[c-nsp] Proxy arp weirdness? I'm scared!

Joseph Jackson JJackson at aninetworks.com
Tue Oct 24 19:17:49 EDT 2006 

Hey Mike: 

> -----Original Message-----
> From: Michael K. Smith - Adhost [mailto:mksmith at adhost.com] 
> Sent: Tuesday, October 24, 2006 3:42 PM
> To: Joseph Jackson; cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Proxy arp weirdness? I'm scared!
> 
> Hello Joseph:
> 
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Joseph Jackson
> Sent: Tuesday, October 24, 2006 2:05 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Proxy arp weirdness? I'm scared!
> 
> Hey all,
> 
> 	I was doing a couple scans of some of our subnets today 
> when I noticed that if I ping a subnet address such as 
> 10.32.0.0 I get a reply.
> As shown below,
> 
> N:\>ping 10.32.0.0
> 
> Pinging 10.32.0.0 with 32 bytes of data:
> 
> Reply from 10.224.8.18: bytes=32 time=16ms TTL=253 Reply from 
> 10.224.8.18: bytes=32 time=16ms TTL=253 Reply from 
> 10.224.8.18: bytes=32 time=18ms TTL=253 Reply from 
> 10.224.8.18: bytes=32 time=16ms TTL=253
> 
> Ping statistics for 10.32.0.0:
>     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 
> Approximate round trip times in milli-seconds:
>     Minimum = 16ms, Maximum = 18ms, Average = 16ms
> 
> N:\>
> 
> 
> 
> Now that 10.224.8.18 address is of course the interface on 
> the router for the 10.32/16 subnet.  What is really weird is 
> that the pings only work from certain machines.  My machine 
> it works but a coworkers sitting next to me doesn't.  Any ideas? 
> 
> ------
> 
> If you are on the local segment and ping the network or 
> broadcast address you *should* get responses from any device 
> on that network.  If you ping those addresses from a machine 
> not on the same network, the router responds (if it is 
> configured to allow it), but you don't get all the machines 
> on that segment (hopefully, anyway, if you have no 
> ip-directed broadcast on your interfaces)
> 
> As for machine to machine variance, are they on the same 
> network?  Do they have the same firewall configuration, 
> either local to the machine or on an intermediate device?
> 
> Mike
> 




The machines are on the same local subnet which is why I thought it was
odd.  I have 3 machines at my desk and only 1 gets ping replies.   I
remoted to a few of our machines on differnet subnets and it happens
there too where a few machines will get replys from the machine but a
few don't.  Would turning off proxy arp on all the interfaces take care
of this issue?

More information about the cisco-nsp mailing list