What are precautions for configuring intra-VLAN proxy ARP and inter-VLAN proxy ARP

2

Compared with routed proxy ARP, intra-VLAN proxy ARP and inter-VLAN proxy ARP can determine whether VLAN information meets proxy requirement based on ARP entries matching source and destination IP addresses of packets. If no ARP entry matches the destination IP address of a packet, the switch broadcasts an ARP request in all sub-VLANs of the super-VLAN to learn the APR entry matching the destination IP addresses.

When multiple switches on a network have proxy ARP enabled and a requested destination IP address does not exist, this ARP broadcast packet triggers the same proxy process on other switches. This cyclic proxy process will cause a broadcast storm.

Other related questions:
Precautions for enabling intra-VLAN proxy ARP and inter-VLAN proxy ARP on S series switches
For S series switches (except S1700 switches): Different from routed proxy ARP, intra-VLAN proxy ARP and inter-VLAN proxy ARP check whether VLAN information at both ends complies with proxy requirements based on the ARP entries of source and destination IP addresses. Therefore, if the ARP entry of a destination IP address does not exist, the device broadcasts an ARP Request packet to all devices on the VLAN (including all sub VLANs in the super VLAN) to request them to learn this ARP entry. If the proxy function is enabled on multiple switches on a network but the destination IP address does not exist, the ARP broadcast packet will trigger the same proxy process on other switches, and a severe broadcast storm may occur.

ARP proxy feature of the access network
When a PC sends an Address Resolution Protocol (ARP) request to another PC, the request is processed by the access device connected to the 2 PCs. This process is called ARP proxy. ARP proxy is often used for communication between the sub virtual local area networks (VLANs) in a super VLAN.

Proxy ARP configuration on S series switch
An S series switch, except S1700, supports the following proxy ARP: routed proxy ARP, intra-VLAN proxy ARP, and inter-VLAN proxy ARP, which are configured using the arp-proxy enable, arp-proxy inner-sub-vlan-proxy enable, and arp-proxy inter-sub-vlan-proxy enable commands respectively. Routed proxy ARP (available on all models in V2R5 and later versions, but unavailable on S275x and S5700LI in the versions earlier than V2R5) The destination IP address in the received ARP request packet and the IP address of the inbound interface are in different subnets, but there is a route to the destination IP address and the outbound/inbound interfaces of the route are different. Routed proxy ARP takes effect in this situation. The switch uses its MAC address as the source MAC address to return ARP reply packets. Intra-VLAN proxy ARP (available on all models in V2R5 and later versions, but unavailable on S275x and S5700LI in the versions earlier than V2R5) If the destination IP address of the received ARP request packet and the IP address of the inbound interface are in the same subnet, intra-VLAN proxy ARP takes effect. Inter-VLAN proxy ARP (unavailable on S1720, S2720, S275x, S5700LI and E series switches) It is similar to intra-VLAN proxy ARP. Inter-VLAN proxy ARP takes effect only on super VLAN. If the destination IP address of the received ARP request packet and the IP address of the inbound interface are in the same subnet, inter-VLAN proxy ARP takes effect. If the source and destination are in the same VLAN, inter-VLAN proxy ARP is not required. Regardless of which type of proxy ARP is used, the destination IP address of the received ARP request packet and the IP address of the inbound interface must be in the same subnet.

How Do I configure proxy ARP on an AR
An AR router supports routed proxy ARP, intra-VLAN proxy ARP, and inter-VLAN proxy ARP. - Routed proxy ARP Routed proxy ARP allows hosts on the same network segment across different physical networks to communicate. The configuration is as follows: [Huawei] interface ethernet2/0/0 [Huawei-Ethernet2/0/0] arp-proxy enable - Intra-VLAN proxy ARP Intra-VLAN proxy ARP allows hosts on the same network segment and VLAN where isolation is configured to communicate. The configuration is as follows: [Huawei] interface vlanif 10 [Huawei-Vlanif10] arp-proxy inner-sub-vlan-proxy enable - Inter-VLAN proxy ARP Inter-VLAN proxy ARP allows hosts on the same network segment but different VLANs to communicate . The configuration is as follows: [Huawei] interface vlanif 10 [Huawei-Vlanif10] arp-proxy inter-sub-vlan-proxy enable

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top