Subject: Re: arp.
To: Andy V. Oleynik <>
From: Crist J. Clark <>
List: tech-net
Date: 04/06/1999 05:07:15
Andy V. Oleynik wrote,
[Charset koi8-r unsupported, filtering to ASCII...]
> andrea wrote:
> > I have to add a gateway to my net for experimental reasons.
> > Actually there are : a main-router that works as interface to the Internet,
> > and some hosts on my sub net.
> >
> >         Internet-----MyRouter----MySubNet
> >
> > NOw i need to configure one host of MYSubNet to act as a gatway for the
> > secondary subnet.
> > Both the 1SubNet and 2 SubNEt share the same ip-range.
> >
> >      Internet-----MyRouter----MySubNet-----My2SubNet
> As I understood U have smth like this :
> Internet-----MyRouter----MySubNet
>                                                |----2ndRouter-----My2SubNet
> Then U have to cut My2SubNet from ur  MySubNet and configure
> routes to appropriate subnets on appropriate hosts. As long as ur 2ndsubnet
> is part of ur mainsubnet  the hosts from  2ndsubnet will be seen from internet
> & wise a versa. U may need to run DNS for reverse zone of ur  My2SubNet

DNS has nothing really to do with this problem. I believe the original
poster is describing the following (this may be what the second poster
meant to write, but proportional fonts, tab damage, or his character
set wiped it out),


> >
> >
> > All the have to be seen from the Internet so I'll need to add a
> > route to MainRouter in order to route the Secondary Subnet.
> > The problem is that i cannot change configuration of the mainroute,so i
> >
> in fact this isnt  big problem as soon as U have properly configured
> subnets:) . Correct me if I wrong.

This is a problem. You are wrong. But back to the original poster, why
can you not change the configuration on the Primary Router[0]? If this is
your network, and you want to be able to do things like this, you need
to be able to change the Primary Router configuration.

To the second poster, when the Primary Router receives a packet
destined for a machine on SubNet1 or SubNet2, since the Router
believes all of those machines are still on its LAN, it will try to
use the MAC address (layer 2) to send the packet directly to the
machine. However, now this machine has been moved behind the Secondary
Router. The Secondary Router is not listening for other machines'
packets at layer 2 (in a typical router setup), so it never gets the
packet and never tries to forward it. It also would not respond to ARP
calls by the Primary Router when it is looking for a machine on

> > wonder if is possible to configure the new gateway to do a sort of "proxy
> > arp" for my secondary Subnet.
> > But arp-tables are system-wide so if i change arp entry to cacth request on
> > PrimaryNet the 2subnet dont'works anymore.
> > Is possible to catch arp request only on a single subnet,without broke any
> > other subnet connected to the same host.?

It is possible. But I am unaware of a tool to do this[1] (which does not
mean there is not one). Might you be better off building a 'new' net
behind your Secondary Router? Say using NAT and a 10.0.0 subnet?

[0] All you need to do on the router is add a route to Secondary
Router for IPs on SubNet2. All you need is the address for the
Secondary Router and a subnet mask.

[1] The Secondary Router would not actually be doing routing in this
case. It's acting more like a switch. You did not really tell us why
you are doing this. Would getting a switch be a better option for you?
Crist J. Clark