SID-500.COM

Home » Cisco » What is Proxy ARP?

What is Proxy ARP?

Sometimes strange things happen: A computer can communicate with another computers, although this should not be possible due to IP addressing and the routing table. Proxy ARP comes into play …

Proxy ARP

A proxy ARP enabled router can output itself as someone else. By default, Proxy ARP is enabled on most (Cisco) routers:

Unbenannt.PNG

Now let’s take a closer look to this feature and and the impact to computer networks in form of a simple scenario.

Scenario

Computer B sends a ping to computer C.

1.PNG

1. Computer B compares it’s IP address and subnet mask with the IP address of computer C.

2. Computer B comes to the conclusion that Computer C is in the same subnet. (10.10.10.0/8 = 10.x.x.x = 10.20.10.50). This conclusion is correct because of the subnet mask, but unfortunately wrong due to the topology. Computer C is located in a different subnet: 10.20.10.0/24.

3. Based on (2), computer B will not contact it’s gateway and sends an ARP broadcast via it’s link. The router and computer A normally do not respond with an ARP Reply, because both devices are not configured with IP 10.20.10.50.

4. Now Proxy ARP comes into play: The router sees the ARP broadcast and recognizes that this request is addressed to the network 10.20.10.0/24. And this network is reachable by the router itself. The router could help out here. And that’s what the router will do.

5. The router sends an ARP reply with the MAC address of the router’s interface and outputs itself as computer C to help computer B.

6. Computer B receives the MAC address of the router’s interface. Thus, all packets addressed to computer C are sent to the router, and the router transparently mediates between computer B and computer C.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

GET-AUTHOR

My name is Patrick Grünauer. Microsoft MVP. I am from Austria. On sid-500 I write about Windows, Cisco and IT-Security in English and German. Have fun while reading!

Categories

Patrick Gruenauer
Follow SID-500.COM on WordPress.com