Solved

ARP on behalf

Posted on 2004-09-08
6
292 Views
Last Modified: 2010-04-11
Saw this, wondering what is up with this.

172.25.22.1 ---------> Broadcast     Who has 172.25.42.53? Tell 172.25.42.1



Note that we are running two DHCP scopes here on the same DHCP server.
172.25.22.5-172.25.22.150
172.25.42.5-172.25.42.150
 One physical network, 2 logicals.
Thanks
0
Comment
Question by:dissolved
6 Comments
 

Assisted Solution

by:JMellin
JMellin earned 50 total points
ID: 12005864
As I would guess 172.25.42.1 have made a ARP request for 172.25.42.53. This is intercepted by 172.25.22.1 which is on another subnet but same physical network, ARP is a physical broadcast seen by all regardless of IP network.

Normally this would be ignored by the IP Protocol but perhaps 172.25.22.1 is a router with a sort of proxy-ARP feature.
It will then try to help negotiate mac address information (not route) between hosts on different subnets.

Regards
Johan
0
 

Author Comment

by:dissolved
ID: 12005939
But if its a broadcast, and 172.25.42.0 and 172.25.22.0 are differerent networks, how did 172.25.22.1 see the broadcast???

I found out these two networks are on separate VLANs. Perhaps the router is doing inter-vlan routing. But even then, would it pass broadcasts in between them?
Thanks
0
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 50 total points
ID: 12006649
172.25.22.1 ---------> Broadcast     Who has 172.25.42.53? Tell 172.25.42.1


1)  172.25.22.1 looks for 172.25.42.53
2)  Immediately knows this is not on the same subnet, so sends to default router
3)  Default router knows about 172.25.42.x, so issues ARP
4)  172.25.42.x responds to router with MAC address
5)  Router ARP table updated
6)  172.25.22.1 can now talk to 172.25.42.53
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 

Author Comment

by:dissolved
ID: 12006891
default router is 172.25.22.1. I'm thinking 172.25.42.1 is a sub-interface on the e0 of the cisco router (172.25.22.1)
0
 

Author Comment

by:dissolved
ID: 12007010
We are running VLANs and have our router (172.25.22.1) with a sub interface on the e0


172.25.22.1 ---------> Broadcast     Who has 172.25.42.53? Tell 172.25.42.1


1)  172.25.42.1 looks for 172.25.42.53
2)  However, since 172.25.42.1 is a sub-interface, 172.25.22.1 is shown as issuing the ARP request
3)  172.25.42.53 responds to 172.25.22.1 with it's physical address.

is this possible?
0
 
LVL 11

Accepted Solution

by:
PennGwyn earned 400 total points
ID: 12007900
I'm guessing that 172.25.22.1 and 172.25.42.1 are primary and secondary addresses on the same physical interface of the router.

The router wants to talk to 172.25.42.53, so it sends an ARP request.  172.25.42.1 is the router address on that subnet, so that's where the reply should go.

However, because 172.25.22.1 is the router's primary address on that port, it gets filled in as the source of the message.

0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now