Print

Print


On some gear, it will ARP for an address that is not directly connected when you force the interface being used.
(Basically telling the router "Ignore the forwarding table...use this interface no matter what").

To which the router says "okay, but i'm gonna have to ARP for it, and anyone watching is going to think I don't know what i'm doing...."
(And they'd be correct...)

Under normal circumstances (not specifying the interface), my traceroutes happily go out the shortest transit path shown in the full BGP feed.
No proxy arp here.  :)

~Matthew




On Thu, Aug 16, 2018 at 5:13 PM, Andrew Hoyos <[log in to unmask]> wrote:
Yeah, was just writing this. 
Your router should see that it’s not a directly connected IP, and back up to routing table/FIB. It may ARP for next hop depending on path.

For those with this issue, what say your routing tables for this subnet? And do *you* have proxy arp turned off?

Andrew Hoyos



On Aug 16, 2018, at 3:11 PM, Jeremy Lumby <[log in to unmask]> wrote:

Why would your router ARP for an address that is not on the same subnet as any of your interfaces?
 
From: MICE Discuss [mailto:[log in to unmask]IPHOUSE.NET] On Behalf Of Matthew Beckwell
Sent: Thursday, August 16, 2018 5:01 PM
To: [log in to unmask]IPHOUSE.NET
Subject: Re: [MICE-DISCUSS] Routing of non-IX traffic
 
I'm getting similar behavior as Frank.
 
Like Doug, I only have 45.60.73.0/24 from transit connections.  
So a traceroute from my MICE interface should ARP and die (I would think)....
 
When I traceroute to 45.60.73.16-- my router sends out an ARP request, as expected.
But...I get ARP replies for 45.60.73.16 from these Cisco MACs (in the order they came into my interface):
 
 
00:23:33:c6:a0:c0
206.108.255.50
Cooperative Network Services (CNS)
32609
e4:aa:5d:83:73:06
206.108.255.47
IVDesk
393639
88:43:e1:00:f2:10
206.108.255.18
Consolidated Communications
12042
b0:aa:77:33:7b:03
206.108.255.79
Gigamonster, LLC
31939
3c:08:f6:81:6e:a5
206.108.255.46
OneNetUSA
46131
00:1d:e5:c0:78:c3
206.108.255.5
Implex
21709
54:75:d0:e6:08:30
206.108.255.106
Nuvera Communications
23465
00:11:5d:82:6c:00
206.108.255.80
Future Technologies
26451
 
 
Proxy ARP (or something like it)?
CNS seems to be consistently coming in first place when I clear my ARP entry.
 
~Matthew
AS13746
 
 
 
 
On Thu, Aug 16, 2018 at 3:25 PM, Frank Bulk <[log in to unmask]> wrote:
When I force a traceroute to originate from our MICE-facing connection, the first hop is 206.108.255.50 (AS32609 aka CNS).  Any reason why?  

To making things more interesting, Incapsula-destined traffic goes via Paul Bunyan.  Here's just one example:

traceroute to www.yamaha-dealers.com (45.60.73.16), 30 hops max, 60 byte packets
 1  AS32609.micemn.net (206.108.255.50)  14.059 ms  14.084 ms  14.076 ms
 2  cns70.cnsllc.net (205.149.150.9)  18.484 ms  18.434 ms  18.507 ms
 3  fg30.ips.cnsllc.net (205.149.150.30)  20.254 ms  20.346 ms  20.267 ms
 4  crss2.PaulBunyan.net (205.149.159.197)  20.527 ms  20.562 ms  20.619 ms
 5  cra.PaulBunyan.net (205.149.159.181)  23.398 ms fp233.ips.PaulBunyan.net (205.149.159.233)  22.669 ms cra.PaulBunyan.net (205.149.159.181)  23.393 ms
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
SiouxCenter-Arista-North(s1)

The reason I stumbled across this is because we've had more than a dozen customers over the last month complain about access to Incapsula-protected sites.  Packet captures show TCP RSTs coming from the far side.

Regards,

Frank Bulk
AS53347
 
 

To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1



To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1




To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1




To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1