D-Link DFL-860-IPS-12 Product Manual - Page 157
Proxy ARP, Ping poll interval, Grace time, Consecutive fails, Consecutive success
View all D-Link DFL-860-IPS-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 157 highlights
4.2.6. Proxy ARP Chapter 4. Routing Ping poll interval The time in milliseconds between sending a Ping to hosts. Default: 1000 Grace time The length of time in seconds between startup or reconfigure and monitoring start. Default: 30 Consecutive fails The number of consecutive failures that occurs before a route is marked as being unavailable. Default: 5 Consecutive success The number of consecutive successes that must occur before a route is marked as being available. Default: 5 Gratuitous ARP on fail Send a gratuitous ARP on HA failover to alert hosts of the changes in interface Ethernet and IP addresses. Default: Enabled 4.2.6. Proxy ARP Overview As discussed previously in Section 3.4, "ARP", the ARP protocol facilitates a mapping between an IP address and the MAC address of a host on an Ethernet network. However, situations may exist where a network running Ethernet is separated into two parts with a routing device such as a NetDefend Firewall in between. In such a case, NetDefendOS itself can respond to ARP requests directed to the network on the other side of the NetDefend Firewall using the feature known as Proxy ARP. The splitting of an Ethernet network into distinct parts so that traffic between them can be controlled is a common usage of the proxy ARP feature. NetDefendOS rule sets can then be used to impose security policies on the traffic passing between the different network parts. A Typical Scenario As an example of a typical proxy ARP scenario, consider a network split into two sub-networks with a NetDefend Firewall between the two. Host A on one sub-network might send an ARP request to find out the MAC address for the IP address of host B on the other sub-network. With the proxy ARP feature configured, NetDefendOS responds to this ARP request instead of host B. NetDefendOS sends its own MAC address in reply, 157