Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
Proxy ARP

Proxy ARP

Created: Feb 27, 2021 14:50:21Latest reply: May 28, 2021 11:07:35 259 3 1 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

Dear community,

Can you tell me the function and application scenarios of proxy ARP in detail?

I'm preparing for the HCIP exam, and I'm a little confused about that.

Thank you very much.



Like (1) Dislike (0) Favorite(0) Share Report
Previous: How many new firmware is released in a year
Next: How to create a police map in the NE 8000 M8 Route
Featured Answers

Best answer

Recommended answer

(0) (0)
Popeye_Wang
Admin Created Feb 27, 2021 14:50:38

Hello,

You can find the detailed information in the product documentation.

Functions and Scenarios of Proxy ARP

(1) Function: Enables hosts on the same network segment but different physical networks to communicate with each other.

Proxy ARP is classified into the following types: routed proxy ARP, intra-VLAN proxy ARP, and inter-VLAN Proxy ARP. Table 1 describes the usage scenarios.

Table 1 Proxy ARP types

Proxy ARP Type

Usage Scenario

Routed proxy ARP

Hosts (without default gateway address configured) that   need to communicate belong to the same network segment across different   physical networks (different broadcast domains).

Intra-VLAN proxy ARP

Hosts that need to communicate belong to the same   network segment and VLAN but port isolation is configured in the VLAN.

Inter-VLAN proxy ARP

Hosts that need to communicate belong to the same   network segment but different VLANs.

Proxy ARP has the following characteristics:

·         Proxy ARP is deployed on the gateway without any modifications to the configurations of the hosts on a network.

·         Proxy ARP can shield topologies of physical networks so that hosts on different physical networks can use the same network ID to communicate.

·         Proxy ARP affects only the ARP table on hosts but does not affect the ARP table and routing table on the gateway.

Routed Proxy ARP

Routed proxy ARP enables communication among network devices on the same network segment but different physical networks.

If a host connected to the device is not configured with a default gateway address (that is, the host does not know how to reach the intermediate system of the network), the device cannot forward data packets.

As shown in Figure 1, the IP address of Host_1 is 172.16.1.10/16 and that of Host_2 is 172.16.2.20/16, and Host_1 and Host_2 are located on the same network segment. The Router connects to two networks through VLANIF 10 and VLANIF 20. The IP addresses of VLANIF 10 and VLANIF 20 are located on different network segments.

Figure 1 Network diagram of routed proxy ARP
                                               

arp

The IP addresses of Host_1 and Host_2 are on the same network segment. When Host_1 needs to communicate with Host_2, Host_1 broadcasts an ARP Request packet, requesting the MAC address of Host_2. However, Host_1 and Host_2 are on different physical networks (in different broadcast domains). Host_2 cannot receive the ARP Request packet sent from Host_1 and does not respond with an ARP Reply packet.

To resolve this problem, enable routed proxy ARP on the Router. After routed proxy ARP is enabled, the Router queries the routing table after receiving the ARP Request packet. Host_2 is directly connected to the Router, so the Router has the routing entry of Host_2. The Router then uses its MAC address to send an ARP Reply packet to Host_1. Host_1 forwards data based on the MAC address of the Router. In this case, the Router functions as the proxy of Host_2. As shown in Figure 1, the MAC address of VLANIF 10 on the Router matches the IP address of Host_2 in the ARP entry on Host_1.

Intra-VLAN Proxy ARP

If two users belong to the same VLAN with port isolation configured, intra-VLAN proxy ARP can be enabled on the interfaces associated with the VLAN to allow the hosts to communicate at Layer 3.

As shown in Figure 2, Host_1 and Host_2 are connected to the Router. The two interfaces connected to Host_1 and Host_2 belong to VLAN 10 on the Router.

Figure 2 Network diagram of intra-VLAN proxy ARP
arp

Host_1 and Host_2 cannot communicate at Layer 2 because port isolation in a VLAN is configured on the Router.

If intra-VLAN proxy ARP is enabled on the Router's interface, Host_1 and Host_2 can communicate at Layer 3. After the Router's interface receives an ARP Request packet whose destination address is not its own address, the Router does not discard the packet but searches for the ARP entry matching the interface. If an ARP entry matches Host_2, the Router sends its own MAC address to Host_1 and forwards the packet destined for Host_2. In this case, the Router functions as the proxy of Host_2.

Inter-VLAN Proxy ARP

If two hosts belong to the same network segment but different VLANs, inter-VLAN proxy ARP can be enabled on the interfaces (for example, the VLANIF interfaces or sub-interfaces) associated with the VLANs to enable users to communicate at Layer 3.

As shown in Figure 3, Host_1 and Host_2 on the same network segment are connected to the Router, Host_1 belongs to VLAN 10, and Host_2 belongs to VLAN 20.

Figure 3 Network diagram of inter-VLAN proxy ARP

arp

Host_1 and Host_2 belong to different sub-VLANs, so they cannot communicate at Layer 2.

After inter-VLAN proxy ARP is enabled on the Router, Host_1 and Host_2 can communicate at Layer 3. After the Router's interface receives an ARP Request packet whose destination address is not its own address, the Router does not discard the packet but searches for ARP entries (including dynamically learned ARP entries and statically configured ARP entries). If an ARP entry matches Host_2, the Router sends its own MAC address to Host_1 and forwards the packet destined for Host_2. In this case, the Router functions as the proxy of Host_2.

Any further questions, let us know!


View more
  • x
  • convention:
All Answers
(0) (0)
2#
Popeye_Wang
Popeye_Wang Admin Created Feb 27, 2021 14:50:38

Hello,

You can find the detailed information in the product documentation.

Functions and Scenarios of Proxy ARP

(1) Function: Enables hosts on the same network segment but different physical networks to communicate with each other.

Proxy ARP is classified into the following types: routed proxy ARP, intra-VLAN proxy ARP, and inter-VLAN Proxy ARP. Table 1 describes the usage scenarios.

Table 1 Proxy ARP types

Proxy ARP Type

Usage Scenario

Routed proxy ARP

Hosts (without default gateway address configured) that   need to communicate belong to the same network segment across different   physical networks (different broadcast domains).

Intra-VLAN proxy ARP

Hosts that need to communicate belong to the same   network segment and VLAN but port isolation is configured in the VLAN.

Inter-VLAN proxy ARP

Hosts that need to communicate belong to the same   network segment but different VLANs.

Proxy ARP has the following characteristics:

·         Proxy ARP is deployed on the gateway without any modifications to the configurations of the hosts on a network.

·         Proxy ARP can shield topologies of physical networks so that hosts on different physical networks can use the same network ID to communicate.

·         Proxy ARP affects only the ARP table on hosts but does not affect the ARP table and routing table on the gateway.

Routed Proxy ARP

Routed proxy ARP enables communication among network devices on the same network segment but different physical networks.

If a host connected to the device is not configured with a default gateway address (that is, the host does not know how to reach the intermediate system of the network), the device cannot forward data packets.

As shown in Figure 1, the IP address of Host_1 is 172.16.1.10/16 and that of Host_2 is 172.16.2.20/16, and Host_1 and Host_2 are located on the same network segment. The Router connects to two networks through VLANIF 10 and VLANIF 20. The IP addresses of VLANIF 10 and VLANIF 20 are located on different network segments.

Figure 1 Network diagram of routed proxy ARP
                                               

arp

The IP addresses of Host_1 and Host_2 are on the same network segment. When Host_1 needs to communicate with Host_2, Host_1 broadcasts an ARP Request packet, requesting the MAC address of Host_2. However, Host_1 and Host_2 are on different physical networks (in different broadcast domains). Host_2 cannot receive the ARP Request packet sent from Host_1 and does not respond with an ARP Reply packet.

To resolve this problem, enable routed proxy ARP on the Router. After routed proxy ARP is enabled, the Router queries the routing table after receiving the ARP Request packet. Host_2 is directly connected to the Router, so the Router has the routing entry of Host_2. The Router then uses its MAC address to send an ARP Reply packet to Host_1. Host_1 forwards data based on the MAC address of the Router. In this case, the Router functions as the proxy of Host_2. As shown in Figure 1, the MAC address of VLANIF 10 on the Router matches the IP address of Host_2 in the ARP entry on Host_1.

Intra-VLAN Proxy ARP

If two users belong to the same VLAN with port isolation configured, intra-VLAN proxy ARP can be enabled on the interfaces associated with the VLAN to allow the hosts to communicate at Layer 3.

As shown in Figure 2, Host_1 and Host_2 are connected to the Router. The two interfaces connected to Host_1 and Host_2 belong to VLAN 10 on the Router.

Figure 2 Network diagram of intra-VLAN proxy ARP
arp

Host_1 and Host_2 cannot communicate at Layer 2 because port isolation in a VLAN is configured on the Router.

If intra-VLAN proxy ARP is enabled on the Router's interface, Host_1 and Host_2 can communicate at Layer 3. After the Router's interface receives an ARP Request packet whose destination address is not its own address, the Router does not discard the packet but searches for the ARP entry matching the interface. If an ARP entry matches Host_2, the Router sends its own MAC address to Host_1 and forwards the packet destined for Host_2. In this case, the Router functions as the proxy of Host_2.

Inter-VLAN Proxy ARP

If two hosts belong to the same network segment but different VLANs, inter-VLAN proxy ARP can be enabled on the interfaces (for example, the VLANIF interfaces or sub-interfaces) associated with the VLANs to enable users to communicate at Layer 3.

As shown in Figure 3, Host_1 and Host_2 on the same network segment are connected to the Router, Host_1 belongs to VLAN 10, and Host_2 belongs to VLAN 20.

Figure 3 Network diagram of inter-VLAN proxy ARP

arp

Host_1 and Host_2 belong to different sub-VLANs, so they cannot communicate at Layer 2.

After inter-VLAN proxy ARP is enabled on the Router, Host_1 and Host_2 can communicate at Layer 3. After the Router's interface receives an ARP Request packet whose destination address is not its own address, the Router does not discard the packet but searches for ARP entries (including dynamically learned ARP entries and statically configured ARP entries). If an ARP entry matches Host_2, the Router sends its own MAC address to Host_1 and forwards the packet destined for Host_2. In this case, the Router functions as the proxy of Host_2.

Any further questions, let us know!


View more
  • x
  • convention:
(0) (0)
3#
user_4143345
user_4143345 Created May 28, 2021 09:13:16

Thanks.
View more
  • x
  • convention:
(0) (0)
4#
andersoncf1
andersoncf1 MVE Author Created May 28, 2021 11:07:35

Community members have already brought in accurate information.
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.