|
||||||||
On 4/13/05, Roman Kuznetsov <rk at systola dot de> wrote: > > -----Original Message----- > > From: Claude Morin [mailto:klodefactor at gmail dot com] > > Sent: Dienstag, 12. April 2005 19:28 > > To: Roman Kuznetsov > > Cc: Chris Buechler; m0n0wall at lists dot m0n0 dot ch > > Subject: Re: [m0n0wall] Server NAT does not work? > > > > This proxy ARP question has arisen a few times recently. For > > the interest of list members who may not understand proxy ARP > > fully, here's an explanation: > > http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_ > > note09186a0080094adb.shtml > > > > This is exactly why I said it is illogical. > > I know what Proxy ARP is and even in this cisco document it says (my accents): > "Proxy ARP is the technique in which one host, usually a router, answers ARP > requests intended for *another* machine. By "faking" its identity, the router > accepts responsibility for *routing* packets to the "real" destination." > > This is what got me confused: one usually uses Proxy ARP to proxy requests to > another machine, not the same machine. A common practice for having multiply > addresses on the same interface is by means of aliasing, nor by proxying. > Otherwise this can be very confusing, since means of the task resolution seems > to have different application. > It's not going to the same machine though, the IP in question is being assigned to entries that are NAT'ed to hosts behind m0n0wall. It is indeed going to another machine. -Chris |