I understand what ARP is and what it does. That's why what's transpiring is so confusing. There are no proxy arp's taking place because it's only one network. There's a wifi network with a totally different subnet doing DHCP, and the Arp table on the firewall shows the correct MAC for that IP address. It's simply a straightforward connection on a very simple network, fixed IP, firewall as gateway, no DHCP, no other networks involved.
Jay Dale I.T. Manager, 3GiG Mobile: 713.299.2541 Email: [email protected] Confidentiality Notice: This e-mail, including any attached files, may contain confidential and/or privileged information for the sole use of the intended recipient. If you are not the intended recipient, you are hereby notified that any review, dissemination or copying of this e-mail and attachments, if any, or the information contained herein, is strictly prohibited. If you are not the intended recipient (or authorized to receive information for the intended recipient), please contact the sender by reply e-mail and delete all copies of this message. -----Original Message----- From: Ben Scott [mailto:[email protected]] Sent: Monday, April 12, 2010 12:27 PM To: NT System Admin Issues Subject: Re: Initial access to server denied, then accepted I know MBS said this was an over-simplification, but I think it's actually "wrong" on a couple of important points. On Mon, Apr 12, 2010 at 11:35 AM, Michael B. Smith <[email protected]> wrote: > The way IP determines whether something is LOCAL is by issuing > an "address resolution protocol request". A computer determines whether something is local by looking at its own routing table. For most computers, the routing table is influenced by two things: The default gateway, and the computer's own IP address and netmask. The IP address/netmask defines the local network. If a packet's destination address would be on the local network, then the computer broadcasts an ARP request. Everything else gets sent to the default gateway. (The default gateway has an IP address of its own, on the local network, and that is resolved via ARP, so the computer can reach the default gateway.) > If an upstream or downstream switch has that IP connected to > their matrix, they'll respond with a proxy ARP response saying > that they'll forward it. Switches (layer two devices) do not generate or "look at" ARP requests at all. They simply forward network frames. Routers (layer three devices) respond to ARP requests. Normally, a router will only respond to an ARP request if the router's interface is configured for that IP address. Routers can also respond to ARP requests on behalf of other networks, *if* the router is configured for proxy ARP, but that's something of a rare case these days. > If there is no response to the ARP, then the message goes out the default > gateway. Once ARP gets involved, the gateway-vs-local decision has already been made. If there is no response to an ARP request, the computer will return a "Destination unreachable" error to the transmitting program. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
