[c-nsp] Proxy ARP -- To disable, or not to disable..
Jared Mauch
jared at puck.nether.net
Sat Mar 22 12:34:02 EDT 2008
On Sat, Mar 22, 2008 at 11:32:58AM -0400, Fred Reimer wrote:
> If the network administrator has a clue, it should be no big deal in
> remembering to turn it off. There are a host of things that need to be
> setup on a router, some of which can't have appropriate defaults because
> they require network-specific settings. I did not think it was necessary to
> explain this.
I think the problem is there's a lot of networks that are configured
improperly. The cases where i've seen this the most are people who
are host guys who have a router or two. They don't know how expensive
proxy-arp can be on a router.
disabling proxy-arp will break some networks, but IMHO those
networks deserve to be broken as they're operating in an inefficent
manner and should be reconfigured. This is speaking as a router
guy who has seen what proxy-arp will do to the cpu usage.
Host guys may have a different opinion as they may not
want to transit the router to go between two different subnets that
are in the same broadcast domain.
There's reasons for both, but as a service provider
there's no reason to have proxy-arp enabled on customer facing
interfaces.
- Jared
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the cisco-nsp
mailing list