Proxy Arp necessary for Linux router ?

Hello all and thanks for taking the time to read my post. With all
of the Linux routers I've configured, I've never had to enable Proxy
Arp to get them working in a similar environment.

Our upstream, which resides in the same building we do, has dropped us
an ethernet cable. We have a /30 on one subnet between their router
and ours (Linux). They have then "routed" a C-block (/24) of
addresses to our Linux router.

The subnets that are on each side of the Linux routers are DIFFERENT,
naturally.

Here is what the setup looks like:

ISP eth0 eth1
(Internet) -----|upstream router|-------|Linux router|-------|LAN|

Systems that we have on our LAN point to the eth1 address as their
default route. When I would ping a node on the Net from a system on
our LAN, I would see the packets LEAVE our Linux router and would see
the packets actually make it to their destination. The destination
machine would then answer the ICMP request and the packet would come
back to our Linux router. However, instead of our Linux router
routing the return packet back to the original node on our LAN, I see
the following instead:

06:57:14.730356 arp who-has 209.133.24.126 tell 209.133.23.45

(IP addresses have been modified for this example - as you can see,
the upstream router, on a different subnet, is ARPing for my node)

The .45 address, as shown above, is the ISP side of the /30 which is
THEIR router. The .126 address is the node that I pinged from
originally. Basically it looks as if their router is "ARPing" for
the node which the packet is destined to.

I called the ISP and their engineers stated they did in fact route the
/24 to our Linux router. I finally tried turning on Proxy Arp in the
Linux kernel and Viola, it started working great. However, Proxy Arp
has caused a few other issues and I'd rather not have to use it, nor
have I had to use it any other time I've done this.

So here is my hypothosis: The ISP, in their router, has basically
dropped the /24 onto the same segment as the /30, thus the ARPing
going on....this is why I have to enable Proxy Arp to get it working.
If their router had our Linux router (eth0) as the next hop address
for the /24, it would work WITHOUT Proxy Arp. Am I correct or
totally off??? :-)

Naturally I have ip_forwarding turned on...

Thanks very much for your help!!

Hi,

Krista <(E-Mail Removed)> wrote:
> So here is my hypothosis: The ISP, in their router, has basically
> dropped the /24 onto the same segment as the /30, thus the ARPing
> going on....this is why I have to enable Proxy Arp to get it working.
> If their router had our Linux router (eth0) as the next hop address
> for the /24, it would work WITHOUT Proxy Arp. Am I correct or
> totally off??? :-)

you're correct.

They probably confused ppp-connection with ethernet-connection.

When setting an routing-table entry for an ppp-connection you do
not need to specify the gateway-address (there is only one on the
other side), but if you have a ethernet-connection you need to specify
the gateway ip or you will end up in an situation like yours.

MfG

Daniel