Hi John,

Each switch will maintain a ARP table in which all devices mac-address will be there.
If there is no default gateway pointed then the switch will use the mac-address to communicate with other devices.

As said above if the proxy-arp is enabled on the interface in the L3 device. Once this is done then the both L2 and L3 device communicate with mac address and learn the complte network ARP table which can use for future communication.

Please rate the helpfull posts.
Regards,
Naidu.

Hello,

     Normally It should not work. You might configure wrong subnet on your switch then proxy-arp will take into account. It might be bigger than other.

Toshi

So basically Cadet, when that switch ARps for network X, on Network Y, if it ends up hitting a device on

Network Y with L3 enabled, that device will send its MAC back in the ARP reply, and that device will

take care of the routing so to speak.

Thanks for the help everyone.

Hi,

Yes that's correct.

Regards.

Alain.

Hi,

    Please clarify me some. How can hosts arp for other networks if they are configured correctly? Do they need to use a gateway to get outside?  I mean each network are different. Lets say 10.10.0.0/24 , 10.10.1.0/24. 10.10.2.0/24 and 10.10.3.0/24.  How can host-10.10.0.1/24 arp for host-10.10.2.11/24?  Proxy-arp comes later this.

Toshi 

Well, in my case, if 'ip default-gateway' was configured, it would not use proxy ARP, instead it would go to

whatever that gateway was configured for (which should be on the same subnet), and then go from there.

So if I did 'ip default-gateway 192.168.1.40' for instance and that interface was configured on a L3 device as a routed port,

then it would look in the routing table for a route to Destination whatever...

Hi John,

Please note however that it is generally considered bad practice to have proxy-arp enabled within your network.  There are a number of security concerns surrounding it.

There are very few scenarios where it is considered OK to have it enabled.

One of the biggest disadvantages though are having it relied upon by end devices because someone in the future may not know of this relience, and then replace the router with a device whcih has been 'properly' configured, which then causes every device which has been using it to lose network connectivity.

Please see this document which explains proxy-arp... pay close attention to the disadvantages of using it in particular!

Nick

Hi Toshi,

this is a switch  behaviour not a host.

Regards.

Alain.

Alain,

     Please point me a document for that. It seems that the switch arps for other networks. let's say switch configured 10.10.1.1 mask 255.255.255.0 no gateway it arps for 172.16.11.1 or sth like this.

Toshi

Hi Toshi,

this is same behaviour as a router which has a static route pointing to a multipoint interface, for him all destinations can be reachable out this interface so it doesn't arp for any gateway but directly for the destination IP.

When I find out the document for the switch behaviour I'll post the url.

Regards.

Alain

Toshi

If the host has the correct subnet mask/default-gateway configured then you are right it won't arp out for remote destinations ie.

host 10.1.1.10

subnet mask 255.255.255.0

default-gaterway 10.1.1.1

so from the above if the host wants to communicate with 10.1.2.5 then it will only arp out for it's DG ie. 10.1.1.1. Doesn't matter whether proxy-arp is enabled on the L3 device for the 10.1.1.1 interface or not.

However there are 2 occasions when it will use proxy-arp  -

1) no DG configured on the host. In this case the host literally arps out for everything. This is the same as the original question in this thread

2) if the subnet mask is not correct ie. from the above lets say the subnet mask has been incorrectly entered as -

255.255.0.0 

so the host compares it's IP and subnet mask ie.

10.1.1.10 255.255.0.0 and works out it is on the 10.1.x.x network

the host then compares the remote IP with it's own subnet mask ie.

10.1.2.5 255.255.0.0 and this also equates to the 10.1.x.x network.

So the host thinks the remote IP is on the same subnet and arps out for the destination. So with both 1) and 2) from above if proxy-arp is enabled on the 10.1.1.1 interface the arp will work. If it isn't then you won't have connectivity.

Jon

Hi Jon,

      Thanks for that. I tested it myself. The switch arps for other networks when there is no gateway.

Toshi