Proxy ARP Experiment

Proxy ARP Experiment

I. ARP Introduction

Address Resolution Protocol (ARP) is a protocol used to resolve an IP address to an Ethernet MAC address (or physical address. In a LAN, when a host or other network device has data to send to another host or device, it must know the peer network layer address (that is, IP address ). However, it is not enough to have only an IP address, because IP data packets must be encapsulated into frames to be sent through the physical network. Therefore, the sending station must also have a physical address of the receiving station, therefore, a ing from the IP address to the physical address is required. ARP is the protocol that implements this function.

 

 

II. Introduction to proxy ARP

When a host in the same network segment is connected to different layer-3 interfaces of the device, the proxy ARP function of the device can be used to implement intercommunication through layer-3 forwarding.

Proxy ARP is divided into common proxy ARP and local proxy arp. The application scenarios of the two are different:

1. The application environment of common proxy ARP is: the host to connect to different layer-3 interfaces of the device, and these hosts are not in the same broadcast domain.

2. The application environment of local proxy ARP is: the host to connect to the same layer-3 interface of the device, and these hosts are not in the same broadcast domain.

In this experiment, we will do a common ARP proxy, and then we will do a local proxy ARP experiment.

 

 

Iii. Lab Environment

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/141491418987.png "width =" 634 "Height =" 144 "alt =" 141491418987.png"/>

PC1 IP Address: 10.0.10.1/16

PC2 IP Address: 10.0.20.1/16

AR1 ge0/24/24 IP address 10.0.10.254/24

AR1 ge0/0/24 IP address 10.0.20.254/24

Iii. Experiment Principles

PC1 and PC2 are in the same CIDR block. When pC1 is pinged to PC2, pC1 sends an ARP request to the router. The ARP packet is a broadcast packet, and the router isolates the broadcast, PC2 cannot receive ARP requests sent by pc1.

If proxy ARP is configured on AR1, AR1 can respond to pC1's ARP request. At the same time, AR1 is equivalent to the proxy of pc2. it forwards packets sent from other hosts to it. PC1 can communicate with pc2.

 

 

 

Iv. experiment content

1. Only IP addresses and masks are configured for pC1 and PC2, and no gateway is required.

 

2. AR1 configuration command

[AR1] interface gigabitethernet 0/0/0

[AR1-GigabitEthernet0/0/0] IP address 10.0.10.254 24

[AR1-GigabitEthernet0/0/0] Quit

[AR1] interface gigabitethernet 0/0/1

[AR1-GigabitEthernet0/0/1] IP address 10.0.20.254 24

 

3. Currently, pC1 cannot Ping PC2.

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/14149141906.png "width =" 499 "Height =" 256 "alt =" 14149142136.png"/>

4. Configure proxy ARP on ar1.

[AR1] interface gigabitethernet 0/0/0

[AR1-GigabitEthernet0/0/0] ARP-proxy enable.

[AR1-GigabitEthernet0/0/0] Quit

[AR1] interface gigabitethernet 0/0/1

[AR1-GigabitEthernet0/0/1] ARP-proxy enable.

 

5. Now pC1 can ping PC2

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/141491419123.png "width =" 479 "Height =" 278 "alt =" 141491419123.png"/>

It is normal to lose two packets when forwarding ARP to learn MAC addresses from each other.

Vi. Experiment Analysis

1. Let's take a look at how ARP is forwarded.

A. pC1 first sends an ARP request broadcast packet.

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/141491419232.png "width =" 494 "Height =" 241 "alt =" 141491419232.png"/>

Including source IP address and source MAC, target IP address and target MAC (all F)

B. After receiving the IP address from Port ge0/0/0, the router modifies the source IP address and source MAC address.

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/141491419377.png "width =" 505 "Height =" 240 "alt =" 141491419377.png"/>

Change the source IP address and source MAC address to the IP address and MAC address of port ge0/0/1, and then issue

C. PC2 receives the ARP request and returns the ARP request of ge0/0/0/1.

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/141491419523.png "width =" 487 "Height =" 243 "alt =" 141491419523.png"/>

The source IP address and target MAC address are PC2, and the target IP address and target MAC address are ge0/0/1.

D. the router receives an ARP reply from pc2. it modifies the source MAC address, target MAC address, and target IP address.

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/141491419615.png "width =" 474 "Height =" 243 "alt =" 141491419615.png"/>

Change the source MAC address to the MAC address of ge0/0/0, and the target MAC address and IP address to pc1.

E. Now the router proxy ARP is complete.

2. Now let's look at the ARP table of the PC and router.

A. pC1 ARP table

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/14149147682.png "width =" 443 "Height =" 107 "alt =" 14149147682.png"/>

B. PC2 ARP table

650) This. width = 650; "src =" http://cckvm.img42.wal8.com/img42/499446_20141030105743/141491475896.png "width =" 437 "Height =" 107 "alt =" 141491475896.png"/>

C. Router ARP table

[AR1] display ARP all

IP address MAC address expire (m) type interface VPN-INSTANCE

VLAN/cevlan PVC

------------------------------------------------------------------------------

10.0.10.254 00e0-fccf-3f6a I-ge0/0/0

10.0.10.1 5489-9856-2c1c 1 D-0 ge0/0/0

10.0.0000254 00e0-fccf-3f6b I-ge0/0/1

10.0.20.1 5489-98d1-5cdd 1 D-0 ge0/0/1

------------------------------------------------------------------------------

Total: 4 dynamic: 2 static: 0 interface: 2

 

D. We can see that the destination addresses of pC1 and PC2 ARP tables all point to vrouters.

 

 

Vi. Experiment Summary

When a host in the same network segment is connected to different layer-3 interfaces of the device, the proxy ARP function of the device can be used to implement intercommunication through layer-3 forwarding.

The proxy ARP function can be used when the host does not have the default gateway configured or the host does not have any routing capabilities. However, it is not recommended to use this method. The vro is used to isolate broadcast. This may cause a large number of broadcast packets in the network and occupy network bandwidth.

This article is from the "kk1230" blog. For more information, contact the author!

Proxy ARP Experiment