Subject: Re: arp.
To: None <>
From: Andy V. Oleynik <>
List: tech-net
Date: 04/06/1999 14:29:30
"Crist J. Clark" wrote:

> Andy V. Oleynik wrote,
> [Charset koi8-r unsupported, filtering to ASCII...]
> > andrea wrote:
> >
> > > I have to add a gateway to my net for experimental reasons.
> > > Actually there are : a main-router that works as interface to the Internet,
> > > and some hosts on my sub net.
> > >
> > >         Internet-----MyRouter----MySubNet
> > >
> > > NOw i need to configure one host of MYSubNet to act as a gatway for the
> > > secondary subnet.
> > > Both the 1SubNet and 2 SubNEt share the same ip-range.
> > >
> > >      Internet-----MyRouter----MySubNet-----My2SubNet
> >
> > As I understood U have smth like this :
> > Internet-----MyRouter----MySubNet
> >                                                |----2ndRouter-----My2SubNet

I mean 2ndrouter is on  MySubNet, sorrey for unclearity:)

> > Then U have to cut My2SubNet from ur  MySubNet and configure
> > routes to appropriate subnets on appropriate hosts. As long as ur 2ndsubnet
> > is part of ur mainsubnet  the hosts from  2ndsubnet will be seen from internet
> >
> > & wise a versa. U may need to run DNS for reverse zone of ur  My2SubNet
> DNS has nothing really to do with this problem. I believe the original

I said "U may" not "U must". At least I  run DNS for revzones of my subnets.

> poster is describing the following (this may be what the second poster
> meant to write, but proportional fonts, tab damage, or his character
> set wiped it out),
> Internet------PrimaryRouter------SubNet1
>                     |
>              SecondaryRouter-----SubNet2
> > >
> > >
> > > All the have to be seen from the Internet so I'll need to add a
> > > route to MainRouter in order to route the Secondary Subnet.
> > > The problem is that i cannot change configuration of the mainroute,so i
> > >
> >
> > in fact this isnt  big problem as soon as U have properly configured
> > subnets:) . Correct me if I wrong.
> This is a problem. You are wrong. But back to the original poster, why

Sorrey Crist, but there is no need to connect 2nd router to 1st. If U have to
have 2nd subnet just insert 2nd NIC into 1st router and as I sad above
configure ur subnets (with appropriate routes on router off cause &
defaulterouter on hosts on subnets :).

> can you not change the configuration on the Primary Router[0]? If this is
> your network, and you want to be able to do things like this, you need
> to be able to change the Primary Router configuration.
> To the second poster, when the Primary Router receives a packet
> destined for a machine on SubNet1 or SubNet2, since the Router
> believes all of those machines are still on its LAN, it will try to
> use the MAC address (layer 2) to send the packet directly to the

Is this true if 1strouter knows that a route to 2ndsubnet is throught 2ndrouter
which is
on same subnet as 1strouter?

> machine. However, now this machine has been moved behind the Secondary
> Router. The Secondary Router is not listening for other machines'

why not if it's configured as gateway to 2ndsnet?

> packets at layer 2 (in a typical router setup), so it never gets the

> packet and never tries to forward it. It also would not respond to ARP

> calls by the Primary Router when it is looking for a machine on
> SubNet2.

> > > wonder if is possible to configure the new gateway to do a sort of "proxy
> > > arp" for my secondary Subnet.
> > > But arp-tables are system-wide so if i change arp entry to cacth request on
> > > PrimaryNet the 2subnet dont'works anymore.
> > > Is possible to catch arp request only on a single subnet,without broke any
> > > other subnet connected to the same host.?
> It is possible. But I am unaware of a tool to do this[1] (which does not
> mean there is not one). Might you be better off building a 'new' net
> behind your Secondary Router? Say using NAT and a 10.0.0 subnet?
> [0] All you need to do on the router is add a route to Secondary
> Router for IPs on SubNet2. All you need is the address for the
> Secondary Router and a subnet mask.
> [1] The Secondary Router would not actually be doing routing in this
> case. It's acting more like a switch. You did not really tell us why
> you are doing this. Would getting a switch be a better option for you?
> --
> Crist J. Clark                 

WBW  Andy V. Oleynik  (When U work in virtual office
                       U have good chance to obtain virtual money %-)