Proxy ARP Protocol

/

One of the most common requests that a router will get on a busy network are ARP requests.  They can easily overload hardware so it’s important to have facilities which can share the burden.  Proxy ARP allows a router to answer ARP requests on one of it’s networks for a host on another network.    This involves fooling the sender or the ARP request into believing that the router is the destination host where in fact the destination host is actually on another interface of the router.    The router is effectively acting as a proxy agent for the destination host relaying packets across adjacent networks.

One of the best ways to illustrate proxy ARP is by means of an example.  Imagine a system connected to ethernet networks.  They may look connected but in fact they’re not merely connected by a router operating on two different subnets.  The router will perform the hardware ARP requests across both of the networks which means that they will appear as a single entity.  You can even cross country borders and hide two networks for example a French and a UK proxy like this.

The router will perform complex calculations in order to determine which networks the datagrams need to be sent to.  At the core of the calculations are the network IDs which are essential in order to keep track of source and destinations of the network data.  The router will build up a large table of the various hardware addresses across all connected networks.  Then it can use this information to effectively route data through the most efficient interface like a fast VPN.

You can use various tools to troubleshoot both ARP and proxy ARP functions. One of the most useful is obviously the arp command which will list the various addresses stored in the table, use it with the -a switch for easy reference.  You can usually pick up the communications that will commonly take place when proxy ARP is being used fairly easily.

Other commands that are useful include the ifconfig command which can list IP addresses for ports and interfaces.  You can also reconcile hardware addresses, serial links and interface information using this command.  Effectively though you can understand proxy ARP by the simple fact that it tries to hide two physical networks from each other.   IN fact when it is configured correctly you can actually have a single network id to represent two distinct networks.

 

Leave a Comment