- Enterasys Security Router User's Guide

ManualsBrandsEnterasys Networks ManualsNetwork RouterSecurity Router X-PeditionTM

101

102

103

104

105

106

107

108

109

110

General IP Features

5-4 Configuring IP

• Virtual Router Redundancy Protocol (VRRP): RFC-2338 and Definitions of Managed Objects

for the Virtual Router Redundancy Protocol: RFC-2787

• Equal-Cost Multi-Path (ECMP) per packet and per flow (round robin) for OSPF, BGP and

static routes (RIP excluded)

– Unequal cost multi-path, redistribution of equal-cost paths, and multiple default routes

based on default networks with multiple equal-cost next hops are not supported

ARP and Proxy ARP

ARP (Address Resolution Protocol) is a link-level protocol which provides a mapping between the

two different forms of addresses: 32-bit IP addresses and hardware addresses used by the data

link. The protocol dynamically keeps entries in the ARP Table and can accept statically configured

entries according to RFC-826.

The

arp command adds or deletes permanent entries to the ARP Table while the arp-timeout

command sets the duration for an ARP entry to stay in the ARP table before expiring. The

show

ip arp

command displays real-time entries in the ARP table.

Proxy ARP lets the XSR answer ARP requests on one network for a host on another network. The

router acts as a proxy agent for the destination host, relaying packets to it from other hosts, as

defined by RFC-1027. It is configured with the

ip proxy-arp command.

Proxy DNS

Proxy servers act as intermediaries between DNS clients and servers. They handle outgoing

queries and answer them from data obtained by sending one or more queries to other DNS

servers. Typically, they cache data received, reducing traffic and latency if the data are frequently

requested.

XSR’s forwarding proxy server talks to other proxy or DNS servers without performing DNS

resolution. They simply forward request and replies, relying on real DNS servers for name

resolution, and cache the replies to avoid having to request resolution again with these benefits::

• A proxy DNS server releases the function of the resolver on the client side, and by doing so

simplifies client implementation.

• Since the proxy acts as an intermediary between DNS clients and servers, no direct connection

between clients and servers is needed.

• Instead of caching the DNS database in each client, proxy DNS maintains a centralized cache

for DNS resolution.

You can enable DNS proxy with

ip proxy-dns enable, specify a proxy server with ip proxy-

dns

name-server, clear the DNS cache table with clear ip proxy-dns cache, verify DNS settings

with

show running-config, and display DNS cache settings with show ip proxy-dns cache.

BOOTP/DHCP Relay

The Bootstrap Protocol (BOOTP) is used by systems with no capability of learning their IP

addresses. BOOTP requests can be forwarded by routers, not necessitating one server on each

physical network. Normally, BOOTP/DHCP requests are not forwarded, since they are local

broadcasts which are not designed to be forwarded, and they have an invalid nonroutable IP

source address, such as 0.0.0.x. But the agent replaces the destination address with a helper

address, and the source address with its own address, then forwards it. You can set the helper

address with the

ip helper-address command.