From: Muhammad Nasim (muhammad.nasim@gmail.com)
Date: Wed Dec 06 2006 - 22:48:40 ART
Hi Koury,
Without prompting, a gratuitous ARP (gARP) message tells all hosts on a
network segment, the IP address to MAC address binding for that
host.Unfortunately, a gARP can easily be spoofed.Any device can pretend to
be something it is not by sending out a gARP with its IP address.This causes
the endpoint to replace the MAC address of a legitimate network device with
the MAC address of the attacker in the ARP table of the target device.
By default, most Cisco routers send out a gratuitous gARP message whenever a
client connects and negotiates an IP address over a PPP connection. A gARP
is the main mechanism used in ARP poisoning attacks. You should disable
gARPs unless they are otherwise needed.
We can disable gratuitous ARP transmissions using the no ip gratuitous-arps
command in global configuration mode.
gARP transmission occurs when the client receives the address from a local
address pool.If we dont want to send the address to the client from the
local address pool then we should disable the command
HTH
On 12/6/06, koury@london.com <koury@london.com> wrote:
>
> Hi, Guys!
>
> Can someone explain how the command "no ip gratuitous-arp" works?
> The router stop to send out or/and to process "gratuitous arps"?
> Which situation we enable or disable it?
>
> Thanks!!!
> Koury
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Muhammad Nasim Network Engineer SISCOM Saudi Arabia
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART