Inter-VLAN Routing and Proxy Arp

Question

the network above shown has PC1(10.10.10.1) AND PC2(10.10.10.2) IN VLAN 10 10.10.10.0/24 AND PC3(20.20.20.3) and PC4(20.20.20.4) in VLAN 20 20.20.20.0/24

I have configured all the configuration of inter-VLAN routing. Sub-interfaces on router for VLAN10 and VLAN 20, switch-port to router as trunk and switch-port to to PC's as access but the only thing I have not set is the Default gateway of PC1 and PC 2 as router sub-interface 10.10.10.254 and for PC3 and PC4 as sub-interface 20.20.20.254 and I except that that PC1 should ping PC3 AND PC4 using Proxy ARP which is not working . WHY ? Since router knows both network(VLAN's)10.10.10.0/24 and 20.20.20.0/24 so it must give it's MAC address to PC1 to ping PC3 and PC4

Answer 1

Let me start by saying proxy ARP is at best a sloppy solution. They only time I found it useful as a feature is when I was dealing with devices on the network that could not utilize classless netmasks or couldn't set a default route.

Yes, it can "cover" many client configuration or bad design problems, but it doesn't fix those problems. It also doesn't "cover" all of them and it can make troubleshooting issues more difficult.

Getting back to your question, the most likely reason this isn't working is that your client's aren't ARPing. My guess is that you have given them what is often considered a "standard" network mask of /24. In your example, there is likely no solution to get proxy ARP to work as clients should not accept a network mask less than /8 so your client will never think the destination is on the local network and send out an ARP request.

Why? A client uses it's IP address and network mask to determine if a destination is on the local network or not. If it is on the local network, the client checks it's ARP table for any entries for the destination and if one doesn't exist, will send out an ARP request to get this information. This is where the router with proxy ARP enabled can respond, but if there is no ARP request then the router cannot provide a proxy ARP response.

If the destination is not on the local network, then the client will check it's routing table to see where to forward the traffic. This is typically your default gateway.

Now, with the IP addresses you used, when the client checked the destination against it's IP/mask, it would find the destination is not on the local network. Going to the routing table, it won't have a specific entry for the destination network (clients won't by default) and no default route/gateway. It will then fail with a "no route to host" type of message.

Answer 2

after a lot of search i can figure out that , you can only make use of proxy arp if PC1 in your example can think that PC 3,4 are directly connected to it to start send ARP request to obtain there MAC address .
for example in your topology PC1 which is (10.10.10.1/24) can't think that PC 3,4 are directly connected to it because there ips are (20.20.20.3,4/24) but if you want pc 1 use proxy arp to send packets to pc 3,4 you must make PC1 ip 10.10.x.x/16 and make PC 3,4 something like 10.10.20.X/24 and make router sub interfaces in same IP range of each segment in this case pc1 can think pc3,4 are directly connected to it and start to send proxy ARP .

or avoid all this headache may you use Default GW

Answer 3

ARP should work if you want to ping an PC in the same VLAN, but, if you want to communicate with PC in other networks, you should set a default route to a gateway of that network, in this case, the subinterface that you have configured. Only in that way, you will be able to do what you want.

Answer 4

Until you set a route in your PCs they don't know what to do with the packets. Type "route print" in a command prompt of your windows PC. You will see a route to your local network but no route to anywhere else. Once you set the default route then the machine knows where to send packets.