[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

arp published vs arp published (proxying only..) (fwd)

Hmmm.. maybe this would be more apropriate thing for tech@ rather than
misc. However, playing for a while I noticed that pppd used with arpproxy 
also leaves records in arp table, so if `persist' option was used, it
fails to enable arp proxying on startup. (the other funny thing is that it
always complains about the local end IP in error message, while there are
only remote end IP (and so it should be) in the arp/routing tables. I need
to have a look on the source code to see what actually happens.

---------- Forwarded message ----------
Date: Thu, 20 Jan 2000 01:54:47 +0500 (KGT)
From: CyberPsychotic <fygrave@epr0.org>
To: misc@openbsd.org
Subject: arp published vs arp published (proxying only..)

Hello people,

I've got the feeling that I am just confusing something here or just hit
some bug/problem where I miss some details. Here's the snapshot of it:

When pppd sets up arp proxy it adds arp entry with the NIC mac address to
arp table and it's marked as `proxy only' (SIN_PROXY flag). However when I
am trying to set up arp proxying with `arp' untility, this flag gets
dropped somewhy (for `arp -s X:X:X:X:X:X pub' I just see static
published). Also in routing table this file appears to be routed to NIC
with local mac address (which doesn't happen with `proxy only' entry).

First I thought that it's a bug in arp so I modified arp code to use
SIN_PROXY without any error/args checking (just a quick fix to see if it'd
work overriding any possible probs). Things remained the same. Moreover, I
hacked a quick piece out of pppd source to add arpproxy entries, but
either I missed something or confused things up, but I constantly get
`invalid argument` on my attempt to write to routing socket. I am just
wondering am I missing something critical in here, or it's still just a
possible bug which I failed to track down?

The problem which I am trying to solve with arp proxying is following:

I have two subnets, first is C class subnet (, the second
is classless subnet with 28 bit prefix, which uses part of IP space from
the first subnet. The reason why this is done is that only a single block
of 256 ip addresses is routed by ISP to ROUTER. And router doesn't know
how to route classless subnets. (nor I have access to it to add static
routes). So it expects to find every host of in the LAN
which it's connected to. 

Two subnets are interconnected by OpenBSD machines (as shown on the
pic): (network A)
                                 (network B)
     |              ppp link              |
-----+----{ BOXA }-----/                  +----- ..
     |                /--------{ BOXB }---|
-----+                                    +-------|ROUTER|---- ... ISP

The only solution for the problem, which I see here, is to run
arp-proxying on boxb for whole subnet. I.g. I need BOXB
just to answer all arp-requests for these IP addresses without modifying
routing table! However `arp -s IP MACADDRESS pub' not only makes BOXB to
respond ARP requests, but also to route the packets nowhere (what I think
is happening, is that it routes packets to local NIC until TTL expires.
However when I remove routes to these IPs (and static arp entries
dissapear also) I temporally could reach the network B from ISP, until the
ARP entry for network B IP address on ROUTER expire. (which basically
shows that plain arp proxying will work in such situation).

 What I am trying to do now is writing some custom libpcap/Libnet based 
daemon code which would just listen to arp requests and spoof arp
responces for given IP range. it would take me a couple of days coding, so
I am basically wondering if there would be some easier solution to the

I would appreciate any feedback


     Key fingerprint = 4422 16FC 3C7D E10A B044  CA4F 2BE0 3943 9758 9324