Print

Print


At one level I agree with you, especially when you are talking about IXPs.
However, facing userland, proxy arp plasters over a myriad of silly
misconfigurations and typos. Which from a TAC and help desk point of view
is a good thing, many tickets that are never opened, because it just works.

On Thu, Aug 16, 2018 at 5:25 PM, Ryan Goldberg <[log in to unmask]>
wrote:

> Proxy arp enabled by default is the silliest thing Cisco ever did.
>
> On Aug 16, 2018, at 5:14 PM, Andrew Hoyos <[log in to unmask]> wrote:
>
> Yeah, was just writing this.
> Your router should see that it’s not a directly connected IP, and back up
> to routing table/FIB. It may ARP for next hop depending on path.
>
> For those with this issue, what say your routing tables for this subnet?
> And do *you* have proxy arp turned off?
>
> —
> Andrew Hoyos
> [log in to unmask]
>
>
>
> On Aug 16, 2018, at 3:11 PM, Jeremy Lumby <[log in to unmask]> wrote:
>
> Why would your router ARP for an address that is not on the same subnet as
> any of your interfaces?
>
> *From:* MICE Discuss [mailto:[log in to unmask]
> <[log in to unmask]>] *On Behalf Of *Matthew Beckwell
> *Sent:* Thursday, August 16, 2018 5:01 PM
> *To:* [log in to unmask]
> *Subject:* Re: [MICE-DISCUSS] Routing of non-IX traffic
>
> I'm getting similar behavior as Frank.
>
> Like Doug, I only have 45.60.73.0/24 from transit connections.
> So a traceroute from my MICE interface should ARP and die (I would
> think)....
>
> When I traceroute to 45.60.73.16-- my router sends out an ARP request, as
> expected.
> But...I get ARP replies for 45.60.73.16 from these Cisco MACs (in the
> order they came into my interface):
>
>
> 00:23:33:c6:a0:c0
> 206.108.255.50
> Cooperative Network Services (CNS)
> 32609
> e4:aa:5d:83:73:06
> 206.108.255.47
> IVDesk
> 393639
> 88:43:e1:00:f2:10
> 206.108.255.18
> Consolidated Communications
> 12042
> b0:aa:77:33:7b:03
> 206.108.255.79
> Gigamonster, LLC
> 31939
> 3c:08:f6:81:6e:a5
> 206.108.255.46
> OneNetUSA
> 46131
> 00:1d:e5:c0:78:c3
> 206.108.255.5
> Implex
> 21709
> 54:75:d0:e6:08:30
> 206.108.255.106
> Nuvera Communications
> 23465
> 00:11:5d:82:6c:00
> 206.108.255.80
> Future Technologies
> 26451
>
>
> Proxy ARP (or something like it)?
> CNS seems to be consistently coming in first place when I clear my ARP
> entry.
>
> ~Matthew
> [log in to unmask]
> AS13746
>
>
>
>
> On Thu, Aug 16, 2018 at 3:25 PM, Frank Bulk <[log in to unmask]>
> wrote:
> When I force a traceroute to originate from our MICE-facing connection,
> the first hop is 206.108.255.50 (AS32609 aka CNS).  Any reason why?
>
> To making things more interesting, Incapsula-destined traffic goes via
> Paul Bunyan.  Here's just one example:
>
> traceroute to www.yamaha-dealers.com (45.60.73.16), 30 hops max, 60 byte
> packets
>  1  AS32609.micemn.net  (206.108.255.50)
> 14.059 ms  14.084 ms  14.076 ms
>  2  cns70.cnsllc.net (205.149.150.9)  18.484 ms  18.434 ms  18.507 ms
>  3  fg30.ips.cnsllc.net (205.149.150.30)  20.254 ms  20.346 ms  20.267 ms
>  4  crss2.PaulBunyan.net  (205.149.159.197)
> 20.527 ms  20.562 ms  20.619 ms
>  5  cra.PaulBunyan.net  (205.149.159.181)
> 23.398 ms fp233.ips.PaulBunyan.net  (205.149.159.233)
> 22.669 ms cra.PaulBunyan.net  (205.149.159.181)
> 23.393 ms
>  6  * * *
>  7  * * *
>  8  * * *
>  9  * * *
> 10  * * *
> 11  * * *
> 12  * * *
> 13  * * *
> 14  * * *
> 15  * * *
> 16  * * *
> 17  * * *
> 18  * * *
> 19  * * *
> 20  * * *
> 21  * * *
> 22  * * *
> 23  * * *
> 24  * * *
> 25  * * *
> 26  * * *
> 27  * * *
> 28  * * *
> 29  * * *
> 30  * * *
> SiouxCenter-Arista-North(s1)
>
> The reason I stumbled across this is because we've had more than a dozen
> customers over the last month complain about access to Incapsula-protected
> sites.  Packet captures show TCP RSTs coming from the far side.
>
> Regards,
>
> Frank Bulk
> AS53347
>
>
> ------------------------------
>
> To unsubscribe from the MICE-DISCUSS list, click the following link:
> http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
>
> ------------------------------
>
> To unsubscribe from the MICE-DISCUSS list, click the following link:
> http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
>
>
>
> ------------------------------
>
> To unsubscribe from the MICE-DISCUSS list, click the following link:
> http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
>
>
> ------------------------------
>
> To unsubscribe from the MICE-DISCUSS list, click the following link:
> http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
>



-- 
===============================================
David Farmer               Email:[log in to unmask]
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================