Re: Proxy ARP

[Joerg Sonnenberger <joerg%britannica.bec.de@localhost>]

On Thu, Feb 25, 2016 at 12:57:59PM +0000, Christos Zoulas wrote:
> In article <CAKrYomjukGiXD+COWino3rTDd_u+0o+q04aWxv_qn0GCM-GOgQ%mail.gmail.com@localhost>,
> Ryota Ozaki  <ozaki-r%netbsd.org@localhost> wrote:
> >Hi,
> >
> >I have questions about the Proxy ARP feature.
> >
> >arp(8) has two options: "pub" and "pub proxy".
> >What's the different between them and what
> >are expected behaviors of them?
> >
> 
> Proxy arp (rfc1027) was used decades ago to make hosts whose
> networking stacks did not understand subnetworking and routing
> work (in my environment those were SVR2 machine AT&T 3b{2,5,10,20}s).

I have used it much more recently for VMs and the like. If you
configure the host machine to provide proxy ARP and use point-to-point
links for the individual machines, you can avoid having to run a full
blown bridge and naturally get isolation of the individual VMs without
having further MAC filtering. The host has the correct routes to speak
with the VMs and proxy ARP allows other machine on the outside network
to be ignorant of the internal subnetting.

I don't think this needs proxy flags on the kernel side though.

> You can still get a copy of a proxyarpd implementation from:
> 
> 	ftp://mirror.ucsd.edu/pub/proxyarpd-1.7.shar

Roy has one as well, it can be found in pkgsrc under net/parpd.

Joerg