* clay@bloomcounty.org (Clay Fiske) [Thu 16 Jan 2014, 01:25 CET]:
On Jan 15, 2014, at 4:03 PM, Niels Bakker <niels=nanog@bakker.net> wrote:
* clay@bloomcounty.org (Clay Fiske) [Thu 16 Jan 2014, 00:59 CET]:
This is where theory diverges nicely from practice. In some cases the offender broadcast his reply, and guess what else? A lot of routers listen to unsolicited ARP replies.
I've never seen this. Please name vendor and product, if only so other subscribers to this list can avoid doing business with them.
This was some time ago, but the two I was able to dig up from that case were both Junipers. Perhaps it’s something that only happens when proxy ARP is enabled?
Maybe. I don't think I've ever dealt with a situation in which Proxy ARP was enabled on a Juniper router. I've certainly not seen them reply to a request with a broadcast, and frankly that sounds like such a weird implementation decision that I'm going to need to see pcaps before I believe it. Even if this were a regular occurrence - which it evidently is not - it's still better to trigger this when you know you're doing something rather than have to step in later when another misconfiguration triggers routing problems like described in an earlier mail, renumbering into a larger subnet. -- Niels. -- "It's amazing what people will do to get their name on the internet, which is odd, because all you really need is a Blogspot account." -- roy edroso, alicublog.blogspot.com