RE: addressing/mask question [7:3727]

[Scott Meyer]

Thanks for the response. Do you have the link for this?

How does the router determine if it has the best route? Does routing
protocol choice have anything to do with this determination? Using RIP for
example, the router only knows how many hops away a network is. It knows the
best route to forward the packet, but doesn't know if there is another
router with a better route that would have received the packet.

Scott Meyer
CCNA, CCDA, MCSE, etc
[EMAIL PROTECTED]

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 09, 2001 4:55 PM
To: [EMAIL PROTECTED]
Subject: Re: addressing/mask question [7:3727]


Under proxy ARP, if the router receives an ARP Request for a host that is
not on the same network as the ARP Request sender, and if the router has the
best route to that host, then the router sends an ARP Reply packet giving
its own local data link address. The host that sent the ARP Request then
sends its packets to the router, which forwards them to the intended host.

Scott,
That is quoted from the CCO help pages.  Essentially, both of your scenarios
are true, except that the router only responds to the ARP if it has the BEST
path to the host or service sought.
  HTH,
Rob H.
CCNP, CCDP, MCSE, CCA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=4161t=3727
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: addressing/mask question [7:3727]

[David Chandler]

I wonder if they mean that it will not respond to the ARP if the router
would then have to route the packet out the same interface that it came
in on.  

   (10.1.1.x/24)  (10.1.2.x/24)
R1---R2R3--| H2
 |
 |  
 H1 10.1.x.x/16

1.  If H1 (which is misconfigured) wants to send a packet to H2 it will
ARP; because it thinks H2 is local. 

2.  Both R1 and R2 could proxy-arp for H2.

3.  If R1 proxy-arps it will then have to route the packet to R2.

4.  R1 learned the router from R2 which is on the same broadcast domain
so R1 will allow R2 to do the proxy-arp.

5.  R2 may not know if it has the BEST ROUTE to H2 
 but 

6.  R1 knows that it doesn't have the best route because it would have
to send it out the same interface.

I'm gonna test this out and I'll keep you posted.

DaveC   



Scott Meyer wrote:
 
 Thanks for the response. Do you have the link for this?
 
 How does the router determine if it has the best route? Does routing
 protocol choice have anything to do with this determination? Using RIP for
 example, the router only knows how many hops away a network is. It knows
the
 best route to forward the packet, but doesn't know if there is another
 router with a better route that would have received the packet.
 
 Scott Meyer
 CCNA, CCDA, MCSE, etc
 [EMAIL PROTECTED]
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, May 09, 2001 4:55 PM
 To: [EMAIL PROTECTED]
 Subject: Re: addressing/mask question [7:3727]
 
 Under proxy ARP, if the router receives an ARP Request for a host that is
 not on the same network as the ARP Request sender, and if the router has
the
 best route to that host, then the router sends an ARP Reply packet giving
 its own local data link address. The host that sent the ARP Request then
 sends its packets to the router, which forwards them to the intended host.
 
 Scott,
 That is quoted from the CCO help pages.  Essentially, both of your
scenarios
 are true, except that the router only responds to the ARP if it has the
BEST
 path to the host or service sought.
   HTH,
 Rob H.
 CCNP, CCDP, MCSE, CCA
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
 Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=4194t=3727
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: addressing/mask question [7:3727]

[David Chandler]

Comments inline:

PS: check out ICMP redirect It's another one that'll make your
traffic do things that you wouldn't expect.


DaveC

Scott Meyer wrote:
 
 I have a question about network masks and proxy ARP that I have not
 understood for a long time. I'm not sure that I can clearly explain the
 question, but I'll give it my best. I got bits and pieces about the
 situation, so I don't know exactly what is working and when.
 
 A co-worker has a customer that has a really messy IP scheme. For
 simplicity, the network scheme should be
 
 network A   router A
 172.16.1.0 /24172.16.1.1 e0
 192.168.1.1  s0
 
 connects over WAN to
 
 network B   router B
 172.16.2.0 /24  172.16.2.1   e0
 192.168.1.2  s0
 
 This customer has hosts with misconfigured masks and default gateways all
 over the place. Some hosts have wrong masks, some wrong gateways, on some
 both are wrong, and some are right. The routers are configured correctly,
as
 above. Obviously he is experiencing some connectivity issues - sometimes
 things work, and sometimes they don't.
 
 I would like to more completely understand why. Proxy ARP is on (default).
 
 Lets assume the following:
 host A  (wrong mask configured, 172.16.1.5 /16, gateway 172.16.1.1) tries
to
 connect to host B  172.16.2.6 (correctly configured as /24, gateway
 172.16.2.1)
 
 My understanding of what happens:  Host A does binary anding, and thinks
 that host B is on the same subnet. So it ARPs for 172.16.2.1. Proxy ARP is
 on, so I would think the router recognize that it needs to respond to host
 A's ARP request. Host A now thinks that host B = MAC address of router A.
 Host A sends traffic to router A and router A forwards. Both router A and
 host A know the correct MAC address of each other, so host B's response
will
 get to host A. So this should work consistently despite the
 misconfiguration, but I know better. How am I thinking incorrectly?

#

That's correct: When the router sees an ARP for a subnet that it thinks
is not local to the interface it will reply with a proxy-arp.   

From your statement but I know better. How am I thinking incorrectly?
I take it that it is not working?  I see from your description that the
172.16.x.x is split between a 192.168.x.x.  Are you using IGRP, EIGRP,
or RIPv2 with no auto-summary OR OSPF  Check router A's routing
table to see where the 172.16.2.x network is.

##

 
 Next question, let's assume the following:
 host A  (wrong gateway configured, 172.16.1.5 /24, gateway 172.16.1.3)
tries
 to connect to host B  172.16.2.6 (correctly configured as /24, gateway
 172.16.2.1)
 
 My understanding of what happens:   Host A does binary anding, and thinks
 that host B is on another subnet. Host A thinks that the gateway is
 172.16.1.3, and ARPs for that. If there is a 172.16.1.3, it will respond
 with it's MAC, host A will send traffic for host B to 172.16.1.3, which
will
 promptly drop it because it has no idea what to do with it. If there is not
 a 172.16.1.3, host A will not get a response, and will timeout eventually.
I
 will need to check, but I don't think that host A will ARP for host B (as
 opposed to ARPing for the gateway). So this should consistently not work.
If
 host A did not have a gateway at all, it would ARP for host B and router A
 would respond (due to proxy ARP) and connectivity would be established. Am
I
 correct?

#

Yes: 100% so far...

##

 
 I do think it makes a difference who initiates the connection, because of
 ARP. If host B tries to connect to host A, router A would ARP for host A.
 Host A would place router A's MAC in it's ARP table for host B, and as long
 as that entry existed, communication would work consistently? Am I thinking
 correctly?

##

I suppose someone cound program a IP stack that way but I have not seen
any host do what you just described.  Pretty much Host A will use the
same process whether it initiates or is responding.

##

 
 If proxy ARP is enabled, why is a default gateway needed? I have never seen
 a TCP/IP configuration that doesn't have a spot to enter a default gateway.
 Conversely, if everything has a default gateway, why is proxy ARP needed?
If
 one of those (either the gateway or proxy ARP) is not working for whatever
 reason, why is communication spotty? Should it not be consistently either
 working or not?
 
 If proxy ARP works like it is supposed to, I don't see a need for hosts to
 have masks and gateways configured. The only problem I see is if there are
 multiple gateways available to a subnet, where both (or more) gateways will
 forward the packet, so the destination gets 2 packets. What happens then is
 protocol and application dependent.

#

Question:
Why do you need proxy-arp, masks, and gateways... 
Answer:
Control and Flexibility
There is always some goofy