From: Raheel Itrat (syedraheel@gmail.com)
Date: Tue Oct 21 2008 - 12:13:34 ARST
Nice explainations Huan!
Fahad !
Yes I was using dynamips for this c3725-adventerprisek9-mz.124-15.T with the
nm-16 sw module in it for the switch and c3640-jk9o3s-mz.124-5a for the
routers and what would you say about Huan's explainations?
On Tue, Oct 21, 2008 at 1:03 PM, Huan Pham
<Huan.Pham@peopletelecom.com.au>wrote:
>
> Hi Raheel,
>
> Marko's soluton are surely valid options.
>
> In addition to static ARP, and mobile IP, we can also disable routing
> all together on both routers, or you can have a secondary IP of each
> other subnet, and they should be able to ping each other. No need any
> static route for both cases, obviously, as when you disable routing the
> routers will only act like hosts, without routing functionality. When
> you have the secondary IP configure, the routers have the route to each
> other already.
>
>
> I would just like to add some input as to why these are needed.
>
> By default, when routing is enabled, routers will not respond to arp
> requests from stations whose source IP addresses are not on the IP
> subnet that receives the request, regardless of whether proxy arp or
> local proxy arp is enabled or not.
>
> When R1 try to ARP for R2 IP address, R2 will see the ARP comes from
> 101.1.1.1 on the interface that has IP of 102.1.1.1/24, and will ignore
> it.
>
> R2#
> *Mar 1 06:39:11.166: IP ARP req filtered src 101.1.1.1 0000.1111.1111,
> dst 101.1.1.2 0000.0000.0000 wrong cable, interface FastEthernet0/0
>
> To disable this sanity check, you will have to use any of the three
> solutions above
>
> 1. Static ARP
>
> R2#
> arp 101.1.1.1 0000.1111.1111 arpa
>
> 2. Local LAN Mobility
>
> R2#
> interface FastEthernet0/0
> mac-address 0000.2222.2222
> ip address 102.1.1.1 255.255.255.0
> ip mobile arp
>
> See the debug message that R2 now does not complain any more about ARP
> from wrong subnet!
> R2#
> *Mar 1 06:43:15.334: IP ARP: rcvd req src 101.1.1.1 0000.1111.1111, dst
> 102.1.1.1 FastEthernet0/0
> *Mar 1 06:43:15.334: IP ARP: sent rep src 102.1.1.1 0000.2222.2222,
> dst 101.1.1.1 0000.1111.1111 FastEthernet0/0
>
>
> 3. Disable routing on both routers.
>
> 4. Configure secondary IP address.
>
>
>
>
> The Local Proxy Arp or Proxy Arp are not required here.
>
> - Local proxy arp is used, so that a router can work as proxy for two
> hosts on the same subnet, which normally can not communicate directly
> (e.g. Private VLAN or on protected port).
>
> - Proxy arp (on by default) is used so that router responds on any ARP
> for subnets outside LAN subnet (e.g. when you have a default static
> route on R1 pointing to e0/0, instead of R2 LAN IP, you will need to
> enable R2 proxy arp (on by default).
>
> As said above, both these options does not work for you, because you
> have a different IP subnet on the two routers, and by default, routers
> just ignore ARP request from each other.
>
>
>
>
> Hope this helps,
>
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Marko Milivojevic
> Sent: Tuesday, 21 October 2008 12:40 PM
> To: GS CCIE-Lab
> Cc: Raheel Itrat
> Subject: Re: diffrent Subnet IPs on same VLAN and Proxy-Arp
>
> Enable ARP debugging on the routers or even better, sniff the traffic on
> both routers and it should be pretty clear why ping fails.
>
> As to the solution for your problem, you may want to look into static
> ARP as a very crude solution, or mobile ip as a relatively neat one
> :-)
>
> --
> Marko
> CCIE #18427 (SP)
> My network blog: http://cisco.markom.info/
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:21 ARST