From owner-freebsd-net@FreeBSD.ORG Mon Aug 13 18:43:28 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2963216A41B for ; Mon, 13 Aug 2007 18:43:28 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from mail-out4.apple.com (mail-out4.apple.com [17.254.13.23]) by mx1.freebsd.org (Postfix) with ESMTP id 123CA13C469 for ; Mon, 13 Aug 2007 18:43:28 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from relay6.apple.com (relay6.apple.com [17.128.113.36]) by mail-out4.apple.com (Postfix) with ESMTP id E8AB6EC0C30; Mon, 13 Aug 2007 11:43:27 -0700 (PDT) Received: from relay6.apple.com (unknown [127.0.0.1]) by relay6.apple.com (Symantec Mail Security) with ESMTP id D12641018B; Mon, 13 Aug 2007 11:43:27 -0700 (PDT) X-AuditID: 11807124-a87bebb0000007f3-ac-46c0a64f6f71 Received: from [17.214.13.96] (cswiger1.apple.com [17.214.13.96]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by relay6.apple.com (Apple SCV relay) with ESMTP id C34931011B; Mon, 13 Aug 2007 11:43:27 -0700 (PDT) In-Reply-To: <46C06C02.5090908@ide.resurscentrum.se> References: <46C06C02.5090908@ide.resurscentrum.se> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <8B0BAE02-4E6C-418C-AB7A-568B44B4CA41@mac.com> Content-Transfer-Encoding: 7bit From: Chuck Swiger Date: Mon, 13 Aug 2007 11:43:26 -0700 To: Jon Otterholm X-Mailer: Apple Mail (2.752.2) X-Brightmail-Tracker: AAAAAA== Cc: freebsd-net@freebsd.org Subject: Re: proxy-arp X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Aug 2007 18:43:28 -0000 On Aug 13, 2007, at 7:34 AM, Jon Otterholm wrote: > I have a problem with proxy-arp entries. > > If I add an arp-entry: > > arp -s $hostip $routermac permanent pub only > > the router sends an arp and replies to it's own arp like: > > 15:40:02.074419 arp who-has $hostip tell $hostip > 15:40:02.074663 arp reply $hostip is-at $routermac (oui Unknown) > > This is a problem because some clients interpret this as an ip- > address conflict. Are you sure that your router is issuing the ARPOP_REQUESTS? Is the entry you've published already listed in "arp -a"? > In my case the router answers for arp on a bridge where all clients > have their own member-interface and clients are prohibited to talk > directly to each other. > > Have I completely misunderstood the proxy-arp function? IMHO the > router should only answer to arp for $hostip to other clients than > the one that actually have the ip-address. I use proxy-arp where I've got a router running IPFW which needs to forward some IPs on the external/routable subnet to internal RFC-1918 addresses via NAT. I don't use the "only" keyword, but do use "permanent pub". -- -Chuck