[c-nsp] Is proxy-arp evil?
Elmar K. Bins
elmi at 4ever.de
Wed Jul 30 07:05:12 EDT 2008
Re:)
whisper555 at gmail.com (Whisper) wrote:
> There was a big discussion on this list about proxy-arp several months ago.
And I do suppose that's why I find proxy-arp quite suspicious, and why I
asked about someone having a different idea for a solution.
> Do a search for the forums that keep this in forum format to read up about
> it.
I will refresh my memory :)
About Terry's question:
The servers and the service address are NOT on the same subnet,
I must have explained badly.
ISP-to-Router: a.b.c.d/28 (think 192.0.2.0/28)
Router-to-Servers: 192.168.1.0/24
Server Loopback: a.b.c.+3 (think 192.0.2.3)
Yours,
Elmi.
> > +--- [Server]
> >[ISP]---| a.b.c.d/28 |--[Router]--+--- [Server]
> > +--- [Server]
> >
> > 3750#show run | i relevant
> > !
> > interface vlan 10
> > description OUTSIDE
> > ip address a.b.c.+2 255.255.255.240
> > !
> > interface vlan 11
> > description INSIDE
> > ip address 192.168.1.1 255.255.255.0
> > !
> > ip route 0.0.0.0 0.0.0.0 a.b.c.+1
> > ip route a.b.c.+3 255.255.255.255 192.168.1.2
> > ip route a.b.c.+3 255.255.255.255 192.168.1.3
> > ip route a.b.c.+3 255.255.255.255 192.168.1.4
> > !
> > ip cef
> > ip cef load-sharing algorithm tunnel
More information about the cisco-nsp
mailing list