Re: Proxy ARP

[Ryota Ozaki <ozaki-r%netbsd.org@localhost>]

(I'm sorry for my lazy replying...)

On Thu, Feb 25, 2016 at 11:24 PM, Joerg Sonnenberger
<joerg%britannica.bec.de@localhost> wrote:
> On Thu, Feb 25, 2016 at 12:57:59PM +0000, Christos Zoulas wrote:
>> In article <CAKrYomjukGiXD+COWino3rTDd_u+0o+q04aWxv_qn0GCM-GOgQ%mail.gmail.com@localhost>,
>> Ryota Ozaki  <ozaki-r%netbsd.org@localhost> wrote:
>> >Hi,
>> >
>> >I have questions about the Proxy ARP feature.
>> >
>> >arp(8) has two options: "pub" and "pub proxy".
>> >What's the different between them and what
>> >are expected behaviors of them?
>> >
>>
>> Proxy arp (rfc1027) was used decades ago to make hosts whose
>> networking stacks did not understand subnetworking and routing
>> work (in my environment those were SVR2 machine AT&T 3b{2,5,10,20}s).
>
> I have used it much more recently for VMs and the like. If you
> configure the host machine to provide proxy ARP and use point-to-point
> links for the individual machines, you can avoid having to run a full
> blown bridge and naturally get isolation of the individual VMs without
> having further MAC filtering. The host has the correct routes to speak
> with the VMs and proxy ARP allows other machine on the outside network
> to be ignorant of the internal subnetting.

Could you teach me how to set up the configuration and how routes
and arp entries look? I want to know whether the use case is "pub"
one or "pub proxy" one and if it's "pub" one, how the route for
a proxy arp entry acts.

Thanks,
  ozaki-r

>
> I don't think this needs proxy flags on the kernel side though.
>
>> You can still get a copy of a proxyarpd implementation from:
>>
>>       ftp://mirror.ucsd.edu/pub/proxyarpd-1.7.shar
>
> Roy has one as well, it can be found in pkgsrc under net/parpd.
>
> Joerg