"brainwashed crap" Are you trolling? If you read the RFC's for gateway requirements it does not say that gateways MUST or SHOULD use proxy ARP. However, it is strongly suggestive that most gateways DO use proxy ARP, and makes references to other RFC's which state plainly that it is in common use. "Because it has to be" refers to the need for it is most clueless networks where the network administrators don't understand octet boundary subnetting, let alone subnet boundaries on any bit position or, God help them, variable subnet masks.
If the network administrator has a clue, it should be no big deal in remembering to turn it off. There are a host of things that need to be setup on a router, some of which can't have appropriate defaults because they require network-specific settings. I did not think it was necessary to explain this. HTH, Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS Senior Network Engineer Coleman Technologies, Inc. 954-298-1697 -----Original Message----- From: Gert Doering [mailto:[EMAIL PROTECTED] Sent: Saturday, March 22, 2008 3:07 AM To: Fred Reimer Cc: Gert Doering; Eric Cables; [email protected] Subject: Re: [c-nsp] Proxy ARP -- To disable, or not to disable.. Hi, On Fri, Mar 21, 2008 at 08:47:18PM -0400, Fred Reimer wrote: > I believe it is on by default because it has to be. "because it has to be"? What sort of brainwashed crap is that? It's on because someone in the past thought it might be a good idea (and when I was young and green and before the first nasty surprises, I even agreed...) - and Cisco really dislikes changing defaults. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025 [EMAIL PROTECTED]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
