Received: with ECARTIS (v1.0.0; list netdev); Sat, 02 Jul 2005 14:24:10 -0700 (PDT) Received: from filer.marasystems.com (marasystems.com [83.241.133.2]) by oss.sgi.com (8.12.10/8.12.10/SuSE Linux 0.7) with ESMTP id j62LO6H9005944 for ; Sat, 2 Jul 2005 14:24:07 -0700 Received: from localhost (henrik@localhost) by filer.marasystems.com (8.11.6/8.11.6) with ESMTP id j62LLbV27158; Sat, 2 Jul 2005 23:21:37 +0200 Date: Sat, 2 Jul 2005 23:21:37 +0200 (CEST) From: Henrik Nordstrom To: Zdenek Radouch cc: netdev@oss.sgi.com, linux-net@vger.kernel.org Subject: Re: controlling ARP Proxy scope? In-Reply-To: <3u3gb7$1mhk2i@smtp05.mrf.mail.rcn.net> Message-ID: References: <3u3gb7$1mhk2i@smtp05.mrf.mail.rcn.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-archive-position: 2612 X-ecartis-version: Ecartis v1.0.0 Sender: netdev-bounce@oss.sgi.com Errors-to: netdev-bounce@oss.sgi.com X-original-sender: hno@marasystems.com Precedence: bulk X-list: netdev On Fri, 1 Jul 2005, Zdenek Radouch wrote: > So, left with only a binary flag in /proc, and network definition on the > interface, > I assumed (perhaps naively) that the arp would proxy only for the addresses > within the subnet defined for the interface (on which the proxy arp is > turned on). > However, that does not seem to be the case. You may be able to tune this with either arp_filter or arp_ignore. > I have an interface with address 10.1.2.219 and mask 255.255.255.248 with > proxy arp turned on on this interface, and the machine is responding > (I see that with tcpdump) to arp requests for address 10.1.2.1, i.e., > an address outside of the proxy interface's subnet. Correct. > Can anyone explain the behavior? proxy_arp simply ARPs if there is a route for the requested destination going out on another interface than where the ARP was seen. Regards Henrik