proxy arp vs IPalias
Patrick Main (pmain@www.gc.cc.fl.us)
Sat, 16 May 1998 09:19:06 -0300
Quick question: While setting up a firewall: with Linux of course! :-)
I have had to use either proxy-arp or an IPalias so the Cisco
router can communicate with the rest of the campus network. We do not
have access to the cisco router so the changes had to be worked around
this constraint. I also needed to keep the old IP used for the web server
as it is used for DNS and other duties.
So until the Cisco can have it's routing tables updated i have had
to allow the cisco to "see" the old IP address it wants to use to reach
the campus network. I am curious to see what others think is the most
reliable to use. Either a proxy arp entry or an Ipalias. There are no
additional networks involved with the extra IP.
ie: eth0 is 192.168.1.3 and the cisco ethernet is 192.168.1.1 but
the cisco is configured to use 192.168.1.2 to reach the rest of the
campus. Yes these are static routes and politically rip or ospf are not
options. Hoefully the slight problem is now obvious.
Currently i am using an IPalias but that is simply because i tried
proxy arp and Ipalias in that order with none working. Then rebooting
the STUPID! cisco router got everything and i left the alias setup.
An aside: just what is the timeout of the arp cache on a 2500 series
cisco router. I have done proxy arp before on other locations and do know
the procedures to set it up.
So what do people think? Major concerns are reliability, i would suspect
the proxy arp is the simplest and best solution. We are connected via
a T1 line o the internet so throughput is not a major problem. I am
concerned somewhat about cpu load but this pentium machine is safe i think.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu