For the Proxy ARP to work, the interface IP of Fa 0/0 should be on the same major network but with a different mask. When the Computer 1 ARP's for Fa 0/1's MAC, Fa 0/0 sees the ARP request. But it will discard the ARP request as it is on a completely different major network. For the proxy-ARP to work, the routers interface and PC should be on the same IP Subnet. When the router sees the source IP address, and parses it with it's own mask, the router should see the PC in its own subnet. If not, router will just drop the ARP request. If you change your IP Scheme as below then proxy ARP will work.
It is incredible how a simple problem like this do not find an easy solution reading books, RFCs and other resources.
As I had found in some books, also CCIE books, that Proxy ARP worked in this manner: when an ARP request arrives to an
interface, the router responds if it knows a route for the target address, except if the route is out the interface where the request came in.
Now I know that it is not so simple. Where did you find these details? Are these details part of a standard, RFC or something like this?
Or these details are how Cisco routers work? Without considering your solution, are you sure that the only control the router adds is the control about source IP address of the ARP request and IP address of the interface that receives the request: they must be in the same network, major or not major.
Or it is better an inverse engeneering work more detailed.
>> May be I had forgotten that a router, before doing any other operation, checks if the source IP address of the packet
belongs to the same subnet of the receiving interface, and that if it is not true the router discards the packet.
Is it always true? May be I remember that I have read something like this elsewhere.
yes for ARP activity sorry for my misunderstanding, this explains the results of your dynamips lab the ARP request is discarded so Proxy ARP cannot be invoked.
About IP packet processing:
No, generally speaking a router does not check the source address of the packet unless configured for doing so:
- or by using a so called anti spoofing ACL, where you specify for client vlans that you do not accept source addresses not belonging to the IP subnet associated to the VLAN (leaf with no other routers connected to this interface/network segment)
- or by enabling unicast RPF, this second mechanism checks if according to the local IP routing table the packet has been received on the same interface the local node would use to reach the packet's source address (uRPF in strict mode)
About Proxy ARP:
original RFC definition of Proxy ARP considers the same major network, Cisco implementation is looser and it looks at the IP routing table and the router answers to the ARP request with its own MAC address on the interface if a match is found in the IP routing table.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...