Two VLANs, One Subnet

Hans Fugal hans at fugal.net
Fri Mar 9 00:02:39 MST 2007


On Thu,  8 Mar 2007 at 22:06 -0700, Hans Fugal wrote:
> Proxy ARP is the magic I needed. 
> http://www.sjdjweis.com/linux/proxyarp/
> 
> It's working nearly perfectly. But for some reason the real MAC
> addresses are leaking through the openwrt and getting into the cisco's
> arp cache after a few (randomly distributed) minutes. Just how this is
> happening is a mystery to me. Do you know? The only thing I can think of
> is if my vlan is 'leaking'.

I have done some detective work and discovered that the problem is icmp
echo replies (pongs). As soon as someone pings me from outside, the pong
goes out and cisco updates its arp cache. That's the kiss of death. So
how do I tell cisco to stop being such a wise guy and only update the
arp cache when it gets an arp reply?

-- 
Hans Fugal ; http://hans.fugal.net
 
There's nothing remarkable about it. All one has to do is hit the 
right keys at the right time and the instrument plays itself.
    -- Johann Sebastian Bach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://plug.org/pipermail/plug/attachments/20070309/eaf7d2e9/attachment.bin 


More information about the PLUG mailing list