From owner-freebsd-net@FreeBSD.ORG Fri Mar 19 00:45:54 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6AB6816A4CE for ; Fri, 19 Mar 2004 00:45:54 -0800 (PST) Received: from tigra.ip.net.ua (tigra.ip.net.ua [82.193.96.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BD6343D48 for ; Fri, 19 Mar 2004 00:45:53 -0800 (PST) (envelope-from ru@ip.net.ua) Received: from heffalump.ip.net.ua (heffalump.ip.net.ua [82.193.96.213]) by tigra.ip.net.ua (8.12.10/8.12.9) with ESMTP id i2J8oTCP050317 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 19 Mar 2004 10:50:31 +0200 (EET) (envelope-from ru@ip.net.ua) Received: (from ru@localhost) by heffalump.ip.net.ua (8.12.11/8.12.11) id i2J8jdtA018921; Fri, 19 Mar 2004 10:45:39 +0200 (EET) (envelope-from ru) Date: Fri, 19 Mar 2004 10:45:39 +0200 From: Ruslan Ermilov To: Juan Rodriguez Hervella Message-ID: <20040319084539.GF18091@ip.net.ua> References: <200403181712.03629.jrh@it.uc3m.es> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="wtjvnLv0o8UUzur2" Content-Disposition: inline In-Reply-To: <200403181712.03629.jrh@it.uc3m.es> User-Agent: Mutt/1.5.6i X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) cc: freebsd-net@freebsd.org Subject: Re: sysctl -w net.link.ether.inet.proxyall=1 ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Mar 2004 08:45:54 -0000 --wtjvnLv0o8UUzur2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 18, 2004 at 05:12:03PM +0100, Juan Rodriguez Hervella wrote: > What this is used for ? >=20 This is an extension to the ARP proxying feature, allowing you to easily set it up. Normally, to do an ARP proxying, you would need to set up all individual ARP proxy entries (see the arp(8) manpage for details). By turning this sysctl on, you don't need to set up each individual proxy entry. Instead, the host will act as if proxy ARP entry was already set, which some precautions made to ensure that the host acting as a proxy can can really proxy it via some other network interface: - ARP request arrives via Ethernet interface if0, - ARP code determines that the target address is not one of its own, - ARP code looks up a proxy ARP entry, and fails, - arp_proxyall is enabled (otherwise, the processing stops here), - ARP code looks for a route to the destination (from the ARP request), - if interface the request came in from is the same as the route points to, nothing is sent back, - ARP reply is constructed and sent back. Example. - A host is assigned an IP address 10.0.0.1 (with the standard class B netmask) to its Ethernet interface fxp0. - There is a ppp(8) session established over the tun0 interface with the remote end assigned the 10.0.0.2 IP address. (There's a host route pointing to 10.0.0.2 through tun0.) - The host is configured to do arp_proxyall. - An ARP request for 10.0.0.2 arrives through fxp0. - The host sends ARP reply back with its own MAC address of fxp0, allowing the LAN machines to talk to the PPP client. Cheers, --=20 Ruslan Ermilov FreeBSD committer ru@FreeBSD.org --wtjvnLv0o8UUzur2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAWrMzUkv4P6juNwoRApbDAJ94nJNGkXuehjErViY484/x8NFGYQCeIQNO 2v+cSxtqW0gHobJz7eHpH5w= =/Lmx -----END PGP SIGNATURE----- --wtjvnLv0o8UUzur2--