Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
284
Views
0
Helpful
3
Replies

arp reply as broadcast

ksAlec
Level 1
Level 1

‎09-14-2023 03:08 AM

Why would an arp reply be sent as a broadcast? And out on an interfaces that didn't send the request?

I've disabled proxy arp and I can still see arp replies from our cisco

12:05:18.299985 5c:71:0d:xx:xx:xx > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Reply 10.x.x.x is-at 5c:71:0d:xx:xx:xx, length 46

0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎09-14-2023 03:21 AM

You need to give more information what IP address its ARP ? same subnet of the interface IP  or different segement.

https://www.cisco.com/c/en/us/support/docs/ip/dynamic-address-allocation-resolution/13718-5.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

ksAlec
Level 1
Level 1
In response to balaji.bandi

‎09-14-2023 03:39 AM

The interface I see it on is a different segment from the address the arp reply is about.

The arp request didn't come in on that interface either.

But even if it die I'd expect a reply not to be a broadcast anyway.

0 Helpful

MHM Cisco World
VIP
VIP
In response to ksAlec

‎09-14-2023 04:50 AM

As you mention two cases here

One is proxy arp 

Other is there is static route toward interface.

So disable proxy arp

Change static route to include next hop and egress interface 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card