[c-nsp] ARP entries from another subnet
Vincent De Keyzer
vincent at dekeyzer.net
Wed May 31 08:55:59 EDT 2006
Well, I thought about proxy-arp.
But if it was proxy-arp, I would have seen Ra's MAC address in Ha's ARP
table... and what I was seeing was Hb's MAC address!
At least that's what I understand from Proxy ARP as described by Cisco at
http://www.cisco.com/warp/public/105/5.html.
Vincent
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Jared Mauch
> Sent: mardi 30 mai 2006 14:04
> To: Vincent De Keyzer
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] ARP entries from another subnet
>
> You may want to disable proxy-arp on
> your interfaces.
>
> int fastethernet x/y
> no ip proxy-arp
>
> - jared
>
> On Mon, May 29, 2006 at 05:00:31PM +0200, Vincent De Keyzer wrote:
> > Hello,
> >
> >
> >
> > I have the following weird situation:
> >
> > * two LANs, A and B
> >
> > * LAN A has IP 10.1.1.0/24
> >
> > * LAN B has IP 10.2.2.0/24
> >
> > * def. gateway for LAN A is router Ra = 10.1.1.1
> >
> > * def. gateway for LAN B is router Rb = 10.2.2.1
> >
> > * Ra and Rb are connected together via a network (cloud)
> >
> > * host Ha = 10.1.1.10 is on LAN A
> >
> > * host Hb = 10.2.2.10 is on LAN B
> >
> >
> >
> > Now, something went wrong and LAN A and LAN B ended up connected
> together
> > (say: a UTP cable between the two switches).
> >
> >
> >
> > Within the ARP table of Ha, there was an entry for 10.2.2.10 ! So to
> reach
> > Hb, it would go directly instead of using its default gateway (Ra).
> >
> >
> >
> > How did this ARP entry arrive in there?
> >
> >
> >
> > Vincent
> >
> >
> >
> > PS: Ha is a Catalyst 2950.
> >
> >
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> --
> Jared Mauch | pgp key available via finger from jared at puck.nether.net
> clue++; | http://puck.nether.net/~jared/ My statements are only
> mine.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list