Configuring Proxy ARP
Configuring Routed Proxy ARP
Context
When an enterprise network is divided into subnets, two subnets may belong to the same network segment but different physical networks. These two subnets are connected by a switch but cannot communicate with each other. To allow data packets destined for other subnets to be sent to the gateway and subsequently forwarded to the destination, you can modify the routing information about the hosts on the network. However, to implement this solution, you must configure routes for all hosts on the subnets, which is time-consuming. Deploying routed proxy ARP on the gateway effectively solves this problem.
Routed proxy ARP allows communication between hosts whose IP addresses belong to the same network segment but different physical networks. In addition, the default gateway does not need to be configured on the hosts, facilitating management and maintenance.
- The Switch connects to two subnets through IF1 and IF2.
- The IP addresses of IF1 and IF2 belong to different network segments.
- The IP address of Host_1 in subnet 1 belongs to the same network segment as the IF1 IP address.
- The IP address of Host_2 in subnet 2 belongs to the same network segment as the IF2 IP address.
- The IP address of Host_1 in subnet 1 belongs to the same network segment as that of Host_2.
- The default gateway is not configured on Host_1 and Host_2.
To enable the hosts in subnets 1 and 2 to communicate with each other, configure routed proxy ARP on the Switch.
Procedure
- Run system-view
The system view is displayed.
- Run interface interface-type interface-number
The interface view is displayed.
- (Optional) On an Ethernet interface, run undo portswitch
The interface is switched to Layer 3 mode.
By default, an Ethernet interface works in Layer 2 mode.
- Run ip address ip-address { mask | mask-length }
An IP address is configured for the interface.
The interface IP address must reside on the same network segment as the IP addresses of the hosts connected to the interface.
- Run arp-proxy enable
Routed proxy ARP is enabled on the interface.
By default, routed proxy ARP is disabled on an interface.
After routed proxy ARP is enabled on the device, the aging time of ARP entries on hosts must be reduced. This ensures that invalid ARP entries are aged as soon as possible, reducing the number of packets that are sent to but cannot be forwarded by the Switch.
Configuring Intra-VLAN Proxy ARP
Context
Users in the same VLAN cannot communicate with each other when port isolation is configured in the VLAN. Configure intra-VLAN proxy ARP on the interfaces associated with the VLAN to enable Layer 3 communication among users.
Figure 2-12 shows an example of a network running intra-VLAN proxy ARP. In the figure, Host_1 and Host_2 belong to the same VLAN, but port isolation is configured between IF1 and IF2 that connect the Switch to Host_1 and Host_2. Configure intra-VLAN proxy ARP on the Switch so that Host_1 and Host_2 can communicate with each other.
Configuring Inter-VLAN Proxy ARP
Context
To implement Layer 3 communication among users on the same network segment but in different VLANs, enable inter-VLAN proxy ARP on the interface associated with the VLANs. For example, enable inter-VLAN proxy ARP on the VLANIF interface corresponding to a super-VLAN so that users in sub-VLANs can communicate with each other.
Figure 2-13 shows a network using inter-VLAN proxy ARP.
In Figure 2-13, Host_1 and Host_2 belong to the same network segment but different VLANs. Inter-VLAN proxy ARP is enabled on the Switch so that Host_1 and Host_2 can communicate with each other.
You can also configure VLANIF interfaces to implement Layer 3 communication among users in different VLANs. For details, see Configuring Inter-VLAN Communication in "VLAN Configuration" in the S7700 V200R019C10 Configuration Guide - Ethernet Switching.