Proxy ARP detection

• Previous message (by thread): Proxy ARP detection (was re: best practice for advertising peering fabric routes)
• Next message (by thread): Proxy ARP detection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* clay at bloomcounty.org (Clay Fiske) [Thu 16 Jan 2014, 00:35 CET]:
[...]
>Seriously though, it’s not so simple. You only get replies if the IP 
>you ARP for is in the offender’s route table (or they have a default 
>route). I’ve seen different routers respond depending on which 
>non-local IP was ARPed for. And while using something like 8.8.8.8 
>might be an obvious choice, I don’t care to hose up everyone’s 
>connectivity to it just to find local proxy ARP offenders on my 
>network.

You'll never be entirely sure but obviously you're not limited to 
sending only one ARP request - this isn't The Hunt For The Red October 
movie.  We're talking a common misconfiguration here in this thread - 
or at least you were, two mails upthread.

How will checking for Proxy ARP possibly hose up anybody's 
connectivity?  You realise that ARP replies are unicast, right?  
And that IXPs generally have dedicated servers for monitoring from 
which they can source packets?


	-- Niels.

-- 
"It's amazing what people will do to get their name on the internet, 
  which is odd, because all you really need is a Blogspot account."
			-- roy edroso, alicublog.blogspot.com

• Previous message (by thread): Proxy ARP detection (was re: best practice for advertising peering fabric routes)
• Next message (by thread): Proxy ARP detection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]