ip proxy-arp, Good, Bad, or the Ugly

jmcmasters · ‎02-04-2005

My questions is in regards to ip proxy-arp from a Cable MSO prospective. Do to amount of arp traffic and security, I was thinking of turning ip proxy-arp off on our CMTS's problem I am having is I read something where people will not be able to communicate back and forth via the same CMTS. I need to know how this would effect a cable system by turning proxy-arp off.

Thanks,

Jeremy McMasters

Network Engineer

Atlantic Broadband

amritpatek · ‎02-10-2005

"no cable proxy-arp" - Disables CMs on the same cable interface from communicating with each other. Since all CM-CM traffic must go through the CMTS, it must act as a proxy arp device in order for CMs to talk with each other.

"no cable arp" - Disables broadcast arps from being sent downstream. (For maximum security on the cable network, "cable arp" can be turned off.)

Richard Burts · ‎02-10-2005

I do not have experience in MSO environments. If I understand the documentation correctly the cable proxy-arp command is the equivalent of the ip proxy-arp specifically for cable interfaces.

Proxy-arp is the function of answering ARP requests for destinations not on the local segment. The assumption in ARP is that an end station will ARP for any destination on the local segment and will send to its gateway device or any remote destination. If there is misconfiguration of the end station, or misunderstanding of what the real boundaries or the local segment are, or if the end station is set to act as its own gateway (not uncommon in PPP environments) then there are likely to be many ARP for remote destinations. I have encountered this a number of times working with customers installing cable modems. If you disable proxy-arp this may well be a significant loss of connectivity for many customers.

HTH

Rick

HTH

Rick