tech-net: Re: arp.

Subject: Re: arp.
To: andrea <andrea.franceschini@linet.it>
From: Curt Sampson <cjs@cynic.net>
List: tech-net
Date: 04/06/1999 22:43:52
On Mon, 5 Apr 1999, andrea wrote:

> [etc.]

If I read you correctly, what you want to do is something like this:

         internet
            |
        main router
        192.168.1.1/24  
            |
            |-- other hosts on 192.168.1.0/25 subnet
            |
        192.168.1.2/25
        sub-router 
        192.168.1.129/25
            |
            |-- other hosts on 192.168.1.128/25 subnet
            |

In other words, you have split your network into two subnets, but
because you have no control over the `main router' above, you cannot
inform it of the new subnet mask, so it believes that all the hosts
on the 192.168.1.128 subnet are local.

This is not hard to solve; you just turn on routing in the sub-router
box and enable proxy-arp. This will cause the subrouter box, when
it receives an arp request for the 128/25 subnet on the 0/25
interface, to reply to that ARP with its own address. The host that
requested the arp then sends all packets to the sub-router, and
normal routing gets it to its destination.

The question is, does NetBSD do this properly? I think it does,
but I'm lacking the AUI/10base-T transceiver I need to test this
out right now. However, in theory, if you have a host 192.168.1.130
that needs to talk to the main router, you type the following
command on the sub-router:

    arp -s 192.168.1.130 <sub-router's MAC address> pub

(The sub-router's MAC address can be gotten from an `ifconfig -a'
or `netstat -i'; it will be a sequence of six hex numbers separated
by colons, such as `8:0:20:1f:77:e0'.)

The unfortunate part about this is that you have to add a separate
arp entry for each host you want to proxy-arp for. On a cisco
router, the proxy-arp option allows you to arp for anything it
knows how to route to. This feature wouldn't be too hard to add to
NetBSD, actually; you'd just have to modify arplookup to generate
and add a new (pub, temp) arp entry for any IP address it can find
a route for in its routing tables. (This would be controlled by a
sysctl that would default to off, of course.) I may look at doing
this after the 1.4 release. Or someone else could do it and save
me the trouble. :-)

cjs
-- 
Curt Sampson  <cjs@cynic.net>   604 801 5335   De gustibus, aut bene aut nihil.
The most widely ported operating system in the world: http://www.netbsd.org