What is Proxy ARP?

Sometimes strange things happen: A computer can communicate with another computers, although this should not be possible due to IP addressing and the routing table. Proxy ARP comes into play …

Proxy ARP

A proxy ARP enabled router can output itself as someone else. By default, Proxy ARP is enabled on most (Cisco) routers:


Now let’s take a closer look to this feature and and the impact to computer networks in form of a simple scenario.


Computer B sends a ping to computer C.


1. Computer B compares it’s IP address and subnet mask with the IP address of computer C.

2. Computer B comes to the conclusion that Computer C is in the same subnet. ( = 10.x.x.x = This conclusion is correct because of the subnet mask, but unfortunately wrong due to the topology. Computer C is located in a different subnet:

3. Based on (2), computer B will not contact it’s gateway and sends an ARP broadcast via it’s link. The router and computer A normally do not respond with an ARP Reply, because both devices are not configured with IP

4. Now Proxy ARP comes into play: The router sees the ARP broadcast and recognizes that this request is addressed to the network And this network is reachable by the router itself. The router could help out here. And that’s what the router will do.

5. The router sends an ARP reply with the MAC address of the router’s interface and outputs itself as computer C to help computer B.

6. Computer B receives the MAC address of the router’s interface. Thus, all packets addressed to computer C are sent to the router, and the router transparently mediates between computer B and computer C.

Categories: Cisco

Tagged as: , ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.