[c-nsp] Bridge devices - ARP takeover

Gert Doering gert at greenie.muc.de
Fri Aug 14 08:00:38 EDT 2009


Hi,

On Fri, Aug 14, 2009 at 06:57:08AM -0500, Graham Wooden wrote:
> Agreed on the ip proxy-arp, but if it makes the link work for the time being
> ... 

This would be VERY surprising - "ip proxy-arp" makes a difference only
if one of the devices sends ARP requests for IP addresses that are 
off-link (specifically: that the router with "ip proxy-arp" knows to be 
off-link and has a route for it).

Your routers on both sides shouldn't do any ARPing for off-link addresses
unless one of them has a static route pointing to the ethernet itself
("ip route 0.0.0.0 0.0.0.0 ethernet0" is a quite typical example).

dot1q-tagging the management interface sounds like a good plan, though :)

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 303 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20090814/de339995/attachment.bin>


More information about the cisco-nsp mailing list