From owner-freebsd-questions Wed Sep 25 10:03:10 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA06262 for questions-outgoing; Wed, 25 Sep 1996 10:03:10 -0700 (PDT) Received: from al.imforei.apana.org.au (pjchilds@al.imforei.apana.org.au [202.12.89.41]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA05680 for ; Wed, 25 Sep 1996 10:01:53 -0700 (PDT) Received: (from pjchilds@localhost) by al.imforei.apana.org.au (8.7.6/8.7.3) id CAA00429; Thu, 26 Sep 1996 02:31:19 +0930 (CST) Date: Thu, 26 Sep 1996 02:31:19 +0930 (CST) From: Peter Childs Message-Id: <199609251701.CAA00429@al.imforei.apana.org.au> To: dwhite@resnet.uoregon.edu, freebsd-questions@freebsd.org, hmmm@alaska.net, sa-feeds@tierzero.apana.org.au Subject: Re: Private network & routing to the internet via PPP w/one IP X-Newsreader: TIN [version 1.2 PL2] Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk : > reading iijPPP docs, i see that it does arp proxying. isn't this : > good enough? do you still need SOCKS or other stuff? : I've never gotten that to work, although I've never seen any documentation : on it. Proxy arp is not really like "proxying" as in "web-proxy's" "ftp proxies" or sock's if'ied stuff. The idea behind proxy arp is consider that your "tun0" interface has a IP address. Your "ARP" table has a list of IP address to MAC addresses (used in ethernet). A sample of this might be... pasa: {1} arp -a tierzero.apana.org.au (203.14.158.1) at 0:40:33:36:3d:b7 chuckie.apana.org.au (203.14.158.8) at 0:c0:58:21:f:67 Consider the situation where these three machines are on a class C subnet (ie 255 addresses) and the machine "pasa" has 38 dialup serial connections. A user connects with ppp to "pasa" and is assigned the IP address anywhere between 203.14.158.20 and 203.14.158.60 dynamically.... (lets say it gets 203.14.158.25) Now say a packet arrives at "tierzero" (which connects via some other point-to-point link to another network) destined for 203.14.158.25. Tierzero knows its IP address is on a class C to which 203.14.158.25 belongs... so it can "broadcast" a request to see if it can find some interface on that class C that is 203.14.158.25. The broadcast goes out.. and nothing comes back. But we want the packet to get to the right spot (pasa) so it can be delivered... we can do this by 1) adding a static route to all machines saying "if you want to reach 203.14.158.20 then route the packet to "pasa". this suxs :) 2) add a "proxy arp" entry on pasa so that when a broadcast for 203.14.158.20 goes out pasa screams out "thats me.. send it here". Once the packet arrives at pasa's ethernet interface it can get passed on without any problems... ijppp as a server supports adding these proxy entries automatically, and deleting them when the ppp session terminates... this proxy arp setting would then be visable like such... pasa: {4} arp -a tierzero.apana.org.au (203.14.158.1) at 0:40:33:36:3d:b7 chuckie.apana.org.au (203.14.158.8) at 0:c0:58:21:f:67 async-5.pasa.apana.org.au (203.14.158.25) at 0:40:33:33:c9:37 The thing to note here is that the MAC address 0:40:33:33:c9:37 is actually pasa's ethernet interface MAC address. In this way it is "proxy'ing" arp for the machine at the other end of the ijppp session (ie async-5.pasa.apana.org.au) Hope this helps. Peter -- Peter Childs --- http://www.imforei.apana.org.au/~pjchilds Finger pjchilds@al.imforei.apana.org.au for public PGP key Drag me, drop me, treat me like an object!