[c-nsp] unwanted "arp reply" traffic at IX

Daniel Roesen dr at cluenet.de
Sat Nov 17 18:33:55 EST 2007


On Sat, Nov 17, 2007 at 10:33:43PM +0100, Daniel Roesen wrote:
> At least it's configurable on global level, unlike "no ip proxy-arp"
> and "no ip redirects" (and others). :-(

Slightly correcting myself here:

there is "ip arp proxy disable" in some newer IOS trains which disables
proxy-arp globally, and unfortunately overrides any interface
configuration. So if you use this one, you cannot enable proxy-arp for
a specific interface again.

This is comparable to global "no cdp run" vs. the interface-level
"(no) cdp enable".

Unfortunately, "sh ip int" output is wrong:

Router#sh run | i prox         
ip arp proxy disable
Router#sh run int g0/1 | i prox
Router#sh ip int g0/1 | i Prox
  Proxy ARP is enabled

I've verified that proxy ARP is actually disabled. Just opened a
TAC case for that.

Also, "ip arp proxy disable" is - contrary to docs - not available in
12.2S (I tested on 12.2(25)S14 on 7500), but only 12.2SB (tested on
12.2(31)SB*).

Best regards,
Daniel


-- 
CLUE-RIPE -- Jabber: dr at cluenet.de -- dr at IRCnet -- PGP: 0xA85C8AA0


More information about the cisco-nsp mailing list