Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
844
Views
0
Helpful
5
Replies

proxy arp question

Mike Schooley
Level 1
Level 1

‎04-13-2010 10:17 AM - edited ‎03-04-2019 08:08 AM

Ok, I have a layer 2 and and a layer 3 connection to a remote site.  So the routing interface for the remote location is on a 6509, connected to another switch, then to the layer 2 cloud, then the remote switch.  No good way to tell if layer 2 connection goes down.  The backup route is 6509, then router, then t1 to the remote site.  Lets say the layer 2 connection was down, and proxy arp was turned on the routers of the layer 3 connection.  Would traffic then be "routed" via the layer 3 connection? as the arp request would be proxied over the t1, then answered and sent back.

Labels:
0 Helpful
5 Replies 5

Jon Marshall
Hall of Fame
Hall of Fame

‎04-13-2010 10:25 AM

Mike

No good way to tell if layer 2 connection goes down.

This is what dynamic routing protocols are for. If you exchange routes between the sites over both links but give preference to the L2 link then if it goes down the other link will be used and if it comes back up the L2 link will be used again. You can make it simpler by just having the dynamic routing protocol running over the L2 link passing more specific routes and then have a default-route at either end pointing to the L3 link. The more specific routes will be used as long as the L2 link is up and passing traffic.

Either of the above are much better ways than relying on proxy-arp which was not designed to do what you are trying to do.

Jon

0 Helpful

Mike Schooley
Level 1
Level 1
In response to Jon Marshall

‎04-13-2010 10:43 AM

how would you give preference to the layer 2 link,

since the dynamic routing protocols are layer 3.

The remote site is on the same subnet as this side, hence layer 2 and no routing protocol running. Yes there is a routing protocol running on my layer 3 link, but since my connected interface will have no way of knowing if my layer to link ever goes down it will always forward traffic out that interface and never use my layer 3 link.  I thought about using ip sla's, but ran into a couple of issues, no way to change admin distance on connected or state of interface using ip sla's, plus there isn't really an ip address to ping to determine reachability.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Mike Schooley

‎04-13-2010 11:35 AM 

msch00ley wrote:
how would you give preference to the layer 2 link,
since the dynamic routing protocols are layer 3.
The remote site is on the same subnet as this side, hence layer 2 and no routing protocol running. Yes there is a routing protocol running on my layer 3 link, but since my connected interface will have no way of knowing if my layer to link ever goes down it will always forward traffic out that interface and never use my layer 3 link.  I thought about using ip sla's, but ran into a couple of issues, no way to change admin distance on connected or state of interface using ip sla's, plus there isn't really an ip address to ping to determine reachability.

Mike

Apologies, i misunderstood what you meant by L2 link. So you have the same vlan on either side of the link ?

If so routing wouldn't work because you can't route to the same subnet, you can only switch. Proxy-arp wouldn't work either because the router would see the network as directly connected ie. same subnet mask and even if you changed subnet-masks i'm not sure proxy-arp could be "chained" across multiple L3 devices.

So you 2 solutions really -

1) purchase another L2 link for redundancy but obviously costly

2) is there a reason you need the same vlan on either side of the link ie. do you actually need L2 adjacency. If not i would make the L2 link a L3 link and then route across both.

Jon

0 Helpful

Mike Schooley
Level 1
Level 1
In response to Jon Marshall

‎04-13-2010 11:43 AM

leaning towards option 2, actually the layer 3 interface is off another vlan interface of the 6509, so there would

be no arp to proxy anyway.  What I was thinking is the 6509 would arp out on the interface, then the router connected to

the layer 3 interface would receive that and proxy it on, however the router connected to the layer 3 interface is off another vlan so it wou

ld never arp out that direction anyway.

thanks

0 Helpful

Tharak Abraham
Level 3
Level 3
In response to Mike Schooley

‎04-13-2010 08:54 PM

If i got your topology rite,

Proxying should work in the way you are telling, but considering the timeout for the arp entry learnt via the main link.

Btw, it would be recommended if you could re-engineer the connectivity.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card