ARP

ARP

[Christoph Pleger]

Hello,

I want to use FreeS/WAN with kernel 2.4. For the configuration I have to
reach with FreeS/WAN I need the ability to tell a host that it shall
accept traffic which is directed to another host. I tried doing that by
the user space program arp, but it did not work and after that I read in
the manual page of arp that since kernel version 2.2.0 setting an arp
entry for a whole subnet is no longer supported. 

Is there something else I can do to tell the hosts in a subnet to send
packets for a specific not to that host itself but to another host? This
should be done transparently so that the hosts do not know that their ip
packets do not go directly to the destination.

Kind regards
  Christoph

Re: ARP

[William Stearns]

Good afternoon, Chris,

On Thu, 17 Apr 2003, Christoph Pleger wrote:

> I want to use FreeS/WAN with kernel 2.4. For the configuration I have to
> reach with FreeS/WAN I need the ability to tell a host that it shall
> accept traffic which is directed to another host. I tried doing that by
> the user space program arp, but it did not work and after that I read in
> the manual page of arp that since kernel version 2.2.0 setting an arp
> entry for a whole subnet is no longer supported. 
> 
> Is there something else I can do to tell the hosts in a subnet to send
> packets for a specific not to that host itself but to another host? This
> should be done transparently so that the hosts do not know that their ip
> packets do not go directly to the destination.

	Proxy arp _does_ work, to the est of my knowledge, still.  You may 
need to put in the entries for each workstation, that that's a simple 
shell loop in your network startup.

http://www.stearns.org/doc/proxyarp-howto

	Please trim the to list on any replies.
	Cheers,
	- Bill

---------------------------------------------------------------------------
	..all in all it's just another rule in the firewall.
	/Ping Flood/
(Courtesy of Hirling Endre)
--------------------------------------------------------------------------
William Stearns (wstearns@pobox.com).  Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at:   http://www.stearns.org
Linux articles at:                         http://www.opensourcedigest.com
--------------------------------------------------------------------------

Re: ARP

[Christoph Pleger]

Hello William,

> Good afternoon, Chris,
> 
> On Thu, 17 Apr 2003, Christoph Pleger wrote:
> 
> > I want to use FreeS/WAN with kernel 2.4. For the configuration I
> > have to reach with FreeS/WAN I need the ability to tell a host that
> > it shall accept traffic which is directed to another host. I tried
> > doing that by the user space program arp, but it did not work and
> > after that I read in the manual page of arp that since kernel
> > version 2.2.0 setting an arp entry for a whole subnet is no longer
> > supported. 
> > 
> > Is there something else I can do to tell the hosts in a subnet to
> > send packets for a specific not to that host itself but to another
> > host? This should be done transparently so that the hosts do not
> > know that their ip packets do not go directly to the destination.
> 
> 	Proxy arp _does_ work, to the est of my knowledge, still.  You
> 	may 
> need to put in the entries for each workstation, that that's a simple 
> shell loop in your network startup.
> 
> http://www.stearns.org/doc/proxyarp-howto

I did exactly what you described on your webpage (of course I changed
the addresses), but the arp request of another host still is not
answered by the FreeS/WAN gateway. Do I have to enable special kernel
options for proxy arp to work?

Kind regards
  Christoph