As far as I know, proxy-arp is disabled under junos by default. Our peering at APE is done with M-series kit, and we didn't notice any issues. http://www.juniper.net/techpubs/software/junos/junos75/swconfig75-networ k-interfaces/html/interfaces-ethernet-config40.html This is for 7.5 code, which is fairly newish - it's possible there are issues when using older versions. On the E-series it's enabled by default: http://www.juniper.net/techpubs/software/erx/junose72/swcmdref-a-m/html/ i-commands204.html Cheers, Thomas

Hi all.

On Fri, Jul 14, 2006 at 07:56:44AM +1200, Gordon Smith said:

...

Would someone like to comment on what's happening with the APE route reflectors? The flap statistics I'm seeing are impressive - those servers got wings now? :-)

This turned out to be caused by another ISP lighting up a new router

and

a) getting the netmask wrong b) forgetting to disable proxy-arp

So, those setting up new routers, especially Cisco kit that defaults

turning proxy-arp on, "no ip proxy-arp" is your friend.

An interesting observation is that of the ~40 active peers, only two seemed to be adversely affected by the proxy-arp, and they're both Juniper boxes. I'm wondering if Junipers may have a more trusting approach to handling ARP replies than other kit.

So, if anybody has bright ideas on ways that the ARP handling of Junipers can be made a little more cynical (ie, something more like

to the

Linux handling where it does unicast ARP until the other end stops responding, and then goes back to broadcast ARP, but something less restrictive than static ARP entries), I'm all ears.

Cheers Si