As far as I know, proxy-arp is disabled under junos by default. Our peering at APE is done with M-series kit, and we didn't notice any issues. http://www.juniper.net/techpubs/software/junos/junos75/swconfig75-networ k-interfaces/html/interfaces-ethernet-config40.html This is for 7.5 code, which is fairly newish - it's possible there are issues when using older versions. On the E-series it's enabled by default: http://www.juniper.net/techpubs/software/erx/junose72/swcmdref-a-m/html/ i-commands204.html Cheers, Thomas
Hi all.
On Fri, Jul 14, 2006 at 07:56:44AM +1200, Gordon Smith said:
Would someone like to comment on what's happening with the APE route reflectors? The flap statistics I'm seeing are impressive - those servers got wings now? :-)
This turned out to be caused by another ISP lighting up a new router
and
a) getting the netmask wrong b) forgetting to disable proxy-arp
So, those setting up new routers, especially Cisco kit that defaults
turning proxy-arp on, "no ip proxy-arp" is your friend.
An interesting observation is that of the ~40 active peers, only two seemed to be adversely affected by the proxy-arp, and they're both Juniper boxes. I'm wondering if Junipers may have a more trusting approach to handling ARP replies than other kit.
So, if anybody has bright ideas on ways that the ARP handling of Junipers can be made a little more cynical (ie, something more like
to the
Linux handling where it does unicast ARP until the other end stops responding, and then goes back to broadcast ARP, but something less restrictive than static ARP entries), I'm all ears.
Cheers Si