Why proxy ARP does not take effect after the arp-proxy enable command is used on an interface

1

Proxy ARP is classified into routed proxy ARP, intra-VLAN proxy ARP, and inter-VLAN proxy ARP, which are configured by arp-proxy enable, arp-proxy inner-sub-vlan-proxy enable, and arp-proxy inter-sub-vlan-proxy enable. Each proxy function takes effect in corresponding scenarios.

Routed proxy ARP

Routed proxy ARP takes effect when the destination IP address in the received ARP request packet and the IP address of the inbound interface are in different network segments, but there is a route to the destination IP address and the outbound and inbound interfaces of the route are different. A device uses its MAC address as the source MAC address to return ARP response packets.

Intra-VLAN proxy ARP

Intra-VLAN proxy ARP takes effect when the destination IP address of the received ARP request packet and the IP address of the inbound interface are in the same network segment.

Inter-VLAN proxy ARP

Inter-VLAN proxy ARP is similar to intra-VLAN proxy ARP. Inter-VLAN proxy ARP takes effect when being applied to the super VLAN. If the destination IP address of the received ARP request packet and the IP address of the inbound interface are in the same network segment, inter-VLAN proxy ARP takes effect. If the source and destination are in the same VLAN, inter-VLAN proxy ARP is not required.

Regardless of whether proxy ARP is used, the source IP address of the received ARP request packet and the IP address of the inbound interface must be in the same network segment.

Intra-VLAN proxy is often used; therefore, the arp-proxy inner-sub-vlan-proxy enable command is used more often than the arp-proxy enable command.

Other related questions:
Proxy ARP configuration on S series switch
An S series switch, except S1700, supports the following proxy ARP: routed proxy ARP, intra-VLAN proxy ARP, and inter-VLAN proxy ARP, which are configured using the arp-proxy enable, arp-proxy inner-sub-vlan-proxy enable, and arp-proxy inter-sub-vlan-proxy enable commands respectively. Routed proxy ARP (available on all models in V2R5 and later versions, but unavailable on S275x and S5700LI in the versions earlier than V2R5) The destination IP address in the received ARP request packet and the IP address of the inbound interface are in different subnets, but there is a route to the destination IP address and the outbound/inbound interfaces of the route are different. Routed proxy ARP takes effect in this situation. The switch uses its MAC address as the source MAC address to return ARP reply packets. Intra-VLAN proxy ARP (available on all models in V2R5 and later versions, but unavailable on S275x and S5700LI in the versions earlier than V2R5) If the destination IP address of the received ARP request packet and the IP address of the inbound interface are in the same subnet, intra-VLAN proxy ARP takes effect. Inter-VLAN proxy ARP (unavailable on S1720, S2720, S275x, S5700LI and E series switches) It is similar to intra-VLAN proxy ARP. Inter-VLAN proxy ARP takes effect only on super VLAN. If the destination IP address of the received ARP request packet and the IP address of the inbound interface are in the same subnet, inter-VLAN proxy ARP takes effect. If the source and destination are in the same VLAN, inter-VLAN proxy ARP is not required. Regardless of which type of proxy ARP is used, the destination IP address of the received ARP request packet and the IP address of the inbound interface must be in the same subnet.

Can proxy ARP take effect for gratuitous ARP packets after proxy ARP is enabled on an interface
Proxy ARP does not take effect for gratuitous ARP packets.

Whether proxy ARP on interfaces of S series switches takes effect on gratuitous ARP packets
On S series switches (except S1700 switches), proxy ARP on interfaces does not take effect on gratuitous ARP packets.

ARP proxy feature of the access network
When a PC sends an Address Resolution Protocol (ARP) request to another PC, the request is processed by the access device connected to the 2 PCs. This process is called ARP proxy. ARP proxy is often used for communication between the sub virtual local area networks (VLANs) in a super VLAN.

Precautions for enabling intra-VLAN proxy ARP and inter-VLAN proxy ARP on S series switches
For S series switches (except S1700 switches): Different from routed proxy ARP, intra-VLAN proxy ARP and inter-VLAN proxy ARP check whether VLAN information at both ends complies with proxy requirements based on the ARP entries of source and destination IP addresses. Therefore, if the ARP entry of a destination IP address does not exist, the device broadcasts an ARP Request packet to all devices on the VLAN (including all sub VLANs in the super VLAN) to request them to learn this ARP entry. If the proxy function is enabled on multiple switches on a network but the destination IP address does not exist, the ARP broadcast packet will trigger the same proxy process on other switches, and a severe broadcast storm may occur.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top