Proxy-arp

[daelious]

Hi all,

I'm relatively new to this term, but I'm needing to set up a proxy arp on a router so that it will route a set of 10 ip's to a cisco switch, and the switch will delegate them out to different servers. Could someone give me a starting point for this? I'm sure I'll need to explain more, but I'm not even sure where to start.

Roughly the topology will be similar to this:
---------- ----------
=====| Router | =======| Switch |
---------- ----------

The router is a 2801 and the switch is a catalyst 2960.


Thanks in advance.
Daelious.

 

[maczen]

When you say the switch will delegate the IP addresses out to the various servers do you mean that you want the router to assign IP addresses to the servers? If that is the case then you are looking for DHCP (Dynamic Host Configuration Protocol) and the router can easily be configured to assign IP as well as DNS (and a ton of other stuff) dynamically.

B Haines
CCNA R&S, ETA FOI

 

[maczen]

Actually, since you are referring to servers you will probably want a static IP addressing scheme. If I am understanding your request then you will want to research "static NAT".

B Haines
CCNA R&S, ETA FOI

 

[daelious]

It's actually going to be more along the lines of a pseudo co-location environment. I want the WAN of the router to have an IP (10.0.0.1) then the Switch will have one(10.0.0.2), then from there I want to assign the rest of my public block to clients' servers and equipment.

Hope that makes sense.


Keith.

 

[maczen]

Here is a link that discusses the configuration of static NAT on the router to allow outside traffic to be able to access the internal server(s)... Hopefully, this is what you are looking for. If not then please ellaborate.

http://www.zdnetasia.com/techguide/network/0,3800010800,62033099,00.htm

B Haines
CCNA R&S, ETA FOI

 

[maczen]

d,
The WAN interface will link you to the internet or another external network. You will have the 2960 on one of your LAN interfaces. Your clients and servers will then be placed on your various LANs. Is this the setup???

B Haines
CCNA R&S, ETA FOI

 

[maczen]

Or LAN.. Sorry to imply more than one.

B Haines
CCNA R&S, ETA FOI

 

[maczen]

Is this the topology???

Internet===Router===Switch===LAN w/ Servers?

B Haines
CCNA R&S, ETA FOI

 

[daelious]

Roughly yes, though there is another router that I don't have control over in front of my router.

 

[daelious]

Additionally, these addresses are ARP'd to me from that router that I can't access.

 

[maczen]

That other router could be a problem.. How is your router connected to that router? Do you have a public or private IP address assigned to the interface that connects the two? Can your servers be accessed from the internet now? (that is your goal right?)

B Haines
CCNA R&S, ETA FOI

 

[maczen]

I believe that you misunderstand what ARP is. ARP is used when I have an IP address of a host and need the MAC address. I (the NIC) transmits an ARP broadcast and the corresponding IP responds with it's MAC address. RARP is the opposite.

I am not sure what you mean by these addresses are "ARP'd" to you. Can you copy and paste what you are seeing?

B Haines
CCNA R&S, ETA FOI

 

[maczen]

Oh, wait.. Is the "other router" the DHCP server (or is it on that side)? If that is the case then you may just need an IP Helper address on your router.. Will have to wait for the PROs friend but try to answer the questions that I posted as they may provide some insight when the gurus get here.. LoL

B Haines
CCNA R&S, ETA FOI

 

[burtsbees]

Why do you want private IP's on the WAN and public on the LAN?
If this is the way you want to do it, set up the LAN interface with subinterfaces and trunk to VLANs on the switch.

Burt

 

[daelious]

Sorry for the delay in replying. Been offline for awhile.

maczen: The other router, I have no idea. The most they have told me is that it's HSRP, but I'm pretty sure that's not too much of a factor. (You can tell I'm new to this level of networking).

burtsbees: I'm more or less wanting to make it a pass-thru (due to lack of a better term). For example (all IP's are changed to protect the innocent so all IP's should be reguarded as public) say PlinCo has a server with us and I want them to have 192.168.141.39. My network is 192.168.141.33/28 (255.255.255.240). I have my router as 192.168.141.36 (the first usable from my provider), the switch is 192.168.141.37. So *.38-*.46 is what I can give out to my clients.

On a side note I have messed around with Proxy-arp and I don't really think it's the way to go. I had part of everything working. What I had done is set up an irb bridge interface on both of the FastEthernet interfaces. However the last bit that I need working is that I can't access anything out side the router. I can ping and telnet, from a laptop (connected to the switch), to the switch and to the router, but not my gateway (using the previous example, 192.168.141.33).

Wow, I initially didn't set out to type this much. Any thoughts on this?

Thanks for all of your help thus far btw.

Keith