Nortel Networks 620 User Manual
Chapter 4
Configuration via the Command Line Interface
E-DOC-CTC-20051017-0169 v0.1
154
An example of Auto
ProxyARP
As an example, suppose a VPN server is configured on a SpeedTouch™ with the
subnet 192.168.1.0 as its private LAN address range. The VPN server is configured
to distribute Virtual IP addresses to the remote clients in the same range (Virtual IP
range = 192.168.1.[64-74] ). In this case, automatically a ProxyARP entry is added to
the ARP table of the SpeedTouch™ as soon as a VPN connection with a VPN client is
established. The ARP table contents can be monitored with the command ip arplist.
subnet 192.168.1.0 as its private LAN address range. The VPN server is configured
to distribute Virtual IP addresses to the remote clients in the same range (Virtual IP
range = 192.168.1.[64-74] ). In this case, automatically a ProxyARP entry is added to
the ARP table of the SpeedTouch™ as soon as a VPN connection with a VPN client is
established. The ARP table contents can be monitored with the command ip arplist.
In the output shown above, the entry for 192.168.1.64 is the ProxyARP entry for the
remote VPN client. The entry for 192.168.1.100 is a locally connected terminal that
received its IP address from the SpeedTouch™ DHCP server.
remote VPN client. The entry for 192.168.1.100 is a locally connected terminal that
received its IP address from the SpeedTouch™ DHCP server.
If the VPN client is a SpeedTouch™ that uses the dhcp method as virtual IP mapping
method (see
method (see
), then also here some ProxyARP
entries are automatically added to the ARP table. Below, you find the ARP table of
the VPN client SpeedTouch™ of our example.
the VPN client SpeedTouch™ of our example.
In the output shown above, the last entry for 192.168.1.0/24 is the ProxyARP entry
which is added when the VPN connection is established. This entry means that the
entire subnet is located behind the VPN connection. The entry for 192.168.1.100 is
an instantiation - marked with (i) - for a single remote terminal. The instantiation is
made on the moment when there is traffic for this IP address.
which is added when the VPN connection is established. This entry means that the
entire subnet is located behind the VPN connection. The entry for 192.168.1.100 is
an instantiation - marked with (i) - for a single remote terminal. The instantiation is
made on the moment when there is traffic for this IP address.
=>:ip arplist
Interface
Interface
IP-address
HW-address
Type
3
lan1
239.255.255.250
01:00:5e:7f:ff:fa DYNAMIC
3
lan1
192.168.1.64
00:0e:50:0f:fd:4c PROXY
3
lan1
192.168.1.100
00:0d:56:1d:f9:ba DYNAMIC
=>
=>ip arplist
Interface
Interface
IP-address
HW-address
Type
2
lan1
239.255.255.250
01:00:5e:7f:ff:fa DYNAMIC
2
lan1
10.0.0.1
00:0d:88:65:ca:da DYNAMIC
2
lan1
192.168.1.64
00:0d:88:65:ca:da STATIC
2
lan1
192.168.1.100
00:0e:50:5a:dd:06 PROXY (i)
2
lan1
192.168.1.0/24
00:0e:50:5a:dd:06 PROXY
=>