and promote network topology
Some references: RFC 925 and RFC 1027
FIN