Problem with proxy arp on debian sarge kernel 2.6.x
Hello!
I have this problem that I just can't work out.
We have an old machine running slackware/kernel 2.4.28, but we needed a new machine. The os on the new machine is debian sarge, and we *really* need proxy arp on the machine. It worked flawless on the old machine, but "Preproduction" testing on the new machine reveals that proxy arp is not working, and I can't figure out why.
I've tried setting up proxy arp on two different machines, and my test setups are as follows:
kernel 2.6.13-vs2.0.1-pre2-686 (not a std debian kernel) on one of the machines and
kernel 2.6.12-1-amd64-generic on the other.
/proc/sys/net/ipv4/ip_forward as well as /proc/sys/net/ipv4/conf/*/proxy_arps set to 1.
Forwarding works fine.
The network in the test setup is configure with
eth0 10.200.150.1/24
eth1 192.168.12.209/24
route:
10.200.150.0 eth0
192.168.12.0 eth1
0.0.0.0 gw 192.168.12.254 eth1
In the test setup I try to proxy arp for 192.168.12.211 on eth1, and I'm adding the proxy with:
arp -i eth1 -s 192.168.12.211 00:01:02:03:04:05 pub
and I've added a
iptables -t nat -I PREROUTING 1 -d 192.168.12.211 -j DNAT --to-destination 10.200.150.150
and
iptables -I FORWARD 1 -d 10.200.150.150 -j ACCEPT
in my test setup. Where 10.200.150.150 is on eth0.
I have a functioning route form the test machine to 10.200.150.150
Trying to reach 192.168.12.211 from a machine on the eth1 net ends with an error message stating that there is no route.
tcpdump on the test machine:
tcpdump -i eth1 host 192.168.12.211
23:36:03.180749 arp who-has 192.168.12.211 tell 192.168.12.254
etc
tcpdump on the 10.200.150.150 of course returns nothing.
Thus no proxy arp =-(
What am I missing?
The situation above is just my test setup. When this machine is in production it will proxy arp on one interface for a number of machines connected on another iterface, and I will not do any DNATing in that setup.
Can anyone help me please.
Erik Persson.
|