Configuring Proxy ARP
The router can function as a proxy of the destination host to respond to ARP Request packets that are unreachable in some special scenarios.
Configuring Routed Proxy ARP
Context
When an enterprise network is divided into subnets, two subnets may belong to the same network segment but different physical networks. These two subnets are isolated by the router. You can modify the routing information about the hosts on the network, so that the data packets destined for other subnets are sent to the gateway connected to different subnets and then forwarded by the gateway to the destination. However, to implement this solution, you must configure routes for all hosts on the subnets. This complicates management and maintenance.
Deploying routed proxy ARP on the gateway can effectively solve the management and maintenance problems in subnet division. Routed proxy ARP allows the communication between the hosts whose IP addresses belong to the same network segment but different physical networks. In addition, the default gateway does not need to be configured on the hosts, facilitating management and maintenance.
Figure 2-7 shows the routed proxy ARP networking. The Router connects to two subnets through IF1 and IF2. The IP addresses of IF1 and IF2 belong to different network segments. The IP address of Host_1 in subnet 1 belongs to the same network segment as the IF1 IP address; the IP address of Host_2 in subnet 2 belongs to the same network segment as the IF2 IP address; the IP address of Host_1 in subnet 1 belongs to the same network segment as that of Host_2. The default gateway is not configured on Host_1 and Host_2. Configure routed proxy ARP on the Router so that the hosts in subnets 1 and 2 can communicate with each other.
Procedure
- Run system-view
The system view is displayed.
- Run interface interface-type interface-number
The interface view is displayed.
- Run ip address ip-address { mask | mask-length }
An IP address is configured for the interface.
The interface IP address must belong to the same network segment as the IP addresses of the hosts connected to the interface.
- Run arp-proxy enable
Routed proxy ARP is enabled on the interface.
By default, routed proxy ARP is disabled on an interface.
After routed proxy ARP is enabled on the device, the aging time of ARP entries on hosts should be reduced. In this way, the invalid ARP entries do not take effect as soon as possible, reducing the number of packets that are sent to but cannot be forwarded by the router.
Configuring Intra-VLAN Proxy ARP
Context
Users in the same VLAN cannot communicate with each other when port isolation is configured in the VLAN. You can enable intra-VLAN proxy ARP on the interfaces associated with the VLAN to ensure Layer 3 communication among users.
As shown in Figure 2-8, Host_1 and Host_2 belong to the same VLAN, but port isolation is configured between IF1 and IF2 that connect the Router to Host_1 and Host_2. Configure intra-VLAN proxy ARP on the Router so that Host_1 and Host_2 can communicate with each other.
Configuring Inter-VLAN Proxy ARP
Context
To implement Layer 3 communication among users on the same network segment but in different VLANs, you can enable inter-VLAN proxy ARP on the interface associated with the VLANs. For example, enable inter-VLAN proxy ARP on the VLANIF interfaces of super-VLAN to allow users in different sub-VLANs to communicate.
As shown in Figure 2-9, Host_1 and Host_2 belong to the same network segment but different VLANs. Configure inter-VLAN proxy ARP on the Router so that Host_1 and Host_2 can communicate with each other.
You can also configure VLANIF interfaces to implement Layer 3 communication among users in different VLANs. For details, see Configuring Inter-VLAN Communication.
