Proxy ARP on a Termination Sub-interface
On the network shown in Figure 1 and Figure 2, a termination sub-interface allows a VLAN range to access the same network segment. Users on the same network segment belong to different VLANs in the VLAN range. In this scenario, users cannot communicate with each other at Layer 2. IP forwarding must be performed on the termination sub-interface. To support IP forwarding, the termination sub-interface must support proxy ARP.
Proxy ARP can be configured on a sub-interface for Dot1q VLAN tag termination or sub-interface for QinQ VLAN tag termination, based on whether the user packets received by a PE contain one or two VLAN tags.
If the user packets contain one tag, the sub-interface that has proxy ARP configured is a sub-interface for Dot1q VLAN tag termination.
If the user packets contain double tags, the sub-interface that has proxy ARP configured is a sub-interface for QinQ VLAN tag termination.
Proxy ARP on a Sub-interface for Dot1q VLAN Tag Termination
On the network shown in Figure 1, PC1 and PC2 belong to VLAN 100; PC3 belongs to VLAN 200; Switch 1 is a Layer 2 switch, which allows any VLAN packets to pass; PC1, PC2, and PC3 are on the same network segment.
When PC1 and PC3 want to communicate with each other, PC1 sends an ARP request to PC3 to obtain PC3's MAC address. However, as PC1 and PC3 are in different VLANs, PC3 fails to receive the ARP request from PC1.
- PC1 sends an ARP Request message to request PC3's MAC address.
- After receiving the ARP Request message, the PE checks the destination
IP address of the message and finds that the destination IP address
is not the IP address of its sub-interface for Dot1q VLAN tag termination.
Then, the PE searches its ARP table for the PC3's ARP entry.
If the PE finds this ARP entry, the PE checks whether inter-VLAN proxy ARP is enabled.
- If inter-VLAN proxy ARP is enabled, the PE sends the MAC address of its sub-interface for Dot1q VLAN tag termination to PC1.
- If inter-VLAN proxy ARP is not enabled, the PE discards the ARP Request message.
If the PE does not find this ARP entry, the PE discards the ARP Request message sent by PC1 and checks whether inter-VLAN proxy ARP is enabled.
- If inter-VLAN proxy ARP is enabled, the PE sends an ARP Request message to PC3. After the PE receives an ARP Reply message from PC3, an ARP entry of PC3 is generated in the PE's ARP table.
- If inter-VLAN proxy ARP is not enabled, the PE does not perform any operations.
- After learning the MAC address of the sub-interface for Dot1q VLAN tag termination, PC1 sends IP packets to the PE based on this MAC address.
After receiving the IP packets, the PE forwards them to PC3.
Proxy ARP on a Sub-interface for QinQ VLAN Tag Termination
A termination sub-interface allows a VLAN range to access the same network segment. Users on the same network segment belong to different VLANs in the VLAN range. In this scenario, users cannot communicate with each other at Layer 2. IP forwarding must be performed on the termination sub-interface. To support IP forwarding, the termination sub-interface must support proxy ARP.
On the network shown in Figure 2, PC1 and PC2 belong to VLAN 100; PC3 belongs to VLAN 200; Switch 1 has selective QinQ enabled and adds outer VLAN tag 1000 to the packets sent by Switch 2 and Switch 3 to the PE; PC1, PC2, and PC3 are on the same network segment.
When PC1 and PC3 want to communicate with each other, PC1 sends an ARP request to PC3. However, as PC1 and PC3 are in different VLANs, PC3 fails to receive the ARP request from PC1.
- PC1 sends an ARP Request message to request PC3's MAC address.
- After receiving the ARP Request message, the PE checks the destination
IP address of the message and finds that the destination IP address
is not the IP address of its sub-interface for QinQ VLAN tag termination.
Then, the PE searches its ARP table for the PC3's ARP entry.
If the PE finds this ARP entry, the PE checks whether inter-VLAN proxy ARP is enabled.
- If inter-VLAN proxy ARP is enabled, the PE sends the MAC address of its sub-interface for QinQ VLAN tag termination to PC1.
- If inter-VLAN proxy ARP is not enabled, the PE discards the ARP Request message.
If the PE does not find this ARP entry, the PE discards the ARP Request message sent by PC1 and checks whether inter-VLAN proxy ARP is enabled.
- If inter-VLAN proxy ARP is enabled, the PE sends an ARP Request message to PC3. After the PE receives an ARP Reply message from PC3, an ARP entry of PC3 is generated in the PE's ARP table.
- If inter-VLAN proxy ARP is not enabled, the PE does not perform any operations.
- After learning the MAC address of the sub-interface for QinQ VLAN tag termination, PC1 sends IP packets to the PE based on this MAC address.
After receiving the IP packets, the PE forwards them to PC3.
