Proxy arp not working in Linux

Proxy arp not working in Linux

Post by dhumes.. » Thu, 23 Jun 2005 01:34:14



I'm having a problem configuring proxy arp.  My understanding is that
first proxy arp must be enabled in the kernel by setting one or more of
these variables to "1".

/proc/sys/net/ipv4/conf/eth0/proxy_arp
/proc/sys/net/ipv4/conf/lo/proxy_arp
/proc/sys/net/ipv4/conf/default/proxy_arp
/proc/sys/net/ipv4/conf/all/proxy_arp

Inititially, I set just eth0, but then tried setting them all when it
didn't work.  I set the variables in /etc/sysctl.conf, stopped and
restarted the interface, and checked to make certain they were all set.

After setting the kernel variables, I added a permanent, published arp
table entry as follows:

# arp -s 192.168.18.230 00:B0:D0:B5:52:F9 pub

Also tried this:

# arp -i eth0 -s 192.168.18.230 -D eth0 pub

Here's what's in the arp cache after adding the entry:

# arp -an
? (192.168.18.12) at 00:0D:56:A3:90:83 [ether] on eth0
? (192.168.18.1) at 00:00:0C:07:AC:01 [ether] on eth0
? (192.168.18.230) at * PERM PUP on eth0

# cat /proc/net/arp
IP address       HW type     Flags       HW address            Mask
Device
192.168.18.12    0x1         0x2         00:0D:56:A3:90:83     *
eth0
192.168.18.1     0x1         0x2         00:00:0C:07:AC:01     *
eth0
192.168.18.230   0x1         0xc         00:00:00:00:00:00     *
eth0

The "*" in the arp -an output doesn't look right, and the HW address
for 192.168.18.230 is definitely not right.

But, just to see if it would respond I pinged it from another box on
the local subnet.  I don't expect icmp echo replies at this point,
since the box is not routing.  But I did expect to see an arp reply if
it was configured correctly.  But there's no reply.  I tried the same
thing on a Solaris system and it works fine.  What else needs to be
done to make this work in Linux?  I tried it on two different Redhat
systems, 2.6.11-1.14_FC3 and 2.6.9-5.Elsmp, with the same results.

 
 
 

Proxy arp not working in Linux

Post by buck » Thu, 23 Jun 2005 11:53:46




>I'm having a problem configuring proxy arp.  My understanding is that
>first proxy arp must be enabled in the kernel by setting one or more of
>these variables to "1".

>/proc/sys/net/ipv4/conf/eth0/proxy_arp
>/proc/sys/net/ipv4/conf/lo/proxy_arp
>/proc/sys/net/ipv4/conf/default/proxy_arp
>/proc/sys/net/ipv4/conf/all/proxy_arp

>Inititially, I set just eth0, but then tried setting them all when it
>didn't work.  I set the variables in /etc/sysctl.conf, stopped and
>restarted the interface, and checked to make certain they were all set.

>After setting the kernel variables, I added a permanent, published arp
>table entry as follows:

># arp -s 192.168.18.230 00:B0:D0:B5:52:F9 pub

>Also tried this:

># arp -i eth0 -s 192.168.18.230 -D eth0 pub

>Here's what's in the arp cache after adding the entry:

># arp -an
>? (192.168.18.12) at 00:0D:56:A3:90:83 [ether] on eth0
>? (192.168.18.1) at 00:00:0C:07:AC:01 [ether] on eth0
>? (192.168.18.230) at * PERM PUP on eth0

># cat /proc/net/arp
>IP address       HW type     Flags       HW address            Mask
>Device
>192.168.18.12    0x1         0x2         00:0D:56:A3:90:83     *
>eth0
>192.168.18.1     0x1         0x2         00:00:0C:07:AC:01     *
>eth0
>192.168.18.230   0x1         0xc         00:00:00:00:00:00     *
>eth0

>The "*" in the arp -an output doesn't look right, and the HW address
>for 192.168.18.230 is definitely not right.

>But, just to see if it would respond I pinged it from another box on
>the local subnet.  I don't expect icmp echo replies at this point,
>since the box is not routing.  But I did expect to see an arp reply if
>it was configured correctly.  But there's no reply.  I tried the same
>thing on a Solaris system and it works fine.  What else needs to be
>done to make this work in Linux?  I tried it on two different Redhat
>systems, 2.6.11-1.14_FC3 and 2.6.9-5.Elsmp, with the same results.

You might want to have a look at my working ProxyARP setup:

http://yesican.chsoft.biz/lartc

ftp://andthatsjazz.org/pub/lartc

to see if any of that helps.  In general, if you bring up the
interfaces using ip link (rather than ifconfig) and you then set the
routing up correctly, ProxyARP just works - after your ISP's ARP cache
finally purges (mine takes 70 minutes or so).
--
buck

 
 
 

Proxy arp not working in Linux

Post by Michel Billau » Tue, 28 Jun 2005 03:28:46



> I'm having a problem configuring proxy arp.  My understanding is that
> first proxy arp must be enabled in the kernel by setting one or more of
> these variables to "1".

This one works for me

        echo 1 > /proc/sys/net/ipv4/ip_forward
        arp -i eth0 -Ds  x.y.z.t  eth0  pub

on a firewall, with kernel 2.4.18-1-686 (debian stable)

MB

--

LABRI-Universit Bordeaux I     tel 05 4000 6922 / 05 5684 5792
351, cours de la Libration     http://www.labri.fr/~billaud
33405 Talence  (FRANCE)    

 
 
 

Proxy arp not working in Linux

Post by David Efflan » Sat, 09 Jul 2005 14:37:00



Quote:> I'm having a problem configuring proxy arp.  My understanding is that
> first proxy arp must be enabled in the kernel by setting one or more of
> these variables to "1".

> /proc/sys/net/ipv4/conf/eth0/proxy_arp
> /proc/sys/net/ipv4/conf/lo/proxy_arp
> /proc/sys/net/ipv4/conf/default/proxy_arp
> /proc/sys/net/ipv4/conf/all/proxy_arp

(snip)

Some important things you have not told us is what interfaces are you
attempting to proxy arp between (IP/netmask of each), and your routing.  
If you have network or routing conflicts, proxy arp is NOT going to work.  
You only mention eth0 and nothing about other interface or network.

This is an example of a script I use to enable my laptop to proxy arp my
desktop between eth0 and wlan0 (wireless to main LAN).  Both interfaces
use IP 172.16.1.245, but eth0 has netmask 255.255.255.255 and wlan0 has
netmask 255.255.255.248 (pppoe router also proxy arps between /29 wireless
subnet and /24 wired LAN).

#!/bin/sh
/sbin/SuSEfirewall2 stop
/sbin/ifconfig eth0 172.16.1.245 broadcast 172.16.1.245 netmask 255.255.255.255
/sbin/route add -host 172.16.1.244 dev eth0
/sbin/SuSEfirewall2
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/wlan0/proxy_arp

The reason I proxy arp both interfaces instead of just wlan0 is because
brain dead Win XP on desktop will not accept 255.255.255.255 netmask, so
having proxy arp enabled for eth0 allows XP to use 255.255.255.248 netmask
and find its way through eth0 and out wlan0 to wireless gateway (pppoe
router).  This may sound confusing, but all works as one happy LAN
(desktopPC or printserver on mainLAN can find each other using arp).

pppoe |eth0----/24----mainLAN
router|eth1----/29----WAP    wlan0|laptop|eth0----/32----desktopPC

 
 
 

1. does proxy arp not work in solaris 2.3 or 2.4?

I have been trying to use proxy arp on my ppp connection. On the
solaris machine which is the ppp server, I do a

arp -s other_hostname my_ether_addr pub

but I always get other_hostname: no such device or address.
Including if I specify the ip address directly.

What's going on here?

--


2. Output lost in my window after pipe and fork

3. Proxy arp does not work

4. acessing the Parallel port

5. proxy arp not working in ppp session

6. NCSA with SSL?

7. Proxy-arp command not working

8. How to hook a printer through network?

9. ppp connection proxy arp not working

10. I can not get ARP to work, even though /proc/net/arp is correct!

11. Proxy arp (how to add an arp entry)

12. Proxy ARP grief, just can't get box to respond to ARP request

13. Proxy ARP / ARP Publish