?
Solved

ARP on behalf

Posted on 2004-09-08
6
Medium Priority
?
326 Views
Last Modified: 2010-04-11
Saw this, wondering what is up with this.

172.25.22.1 ---------> Broadcast     Who has 172.25.42.53? Tell 172.25.42.1



Note that we are running two DHCP scopes here on the same DHCP server.
172.25.22.5-172.25.22.150
172.25.42.5-172.25.42.150
 One physical network, 2 logicals.
Thanks
0
Comment
Question by:dissolved
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 

Assisted Solution

by:JMellin
JMellin earned 200 total points
ID: 12005864
As I would guess 172.25.42.1 have made a ARP request for 172.25.42.53. This is intercepted by 172.25.22.1 which is on another subnet but same physical network, ARP is a physical broadcast seen by all regardless of IP network.

Normally this would be ignored by the IP Protocol but perhaps 172.25.22.1 is a router with a sort of proxy-ARP feature.
It will then try to help negotiate mac address information (not route) between hosts on different subnets.

Regards
Johan
0
 

Author Comment

by:dissolved
ID: 12005939
But if its a broadcast, and 172.25.42.0 and 172.25.22.0 are differerent networks, how did 172.25.22.1 see the broadcast???

I found out these two networks are on separate VLANs. Perhaps the router is doing inter-vlan routing. But even then, would it pass broadcasts in between them?
Thanks
0
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 200 total points
ID: 12006649
172.25.22.1 ---------> Broadcast     Who has 172.25.42.53? Tell 172.25.42.1


1)  172.25.22.1 looks for 172.25.42.53
2)  Immediately knows this is not on the same subnet, so sends to default router
3)  Default router knows about 172.25.42.x, so issues ARP
4)  172.25.42.x responds to router with MAC address
5)  Router ARP table updated
6)  172.25.22.1 can now talk to 172.25.42.53
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:dissolved
ID: 12006891
default router is 172.25.22.1. I'm thinking 172.25.42.1 is a sub-interface on the e0 of the cisco router (172.25.22.1)
0
 

Author Comment

by:dissolved
ID: 12007010
We are running VLANs and have our router (172.25.22.1) with a sub interface on the e0


172.25.22.1 ---------> Broadcast     Who has 172.25.42.53? Tell 172.25.42.1


1)  172.25.42.1 looks for 172.25.42.53
2)  However, since 172.25.42.1 is a sub-interface, 172.25.22.1 is shown as issuing the ARP request
3)  172.25.42.53 responds to 172.25.22.1 with it's physical address.

is this possible?
0
 
LVL 11

Accepted Solution

by:
PennGwyn earned 1600 total points
ID: 12007900
I'm guessing that 172.25.22.1 and 172.25.42.1 are primary and secondary addresses on the same physical interface of the router.

The router wants to talk to 172.25.42.53, so it sends an ARP request.  172.25.42.1 is the router address on that subnet, so that's where the reply should go.

However, because 172.25.22.1 is the router's primary address on that port, it gets filled in as the source of the message.

0

Featured Post

Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question