The ARP Request looks identical to the traditional ARP Request we looked at in the last article. We’ll take a look at it after exploring the Packet Structure for Proxy ARP next. That said, there is a very important and legitimate use case for Proxy ARP - one which does not stem from a misconfiguration. Although most include a way to enable it if desired. Many routers these days do not send Proxy ARPs by default for this very reason. Thereby creating an opportunity for Host B to fix the root problem. There is another school of thought that instead would prefer Host B’s misconfiguration to cause the communication to fail in order for Host B to be notified that something is wrong. With Proxy ARP, Host B may never even realize it has an incorrect Subnet Mask. Moreover, this specific use case for Proxy ARP is based solely around enabling routing despite there being a misconfiguration. The long term solution is to correct the misconfigured Subnet mask on Host B. So while Proxy ARP enabled connectivity in this example, it unfortunately does not scale indefinitely and should not be relied upon. When in reality only about 250 could possibly exist on its local network. We used the specific example of Host D’s single IP address, but due to Host B’s misconfigured subnet mask there are roughly 65,000 IP addresses that Host B now considers on its local network. That being said, it does impose additional work load on the Router. So despite the misconfigured Subnet Mask, Host B will be able to speak to Host D, due to the Router’s heroic use of Proxy ARP. All subsequent packets sent to Host D will use this MAC address in the L2 header. Host B will use the response to create an ARP mapping that states the IP 10.0.4.44 maps to the MAC address 0053.ffff.9999. The ARP Response sent by the Router looks exactly like a normal ARP response. Here is the process in action ( Host A is not pictured): Unless the Router itself responds to Host B’s ARP Request on behalf of Host D – which is the exact definition of a Proxy ARP. Therefore, the ARP Request will go unanswered, and Host B will be unable to communicate with Host D. Host B’s ARP Request will be broadcast to the local network, but will never make it across the Router to Host D. However, when Host B tries to speak to 10.0.4.44, it would (incorrectly) consider Host D on the same network and would instead try to ARP for Host D’s MAC address directly. When Host A tries to speak to 10.0.4.44, it would (correctly) consider Host D on a different network and would use traditional ARP to send the packet to the default gateway. Presume both of these hosts are trying to speak to Host D, which exists on a different network and has the IP address 10.0.4.44. Host B will consider any IP address in the range of 10.0.0.0 – 10.0.255.255 on its local network. Host B is configured with the IP address 10.0.0.22 and misconfigured with a subnet mask of 255.255.0.0 (or /16 in CIDR). Host A will consider any IP address in the range of 10.0.0.0 – 10.0.0.255 on its local network. Host A is configured with the IP address 10.0.0.11 and a subnet mask of 255.255.255.0 (or /24 in CIDR). This topology will illustrate how it works: The item which tells a host whether another IP address is on the same network or a different network is the subnet mask. If a host is speaking to another host on a different IP network, the target for the ARP request will be the Default Gateway’s IP address. The original thought process for Proxy ARP was to accommodate hosts with misconfigured subnet masks.Īs we’ve discussed before, when a host is speaking to another host on the same IP network, the target for the ARP request is the other host’s IP address. Proxy ARP is not a malicious event, it occurs to enable connectivity between two hosts that wouldn’t otherwise be possible. Proxy ARP occurs when one node is responding to an ARP request on behalf of another node. In this article we will discuss Proxy ARP and its role and significance. We’ve discussed the use cases and role of traditional ARP in the prior article of this series. Use the navigation boxes to view the rest of the articles.
This article is a part of a series on Address Resolution Protocol (ARP).
0 kommentar(er)
