[c-nsp] Is proxy-arp evil?
Rodney Dunn
rodunn at cisco.com
Wed Jul 30 09:51:59 EDT 2008
The router would proxy arp if it has a more specific route
out another interface.
But it's a hack and I would not design my network around it
working personally.
Rodney
On Wed, Jul 30, 2008 at 01:05:12PM +0200, Elmar K. Bins wrote:
> Re:)
>
>
> whisper555 at gmail.com (Whisper) wrote:
>
> > There was a big discussion on this list about proxy-arp several months ago.
>
> And I do suppose that's why I find proxy-arp quite suspicious, and why I
> asked about someone having a different idea for a solution.
>
> > Do a search for the forums that keep this in forum format to read up about
> > it.
>
> I will refresh my memory :)
>
> About Terry's question:
>
> The servers and the service address are NOT on the same subnet,
> I must have explained badly.
>
> ISP-to-Router: a.b.c.d/28 (think 192.0.2.0/28)
> Router-to-Servers: 192.168.1.0/24
> Server Loopback: a.b.c.+3 (think 192.0.2.3)
>
> Yours,
> Elmi.
>
> > > +--- [Server]
> > >[ISP]---| a.b.c.d/28 |--[Router]--+--- [Server]
> > > +--- [Server]
> > >
>
> > > 3750#show run | i relevant
> > > !
> > > interface vlan 10
> > > description OUTSIDE
> > > ip address a.b.c.+2 255.255.255.240
> > > !
> > > interface vlan 11
> > > description INSIDE
> > > ip address 192.168.1.1 255.255.255.0
> > > !
> > > ip route 0.0.0.0 0.0.0.0 a.b.c.+1
> > > ip route a.b.c.+3 255.255.255.255 192.168.1.2
> > > ip route a.b.c.+3 255.255.255.255 192.168.1.3
> > > ip route a.b.c.+3 255.255.255.255 192.168.1.4
> > > !
> > > ip cef
> > > ip cef load-sharing algorithm tunnel
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list