[c-nsp] Proxy ARP -- To disable, or not to disable..

Gert Doering gert at greenie.muc.de
Sun Mar 23 04:10:53 EDT 2008


Hi,

On Sat, Mar 22, 2008 at 04:12:16PM -0400, Julio Arruda wrote:
> I've seen another use (or misuse) of proxy-arp, something like pointing 
> the static route in a router, to the ethernet port, not the next-hop.
> This would make the router arp for everything on that port to reach that 
> route, so, depending in proxy-arp.
> Yes, it is weird..but others here with more IOS background may be able 
> to ellaborate on that.

This is one of the things I'm ranting about.  A configuration like this
can only work if the next-hop router does proxy-arp - and thus it will
go undetected for a while, cause bad performance, high CPU load, and 
lots of unnecessary broadcast traffic on the LAN.

Without proxy-arp on-by-default, this configuration would not work, and
so the admin would need to think about what he's doing.

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20080323/ba963a1c/attachment.bin 


More information about the cisco-nsp mailing list