Hey! I am in the process of migrating from one setup to another and I need the MX to proxy some ARP requests in the process. I can't use "proxy-arp unrestricted" as it would attract far too much traffic, so I am trying to stick with "proxy-arp restricted".
The documentation says: The router or switch responds to ARP requests in which the physical networks of the source and target are different and does not respond if the source and target IP addresses are in the same subnet. The router or switch must also have a route to the target IP address. This totally matches my case. However, I have noticed that when there is an entry for the target IP in the ARP cache, there is no answer. This is quite inconvenient for me. For example, assume that the MX is 192.0.2.1/24 and we have two hosts, 192.0.2.14 and 192.0.2.15, which are connected to some interface to the MX. Therefore, the MX has the following entries in its cache: 06:ea:3c:00:00:62 192.0.2.14 ae0.90 none 06:ea:3c:00:00:63 192.0.2.15 ae0.90 none Then, 192.0.2.14 moves to another equipment and the MX receives a route to let it know how to contact it: 192.0.2.14/32 *[BGP/170] 00:11:52, localpref 100 AS path: 65002 65004 I > to 198.51.0.14 via ae1.180 The ARP cache entry is left intact. The MX has no problem to ping 192.0.2.14 from now on. It uses the route, not the ARP cache entry. However, on ae0.90, the MX is also configured with "proxy-arp unrestricted". The idea is that 192.0.2.15 should be able to contact 192.0.2.14. The MX should fake an ARP answer and route the traffic. However, as long as the 192.0.2.14 entry stays in the ARP cache, the MX won't answer the ARP request. Once the entry is expired, this works as expected. The JTAC has been unhelpful on this case as they consider that something that never worked is out of their scope. Any tip on how to make this kind of setup works would be helpful. Thanks! -- One of the most striking differences between a cat and a lie is that a cat has only nine lives. -- Mark Twain, "Pudd'nhead Wilson's Calendar" _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp