Manualshelf

User Manual

ManualsBrandsLantronix ManualsCables & InterconnectsSCS3200 Secure Console Server 32 Port 10/100 RJ45
919293949596979899100
IP IP Routing
6-18
Dynamically These routes are automatically learned from other routers on the network and
are managed by a dynamic routing protocol. The SCS currently supports one
dynamic routing protocol, RIP. Routes are automatically entered when new
networks come online, and automatically removed if the networks are no
longer reachable.
Dynamic routes learned via sites are the exception; they are never timed out.
The SCS assumes that these networks are reachable by bringing up a link. This
allows the SCS to learn about extended networks at the remote site without the
administrator’s intervention.
6.7.3 Using RIP
RIP (Routing Information Protocol) is the dynamic routing protocol supported by the SCS. Throughout this
manual, the term “RIP” refers to RIP version 1. RIP is automatically enabled on all SCS interfaces,
including sites. For a complete discussion of RIP options, including disabling RIP, see Configuring RIP for
Sites on page 4-8.
Note: RIP is described in RFC-1058.
Normally, RIP listens to routing table updates from any source. This can lead to problems if a misconfigured
host accidentally begins sending incorrect information via RIP. It may also lead to security or denial of
service attacks by a malicious user who is capable of sending false RIP messages.
The SCS can be configured to listen only to RIP updates from a list of trusted IP addresses. See Set/Define
IP Trusted on page 12-42 for details. This is not entirely foolproof however, as a sophisticated attacker
could still send RIP updates as one of the trusted addresses and potentially defeat the system.
6.7.4 Proxy ARP
Every TCP/IP host will reply to any ARP request that is for its own IP address. Proxy-ARP enables a device
to also respond to ARP requests for addresses that it is “responsible for.” In the case of the SCS, enabling
proxy ARP allows the SCS to respond to requests for hosts and networks that it is the gateway for. For
example, if there are remote node connections into the SCS, any ARP requests for those nodes will be
replied to by the SCS itself.
Proxy ARPing allows remote nodes to appear as if they were on the same Ethernet segment as the SCS. This
feature is particularly useful for ethernet hosts that do not support RIP; those hosts will not need to learn
host-route information to forward traffic destined for the remote node devices.
To enable proxy ARP, use the Set/Define IP All/Ethernet Proxy-ARP command.
Figure 6-42: Enabling Proxy ARP
The SCS will not respond to ARP requests for routes learned from the Ethernet, or for routes that aren’t
explicitly listed in the SCS routing table.
Local>> DEFINE IP ETHERNET PROXY-ARP ENABLED