nanog mailing list archives
Re: Proxy ARP detection (was re: best practice for advertising peering fabric routes)
From: ML <ml () kenweb org>
Date: Wed, 15 Jan 2014 23:49:15 -0500
On 1/15/2014 6:31 PM, Clay Fiske wrote:
Yes, yes, I expected a smug reply like this. I just didn’t expect it to take so long. But how can I detect proxy ARP when detecting proxy ARP was patented in 1996? http://www.google.com/patents/US5708654 Seriously though, it’s not so simple. You only get replies if the IP you ARP for is in the offender’s route table (or they have a default route). I’ve seen different routers respond depending on which non-local IP was ARPed for. And while using something like 8.8.8.8 might be an obvious choice, I don’t care to hose up everyone’s connectivity to it just to find local proxy ARP offenders on my network. -c
Shouldn't ARP inspection be a common feature?
Current thread:
- Re: Proxy ARP detection, (continued)
- Re: Proxy ARP detection Niels Bakker (Jan 15)
- Re: Proxy ARP detection Clay Fiske (Jan 15)
- Re: Proxy ARP detection Eric Rosen (Jan 15)
- Re: Proxy ARP detection Patrick W. Gilmore (Jan 15)
- Re: Proxy ARP detection Jimmy Hess (Jan 15)
- Re: Proxy ARP detection Vlade Ristevski (Jan 16)
- Re: Proxy ARP detection Niels Bakker (Jan 16)
- Re: Proxy ARP detection Warren Bailey (Jan 16)
- Re: Proxy ARP detection Jimmy Hess (Jan 16)
- Re: Proxy ARP detection Niels Bakker (Jan 16)
- Re: Proxy ARP detection (was re: best practice for advertising peering fabric routes) ML (Jan 15)
- Re: Proxy ARP detection (was re: best practice for advertising peering fabric routes) Jimmy Hess (Jan 15)
- Re: best practice for advertising peering fabric routes Niels Bakker (Jan 15)
- Re: best practice for advertising peering fabric routes Niels Bakker (Jan 15)