proxy ARPing - was Re: [Wylug-help] Possible IP subnet conflict
J Hodrien
johnh at comp.leeds.ac.uk
Mon, 23 Dec 2002 17:38:42 +0000 (GMT)
On 19 Dec 2002, Nigel Metheringham wrote:
> On Thu, 2002-12-19 at 11:01, Gary Stainburn wrote:
> > Hi Folks,
> >
> > one possible solution I've thought of for this problem is proxy ARPing. Would
> > it be possible to get the Linux firewall respond to ARP requests for the
> > remote 10.1.0.x IP addresses, and then get it to forward them to the remote
> > end. In this way, there would be no need to change any routing information.
>
> That certainly can be done - and I have done it - but only for single IP
> addresses. You would need to put a full set (ie up to 255) arp entries
> into the table - probably not a problem, but get any bigger and it would
> be.
Whoa. It's actually loads easier than that. I've just done it recently to
lever out a subnet without having to change routing information. From memory,
you'll be wanting to look at /proc/sys/net/ipv4/conf/eth?/proxy-arp or
something similar. It simply proxies arp requests from one interface to the
others. Worked first time, and have it working for a subnet. Work involved
does not change with more machines.
jh