What Is Proxy ARP? | Proxy ARP Example

What is Proxy ARP you ask? Simply put, Proxy ARP is when a server, router, etc. acts as a proxy for ARP requests. 

If the device that is configured for Proxy ARP receives an ARP request and also has a route to get to the network that the ARP request was intended for, it will send an ARP reply with its own MAC address. The device that sent the ARP request is none the wiser and updates its ARP cache.

But why would this happen?? Well, let’s say that we have 2 networks as follows: 10.0.0.0/24 and 10.1.1.0/24; we have a router connecting these 2 network segments together. But… What if a host on one of these networks was misconfigured with a /8 instead of a /24?

Let me give you an example. A host on the 10.0.0.0/24 network is misconfigured as 10.0.0.10/8, and now it thinks that every IP address that starts with 10 is on the same network. So if it’s trying to communicate with 10.1.1.10 for instance, it’s not going to use the default gateway, instead it will ARP for it since it thinks that 10.1.1.10 is on the same network.

If the router is configured for Proxy ARP, it will respond with its own MAC address because it knows how to get to 10.1.1.0/24. This will aid the misconfigured host in being able to communicate with other networks. Any frames meant for the 10.1.1.0/24 network will be sent to the router, and the router will forward that frame on behalf of the misconfigured host.

I’m sure there are some intentional implementations of Proxy ARP out there, however it is generally not desirable. Just think of the potential ARP cache size on a host that thinks it’s part of one BIG /8 network if the router responds to every ARP request resulting from a misconfigured subnet mask. Instead of having just 1 ARP cache entry for the default gateway, it will have an entry for every single host it believes is on the same segment.

Did you find this page helpful?

PID: 20210303-00001