what is the difference between ARP proxy and a router?
johnifanx98
Member Posts: 329
in CCNA & CCENT
both forward the packet and give the sender its MAC as layer 2 address...
Comments
-
TehToG
Member Posts: 194
An arp request is a broadcast. It goes out over the broadcast domain and asks for the mac address of a specified PC.
eg. PC1 sends an arp for PC2 saying "What is the mac address for PC2 (giving it's layer 3 address)" and EVERYONE gets it, PC2 replies and says I am at "mac address".
Proxy Arp is where the device replies to an arp which was NOT meant for it's address.
eg. PC1 sends an arp for PC2 and NetDevice1 replies "PC2 is at "mac address" which is actually it's own address. That way all traffic for PC2 goes to it, and it's job is to forward it on.
Routers do not forward broadcasts. -
johnifanx98
Member Posts: 329
An arp request is a broadcast. It goes out over the broadcast domain and asks for the mac address of a specified PC.
eg. PC1 sends an arp for PC2 saying "What is the mac address for PC2 (giving it's layer 3 address)" and EVERYONE gets it, PC2 replies and says I am at "mac address".
Proxy Arp is where the device replies to an arp which was NOT meant for it's address.
eg. PC1 sends an arp for PC2 and NetDevice1 replies "PC2 is at "mac address" which is actually it's own address. That way all traffic for PC2 goes to it, and it's job is to forward it on.
Routers do not forward broadcasts.
Is the router a specific case of ARP proxy? When a host pings another host which is in separate subnet (or, broadcast domain), the router will respond with its own MAC to the source host. The net result is in the source host's arp cache the MAC address of the destination appears to be the MAC of the router.
Lammle hints that a ARP proxy can co-exist with a gateway in a same subnet which is confusing me. If so, would it cause duplicate forwarding? -
TehToG
Member Posts: 194
They're completely separate. A router can preform proxy arp.
If i send a packet to another subnet, the packet goes to my default gateway by default. The router gets it and looks at the layer 3 info (ip address) and forwards it on.
If i send an arp out it's ONLY because I know the device belongs to my subnet. If it's on a different subnet then it just forwards the packet to the router. The router will not 'relay' layer 2 broadcasts (arps in this case) UNLESS proxy arp has been configured as a service on the router to do so. -
lantech
Member Posts: 329
Check out this document from Cisco on Proxy Arp.
Proxy ARP* [IP Addressing Services] - Cisco Systems
Proxy ARP would be used when a host thinks the host it is trying to communicate with is on the same subnet but is separated by a router and the router knows how to reach the intended host. Host A would send out its ARP broadcast and the router would respond with its own MAC address and take responsibility for forwarding the packet to Host B.
This would happen where Host A might have a misconfigured subnet mask so it thinks its subnet is larger than it actually is. Proxy Arp seems to be enabled by default. At least according to the document I found created by Cisco.2012 Certification Goals
CCENT: 04/16/2012
CCNA: TBD -
johnifanx98
Member Posts: 329
They're completely separate. A router can preform proxy arp.
If i send a packet to another subnet, the packet goes to my default gateway by default. The router gets it and looks at the layer 3 info (ip address) and forwards it on.
If i send an arp out it's ONLY because I know the device belongs to my subnet. If it's on a different subnet then it just forwards the packet to the router. The router will not 'relay' layer 2 broadcasts (arps in this case) UNLESS proxy arp has been configured as a service on the router to do so.
Assume proxy ARP service is not turned on, how a router forwards a packet?
#1 a host A sends a packet to host B in another subnet;
#2 by default, at layer 2 the host A will send the frame to router's MAC;
#3 the router ARPs to find the MAC of host B;
#4 at layer 2, the router sends the frame to MAC of host B.
In the above scenario, at layer 2 I see two frames.
host A-> router (source MAC: A / dest MAC: router)
router->host B. (source MAC: router / dest MAC: host
To be honest, I'm not seeing layer 2 relay... Please correct me if anything wrong... -
johnifanx98
Member Posts: 329
Check out this document from Cisco on Proxy Arp.
Proxy ARP* [IP Addressing Services] - Cisco Systems
Proxy ARP would be used when a host thinks the host it is trying to communicate with is on the same subnet but is separated by a router and the router knows how to reach the intended host. Host A would send out its ARP broadcast and the router would respond with its own MAC address and take responsibility for forwarding the packet to Host B.
This would happen where Host A might have a misconfigured subnet mask so it thinks its subnet is larger than it actually is. Proxy Arp seems to be enabled by default. At least according to the document I found created by Cisco.
This sample looks more like a mis-configuration to me... -
TehToG
Member Posts: 194
You're ignoring the destination/source addresses at layer 3. When Host A sends packet to Host B it knows that it's being sent via the router (using layer 2 addressing) just as surely as even though Host B receives the packet from the router (according to the layer 2 data) it knows that the sender was Host A (via the layer 3 info).
-
lantech
Member Posts: 329
Yes, the sample does look like a mis-configuration. But it still might happen. Or it can happen when a company buys another company.2012 Certification Goals
CCENT: 04/16/2012
CCNA: TBD
