D-Link DFL-860 Product Manual - Page 111
Published ARP Objects, Publishing Modes, publishing
UPC - 790069900204
View all D-Link DFL-860 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 111 highlights
3.4.3. Creating ARP Objects 2. Select the following from the dropdown lists: • Mode: Static • Interface: lan 3. Enter the following: • IP Address: 192.168.10.15 • MAC: 4b-86-f6-c5-a2-14 4. Click OK Chapter 3. Fundamentals Published ARP Objects NetDefendOS supports publishing IP addresses on a particular interface, optionally along with a specific MAC address instead of the interfaces MAC address. NetDefendOS will then send out these as ARP replies for any ARP requests received on the interface related to the published IP addresses. This can done for a number of reasons: • To give the impression that an interface in NetDefendOS has more than one IP address. This is useful if there are several separate IP spans on a single LAN. The hosts on each IP span may then use a gateway in their own span when these gateway addresses are published on the corresponding NetDefendOS interface. • Another use is publishing multiple addresses on an external interface, enabling NetDefendOS to statically address translate traffic to these addresses and send it onwards to internal servers with private IP addresses. • A less common purpose is to aid nearby network equipment responding to ARP in an incorrect manner. Publishing Modes There are two publishing modes available when publishing a MAC/IP address pair: • Publish • XPublish In both cases, an IP address and an associated MAC address are specified. If the MAC address is not specified (is all zeroes) then the MAC address of the sending physical interface is used. To understand the difference between Publish and XPublish it is necessary to understand that when NetDefendOS responds to an ARP query, there are two MAC addresses in the Ethernet frame sent back with the ARP response: 1. The MAC address in the Ethernet frame of the Ethernet interface sending the response. 2. The MAC address in the ARP response which is contained within this frame. This is usually the same as (1) the source MAC address in the Ethernet frame but does not have to be. These are shown in the illustration below of an Ethernet frame containing an ARP response: 111