subject:"\"Re\\\: addressing\\\/mask question \\\[7\\\:3727\\\]\""

Re: addressing/mask question [7:3727]

2001-05-08 Thread David Chandler


Comments inline:

PS: check out ICMP redirect It's another one that'll make your
traffic do things that you wouldn't expect.


DaveC

Scott Meyer wrote:
> 
> I have a question about network masks and proxy ARP that I have not
> understood for a long time. I'm not sure that I can clearly explain the
> question, but I'll give it my best. I got bits and pieces about the
> situation, so I don't know exactly what is working and when.
> 
> A co-worker has a customer that has a really messy IP scheme. For
> simplicity, the network scheme should be
> 
> network A   router A
> 172.16.1.0 /24172.16.1.1 e0
> 192.168.1.1  s0
> 
> connects over WAN to
> 
> network B   router B
> 172.16.2.0 /24  172.16.2.1   e0
> 192.168.1.2  s0
> 
> This customer has hosts with misconfigured masks and default gateways all
> over the place. Some hosts have wrong masks, some wrong gateways, on some
> both are wrong, and some are right. The routers are configured correctly,
as
> above. Obviously he is experiencing some connectivity issues - sometimes
> things work, and sometimes they don't.
> 
> I would like to more completely understand why. Proxy ARP is on (default).
> 
> Lets assume the following:
> host A  (wrong mask configured, 172.16.1.5 /16, gateway 172.16.1.1) tries
to
> connect to host B  172.16.2.6 (correctly configured as /24, gateway
> 172.16.2.1)
> 
> My understanding of what happens:  Host A does binary anding, and thinks
> that host B is on the same subnet. So it ARPs for 172.16.2.1. Proxy ARP is
> on, so I would think the router recognize that it needs to respond to host
> A's ARP request. Host A now thinks that host B = MAC address of router A.
> Host A sends traffic to router A and router A forwards. Both router A and
> host A know the correct MAC address of each other, so host B's response
will
> get to host A. So this should work consistently despite the
> misconfiguration, but I know better. How am I thinking incorrectly?

#

That's correct: When the router sees an ARP for a subnet that it thinks
is not local to the interface it will reply with a proxy-arp.   

>From your statement "but I know better. How am I thinking incorrectly?"
I take it that it is not working?  I see from your description that the
172.16.x.x is split between a 192.168.x.x.  Are you using IGRP, EIGRP,
or RIPv2 with no auto-summary OR OSPF  Check router A's routing
table to see where the 172.16.2.x network is.

##

> 
> Next question, let's assume the following:
> host A  (wrong gateway configured, 172.16.1.5 /24, gateway 172.16.1.3)
tries
> to connect to host B  172.16.2.6 (correctly configured as /24, gateway
> 172.16.2.1)
> 
> My understanding of what happens:   Host A does binary anding, and thinks
> that host B is on another subnet. Host A thinks that the gateway is
> 172.16.1.3, and ARPs for that. If there is a 172.16.1.3, it will respond
> with it's MAC, host A will send traffic for host B to 172.16.1.3, which
will
> promptly drop it because it has no idea what to do with it. If there is not
> a 172.16.1.3, host A will not get a response, and will timeout eventually.
I
> will need to check, but I don't think that host A will ARP for host B (as
> opposed to ARPing for the gateway). So this should consistently not work.
If
> host A did not have a gateway at all, it would ARP for host B and router A
> would respond (due to proxy ARP) and connectivity would be established. Am
I
> correct?

#

Yes: 100% so far...

##

> 
> I do think it makes a difference who initiates the connection, because of
> ARP. If host B tries to connect to host A, router A would ARP for host A.
> Host A would place router A's MAC in it's ARP table for host B, and as long
> as that entry existed, communication would work consistently? Am I thinking
> correctly?

##

I suppose someone cound program a IP stack that way but I have not seen
any host do what you just described.  Pretty much Host A will use the
same process whether it initiates or is responding.

##

> 
> If proxy ARP is enabled, why is a default gateway needed? I have never seen
> a TCP/IP configuration that doesn't have a spot to enter a default gateway.
> Conversely, if everything has a default gateway, why is proxy ARP needed?
If
> one of those (either the gateway or proxy ARP) is not working for whatever
> reason, why is communication spotty? Should it not be consistently either
> working or not?
> 
> If proxy ARP works like it is supposed to, I don't see a need for hosts to
> have masks and gateways configured. The only problem I see is if there are
> multiple gateways available to a subnet, where both (or more) gateways will
> forward the packet, so the destination gets 2 packets. What happens then is
> protocol and application dependent.

#

Question:
Why do you need proxy-arp, masks, and

RE: addressing/mask question [7:3727]

2001-05-11 Thread Scott Meyer


Thanks for the response. Do you have the link for this?

How does the router determine if it has the best route? Does routing
protocol choice have anything to do with this determination? Using RIP for
example, the router only knows how many hops away a network is. It knows the
best route to forward the packet, but doesn't know if there is another
router with a better route that would have received the packet.

Scott Meyer
CCNA, CCDA, MCSE, etc
[EMAIL PROTECTED]

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 09, 2001 4:55 PM
To: [EMAIL PROTECTED]
Subject: Re: addressing/mask question [7:3727]


Under proxy ARP, if the router receives an ARP Request for a host that is
not on the same network as the ARP Request sender, and if the router has the
best route to that host, then the router sends an ARP Reply packet giving
its own local data link address. The host that sent the ARP Request then
sends its packets to the router, which forwards them to the intended host.

Scott,
That is quoted from the CCO help pages.  Essentially, both of your scenarios
are true, except that the router only responds to the ARP if it has the BEST
path to the host or service sought.
  HTH,
Rob H.
CCNP, CCDP, MCSE, CCA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=4161&t=3727
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: addressing/mask question [7:3727]

2001-05-11 Thread David Chandler


I wonder if they mean that it will not respond to the ARP if the router
would then have to route the packet out the same interface that it came
in on.  

   (10.1.1.x/24)  (10.1.2.x/24)
R1---R2R3--| H2
 |
 |  
 H1 10.1.x.x/16

1.  If H1 (which is misconfigured) wants to send a packet to H2 it will
ARP; because it thinks H2 is local. 

2.  Both R1 and R2 could proxy-arp for H2.

3.  If R1 proxy-arps it will then have to route the packet to R2.

4.  R1 learned the router from R2 which is on the same broadcast domain
so R1 will allow R2 to do the proxy-arp.

5.  R2 may not know if it has the "BEST ROUTE" to H2 
 but 

6.  R1 knows that it doesn't have the "best route" because it would have
to send it out the same interface.

I'm gonna test this out and I'll keep you posted.

DaveC   



Scott Meyer wrote:
> 
> Thanks for the response. Do you have the link for this?
> 
> How does the router determine if it has the best route? Does routing
> protocol choice have anything to do with this determination? Using RIP for
> example, the router only knows how many hops away a network is. It knows
the
> best route to forward the packet, but doesn't know if there is another
> router with a better route that would have received the packet.
> 
> Scott Meyer
> CCNA, CCDA, MCSE, etc
> [EMAIL PROTECTED]
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 09, 2001 4:55 PM
> To: [EMAIL PROTECTED]
> Subject: Re: addressing/mask question [7:3727]
> 
> Under proxy ARP, if the router receives an ARP Request for a host that is
> not on the same network as the ARP Request sender, and if the router has
the
> best route to that host, then the router sends an ARP Reply packet giving
> its own local data link address. The host that sent the ARP Request then
> sends its packets to the router, which forwards them to the intended host.
> 
> Scott,
> That is quoted from the CCO help pages.  Essentially, both of your
scenarios
> are true, except that the router only responds to the ARP if it has the
BEST
> path to the host or service sought.
>   HTH,
> Rob H.
> CCNP, CCDP, MCSE, CCA
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=4194&t=3727
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: addressing/mask question [7:3727]

RE: addressing/mask question [7:3727]

Re: addressing/mask question [7:3727]

3 matches

Site Navigation

Mail list logo

Footer information