Re: [c-nsp] unwanted arp reply traffic at IX

2007-12-15 Thread Daniel Roesen
On Thu, Dec 13, 2007 at 01:10:35AM +0100, Daniel Roesen wrote: On Sun, Nov 18, 2007 at 02:23:57AM +0100, Daniel Roesen wrote: On Sun, Nov 18, 2007 at 12:33:55AM +0100, Daniel Roesen wrote: Router#sh run | i prox ip arp proxy disable Router#sh run int g0/1 | i prox Router#sh

Re: [c-nsp] unwanted arp reply traffic at IX

2007-12-12 Thread Daniel Roesen
On Sun, Nov 18, 2007 at 02:23:57AM +0100, Daniel Roesen wrote: On Sun, Nov 18, 2007 at 12:33:55AM +0100, Daniel Roesen wrote: Router#sh run | i prox ip arp proxy disable Router#sh run int g0/1 | i prox Router#sh ip int g0/1 | i Prox Proxy ARP is enabled I've verified

Re: [c-nsp] unwanted arp reply traffic at IX

2007-12-12 Thread Michael K. Smith - Adhost
Hello Daniel: -Original Message- From: [EMAIL PROTECTED] [mailto:cisco-nsp- [EMAIL PROTECTED] On Behalf Of Daniel Roesen Sent: Wednesday, December 12, 2007 4:11 PM To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] unwanted arp reply traffic at IX On Sun, Nov 18, 2007 at 02:23

Re: [c-nsp] unwanted arp reply traffic at IX

2007-11-17 Thread Daniel Roesen
On Fri, Nov 16, 2007 at 04:50:00PM +0100, Gert Doering wrote: Hooray for Cisco default features. This is one of the more stupid ones, especially as it's enabled by default. Have them configure no ip gratuitous-arps. At least it's configurable on global level, unlike no ip proxy-arp and no

Re: [c-nsp] unwanted arp reply traffic at IX

2007-11-17 Thread Enno Rey
Hi, On Sat, Nov 17, 2007 at 10:33:43PM +0100, Daniel Roesen wrote: On Fri, Nov 16, 2007 at 04:50:00PM +0100, Gert Doering wrote: Hooray for Cisco default features. This is one of the more stupid ones, especially as it's enabled by default. Have them configure no ip gratuitous-arps.

Re: [c-nsp] unwanted arp reply traffic at IX

2007-11-17 Thread Daniel Roesen
On Sat, Nov 17, 2007 at 10:33:43PM +0100, Daniel Roesen wrote: At least it's configurable on global level, unlike no ip proxy-arp and no ip redirects (and others). :-( Slightly correcting myself here: there is ip arp proxy disable in some newer IOS trains which disables proxy-arp globally, and

Re: [c-nsp] unwanted arp reply traffic at IX

2007-11-17 Thread Gert Doering
Hi, On Sat, Nov 17, 2007 at 10:52:34PM +0100, Enno Rey wrote: On Fri, Nov 16, 2007 at 04:50:00PM +0100, Gert Doering wrote: Have them configure no ip gratuitous-arps. hmm... I've always been of the (possibly wrong) opinion that no ip gratuitous-arps was only relevant in PPP scenarios and

Re: [c-nsp] unwanted arp reply traffic at IX

2007-11-17 Thread Tom Storey
From what I gather, the customers PPP sessions are landing on the same box that connects to the IX. Tom Hi, On Sat, Nov 17, 2007 at 10:33:43PM +0100, Daniel Roesen wrote: On Fri, Nov 16, 2007 at 04:50:00PM +0100, Gert Doering wrote: Hooray for Cisco default features. This is one of the

Re: [c-nsp] unwanted arp reply traffic at IX

2007-11-17 Thread Daniel Roesen
On Sun, Nov 18, 2007 at 12:33:55AM +0100, Daniel Roesen wrote: Router#sh run | i prox ip arp proxy disable Router#sh run int g0/1 | i prox Router#sh ip int g0/1 | i Prox Proxy ARP is enabled I've verified that proxy ARP is actually disabled. Just opened a TAC case for that.

[c-nsp] unwanted arp reply traffic at IX

2007-11-16 Thread Chris Caputo
We have two participants at our IX who are spewing out broadcast ARP reply packets onto the fabric. In both cases, the participants are running Cisco routers that have customer ATM based DSL circuits on other interfaces. no ip mobile arp an no ip proxy-arp on the ATM or IX facing interfaces

Re: [c-nsp] unwanted arp reply traffic at IX

2007-11-16 Thread Gert Doering
Hi, On Fri, Nov 16, 2007 at 03:37:48PM +, Chris Caputo wrote: In both cases, the participants are running Cisco routers that have customer ATM based DSL circuits on other interfaces. no ip mobile arp an no ip proxy-arp on the ATM or IX facing interfaces have not stopped the apparent