Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
970
Views
0
Helpful
9
Replies

proxy arp

vladrac-ccna
Level 5
Level 5

‎05-16-2007 07:23 AM - edited ‎03-05-2019 04:06 PM

hello everyone.

I was contacted by a friend with the following problem.

He was logged on a 3550-24 layer 2, with no default-gateway on it.

the funny thing was that he was logged on it from a remote subnet not even close to the one configured in this switch.

He was able to get to the router using PROXY ARP, which we confirmed on the ARP table.

the switch was on a 10.0.0.0/24 network and the remote machine on a 129.0.0.0 network.

we could see this subnet on the ARP table with the MAC of the router doing PROXY-ARP.

My question is...I thought that the switch would only send ARP requests for his local network.

its IP is 10.0.0.7/24. So, how did he sent an ARP request for the IP address 129.0.0.0.

Did I read this wrong?

Please let me know.

vlad

Labels:
0 Helpful
9 Replies 9

royalblues
Level 10
Level 10

‎05-16-2007 07:54 AM

Vlad good to see you back..

ARP is used in four cases of two hosts communicating:

When two hosts are on the same network and one desires to send a packet to the other

When two hosts are on different networks and must use a gateway/router to reach the other host

When a router needs to forward a packet for one host through another router

When a router needs to forward a packet from one host to the destination host on the same network

So in your case, when the switch sends out an ARP request, the router configured with Proxy-ARP responds back with its mac-address.

If the switch had a default gateway configured, then it would have sent the packet to the DG since the destination is on a different subnet. IF this would have been a first request, the switch would have sent an ARP request for the gateway IP address.

HTH, rate if it does

Narayan

0 Helpful

vladrac-ccna
Level 5
Level 5
In response to royalblues

‎05-16-2007 09:02 AM

Hey Narayan, thx for the reply.

But, this is a layer 2 switch, why would it send a request for a machine outside its network?

Vlad

0 Helpful

royalblues
Level 10
Level 10
In response to vladrac-ccna

‎05-16-2007 09:18 AM

The request would be in response to the connection initiated from the outside .e ur telnet

HTH, rate if it does

Narayan

0 Helpful

vladrac-ccna
Level 5
Level 5
In response to royalblues

‎06-06-2007 05:43 AM

My question still is, why to send an ARP for an network that is not directly connected?

if my network is 10.0.0.0/8 why would it send an ARP to network 20.0.0.0 ?

Vlad

0 Helpful

Amit Singh
Cisco Employee
Cisco Employee
In response to vladrac-ccna

‎06-06-2007 05:54 AM

Vlad,

It will not send a request to 20.0.0.0 IP. You router i.e the gateway with the interface connected to 10.0.0.0 subnet will send an ARP request to the switch.

Lets take a scenario

SwitchA---RouterA----RouterB----SwitchB

If your user on switchB is initiating a connection to switchA.The source IP would be the switchB and destination would be the SwitchA. The switchB will do an ARP-request for the SwitchA's mac. This request will reach the gateway i.e routerB and since the switchA is not locally located routerB will check its routing table and if it has the route to reach to switchA subnet and proxy-arp is enabled, it will proxy-arp and will send an ARP-reply to switchB.

The same mechanism will continue till all the devices complete their ARP table to reach the switchA subnet.In the final node routerA will send an ARP-request to switchA and then switchA will send a reply back to routerA, which complete the whole process. Once the logical path is made switchB will be able to send the packets to switchA.

Hope I am clear on this process.

Please read the link below for more understanding.

HTH,please rate if it does.

-amit singh

0 Helpful

royalblues
Level 10
Level 10
In response to Amit Singh

‎06-06-2007 06:03 AM

Amit,

Dont you think when a user on switch B is is initiating a connection to switchA it will ARP for the gateway IP as the destination would be on a different subnet?

Narayan

0 Helpful

Amit Singh
Cisco Employee
Cisco Employee
In response to royalblues

‎06-06-2007 08:50 AM

Narayan,

The user will arp with the source IP/MAC of its own and destination IP of the switchA and the MAC set to FFFF.FFFF.FFFF. Since it will be a broadcast packet it will reach the routerB and then routerB will proxy-arp and send its MAC as the destination MAC to the host. Host will update its ARP table and will send packets to the router to forward it to the switch.

-amit singh

0 Helpful

vladrac-ccna
Level 5
Level 5
In response to Amit Singh

‎06-06-2007 08:28 AM

I think you're missing the question that started this topic.

I know exactly how ARP, and PROXY-ARP works.

The point is that I had a switch with no gateway , no routing, just a single int vlan on network 10.0.10.0/24 sending ARP for all networks. It was not sending packets to his gateway (as none was configured). it was actually sending ARP packets for networks not included in its connected routes.

I dont think this is a normal behaviour.

Vlad

0 Helpful

Amit Singh
Cisco Employee
Cisco Employee

‎06-06-2007 05:56 AM

Sorry forgot to paste the link.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094adb.shtml

HTH,Please rate if it does.

-amit singh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card