Arp and proxy arp, Proxy dns, Bootp/dhcp relay – Enterasys Networks Security Router X-PeditionTM User Manual

General IP Features

5-4 Configuring IP

•

Virtual Router Redundancy Protocol (VRRP): RFC-2338 and Definitions of Managed Objects
for the Virtual Router Redundancy Protocol: RFC-2787

•

Equal-Cost Multi-Path (ECMP) per packet and per flow (round robin) for OSPF, BGP and
static routes (RIP excluded)

–

Unequal cost multi-path, redistribution of equal-cost paths, and multiple default routes
based on default networks with multiple equal-cost next hops are not supported

ARP and Proxy ARP

ARP (Address Resolution Protocol) is a link-level protocol which provides a mapping between the
two different forms of addresses: 32-bit IP addresses and hardware addresses used by the data
link. The protocol dynamically keeps entries in the ARP Table and can accept statically configured
entries according to RFC-826.

The

arp

command adds or deletes permanent entries to the ARP Table while the

arp-timeout

command sets the duration for an ARP entry to stay in the ARP table before expiring. The

show

ip arp

command displays real-time entries in the ARP table.

Proxy ARP lets the XSR answer ARP requests on one network for a host on another network. The
router acts as a proxy agent for the destination host, relaying packets to it from other hosts, as
defined by RFC-1027. It is configured with the

ip proxy-arp

command.

Proxy DNS

Proxy servers act as intermediaries between DNS clients and servers. They handle outgoing
queries and answer them from data obtained by sending one or more queries to other DNS
servers. Typically, they cache data received, reducing traffic and latency if the data are frequently
requested.

XSR’s forwarding proxy server talks to other proxy or DNS servers without performing DNS
resolution. They simply forward request and replies, relying on real DNS servers for name
resolution, and cache the replies to avoid having to request resolution again with these benefits::

•

A proxy DNS server releases the function of the resolver on the client side, and by doing so
simplifies client implementation.

•

Since the proxy acts as an intermediary between DNS clients and servers, no direct connection
between clients and servers is needed.

•

Instead of caching the DNS database in each client, proxy DNS maintains a centralized cache
for DNS resolution.

You can enable DNS proxy with

ip proxy-dns enable

, specify a proxy server with

ip

proxy-

dns

name-server

, clear the DNS cache table with

clear

ip

proxy-dns

cache

, verify DNS settings

with

show

running-config

, and display DNS cache settings with

show

ip

proxy-dns

cache

.

BOOTP/DHCP Relay

The Bootstrap Protocol (BOOTP) is used by systems with no capability of learning their IP
addresses. BOOTP requests can be forwarded by routers, not necessitating one server on each
physical network. Normally, BOOTP/DHCP requests are not forwarded, since they are local
broadcasts which are not designed to be forwarded, and they have an invalid nonroutable IP
source address, such as 0.0.0.x. But the agent replaces the destination address with a helper
address, and the source address with its own address, then forwards it. You can set the helper
address with the

ip helper-address

command.