[c-nsp] Proxy ARP -- To disable, or not to disable..
Gert Doering
gert at greenie.muc.de
Sun Mar 23 04:10:53 EDT 2008
Hi,
On Sat, Mar 22, 2008 at 04:12:16PM -0400, Julio Arruda wrote:
> I've seen another use (or misuse) of proxy-arp, something like pointing
> the static route in a router, to the ethernet port, not the next-hop.
> This would make the router arp for everything on that port to reach that
> route, so, depending in proxy-arp.
> Yes, it is weird..but others here with more IOS background may be able
> to ellaborate on that.
This is one of the things I'm ranting about. A configuration like this
can only work if the next-hop router does proxy-arp - and thus it will
go undetected for a while, cause bad performance, high CPU load, and
lots of unnecessary broadcast traffic on the LAN.
Without proxy-arp on-by-default, this configuration would not work, and
so the admin would need to think about what he's doing.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20080323/ba963a1c/attachment.bin
More information about the cisco-nsp
mailing list