nanog mailing list archives

Re: Proxy ARP detection

From: Eric Rosen <erosen () redhat com>
Date: Wed, 15 Jan 2014 19:54:14 -0500 (EST)

Cisco PIX's used to do this if the firewall had a route and saw a ARP request in that IP range it would proxy arp.

----- Original Message -----


On Jan 15, 2014, at 4:03 PM, Niels Bakker <niels=nanog () bakker net> wrote:

* clay () bloomcounty org (Clay Fiske) [Thu 16 Jan 2014, 00:59 CET]:

This is where theory diverges nicely from practice. In some cases the
offender broadcast his reply, and guess what else? A lot of routers
listen to unsolicited ARP replies.


I've never seen this.  Please name vendor and product, if only so other
subscribers to this list can avoid doing business with them.


This was some time ago, but the two I was able to dig up from that case were
both Junipers. Perhaps it’s something that only happens when proxy ARP is
enabled?


-c


-- 
Eric Rosen
CCIE Security #17821
Information Security Analyst
Red Hat, Inc
erosen () redhat com
919.890.8555 x48555
IRC erosen

Current thread:

Re: best practice for advertising peering fabric routes, (continued)
- - - Re: best practice for advertising peering fabric routes Christopher Morrow (Jan 15)
    - Re: best practice for advertising peering fabric routes William Herrin (Jan 15)
    - Re: best practice for advertising peering fabric routes Michael Still (Jan 15)
    - Re: best practice for advertising peering fabric routes Clay Fiske (Jan 15)
    - Re: best practice for advertising peering fabric routes Niels Bakker (Jan 15)
    - Proxy ARP detection (was re: best practice for advertising peering fabric routes) Clay Fiske (Jan 15)
    - Re: Proxy ARP detection Niels Bakker (Jan 15)
    - Re: Proxy ARP detection Clay Fiske (Jan 15)
    - Re: Proxy ARP detection Niels Bakker (Jan 15)
    - Re: Proxy ARP detection Clay Fiske (Jan 15)
    - Re: Proxy ARP detection Eric Rosen (Jan 15)
    - Re: Proxy ARP detection Patrick W. Gilmore (Jan 15)
    - Re: Proxy ARP detection Jimmy Hess (Jan 15)
    - Re: Proxy ARP detection Vlade Ristevski (Jan 16)
    - Re: Proxy ARP detection Niels Bakker (Jan 16)
    - Re: Proxy ARP detection Warren Bailey (Jan 16)
    - Re: Proxy ARP detection Jimmy Hess (Jan 16)
    - Re: Proxy ARP detection Niels Bakker (Jan 16)
    - Re: Proxy ARP detection (was re: best practice for advertising peering fabric routes) ML (Jan 15)
    - Re: Proxy ARP detection (was re: best practice for advertising peering fabric routes) Jimmy Hess (Jan 15)
    - Re: best practice for advertising peering fabric routes Niels Bakker (Jan 15)

(Thread continues...)