unusual proxy arp configuration need (voice over IP adaptor between DSL modem and Linux machine)
From: Jay Libove (libove_at_felines.org)
Date: 05/10/05
- Previous message: Laurence: "Re: A Vi (Vim) question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 10 May 2005 07:44:03 -0400 (EDT) To: fedora-list@redhat.com
[ I apologize if this is a re-post; I did not see it come through the
first time ]
I'm really interested in putting my Vonage Linksys RT31P2 VoIP adaptor in front
of my Linux firewall so that the adaptor can do traffic shaping, and reduce
instances of my wife yelling at me for downloading porn, er, Microsoft patches,
and causing choppy audio and audio drop-out while she's on the phone with her
mother in Japan...
The Linksys RT31P2 device does not have a bridge mode, and does not have a
proxy-arp mode. Therefore, with the RT31P2 in between my DSL modem and my Linux
box (Fedora Core 3), when the ISP's router ARPs for any of the 10 static IP
addresses that I rent from them, the ARPs go unanswered (other than for the one
IP address I have assigned to the WAN port of the RT31P2, of course).
Unfortunately, since my block of static IPs from Speakeasy are all bridged,
something has to answer the ARP requests which come from the ISP router down my
DSL circuit.
The RT31P2 does route correctly, so if we can convince the ISP's router to keep
sending packets addressed to my block of static IPs down my DSL circuit, the
RT31P2 will properly receive and pass them on. The question is, how do we get
the ARPs answered so that the ISP will keep sending those packets my way?
Since I know I can't get the voice adaptor to answer the ARPs, I'm
brainstorming ways to put something out there to answer those ARPs.
The idea I have is to add another ethernet interface to my firewall, NOT give
that interface an IP address, and have the firewall answer ARPs for the IP
addresses in my block which are behind the firewall, giving as the MAC address
for those IP addresses the MAC of the voice adaptor's outside interface (which
is reachable directly from the ISP, as is this hypothetical extra interface,
both of which will be plugged in to an external hub segment).
The question is, since proxy ARPing is a little bit automagic in the Linux
kernel, and my first attempts at this definitely did not go well... what is the
magic to get a Linux box to answer ARPs for arbitrary IP addresses, and provide
a specific MAC address for those ARPs?
Thanks for your thoughts!
-Jay Libove, CISSP
Atlanta, GA, US
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Laurence: "Re: A Vi (Vim) question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
