D-Link NetDefendOS User Manual page 224

Proxy ARP is covered in Section 4.2.6, "Proxy ARP" and is not discussed further in this section.
ARP Object Properties
An ARP object has the following properties:
Mode The type of ARP object. As explained above, this can be one of:
• Static - Create a fixed mapping in the local ARP cache.
• Publish - Publish an IP address on a particular MAC address (or this
interface).
• XPublish - Publish an IP address on a particular MAC address and "lie"
about the sending MAC address of the Ethernet frame containing the ARP
response.
Interface The local physical Ethernet interface for the ARP object.
IP Address The IP address for the MAC/IP mapping.
MAC Address The MAC address for the MAC/IP mapping. If it is omitted, the MAC address of
the Ethernet interface is used.
The three publishing mode options for ARP objects of Static, Publish and XPublishare further
explained next.
Static Mode ARP Objects
A Static ARP object inserts a mapping into the NetDefendOS ARP cache which connects a
specified IP address with the associated Ethernet interface's MAC address.
This mode is not for publishing the address for external devices but rather for telling
NetDefendOS itself how to reach external devices. A static ARP entry tells NetDefendOS that a
specific IP address can be reached through a specific interface using a specific MAC address. This
means, that when NetDefendOS wants to communicate with the address, it consults the ARP
table static entries and can determine that it can be reached at a specific MAC address on a
specific interface.
The most frequent use of static ARP objects is in situations where some external network device
is not responding to ARP requests correctly and is reporting an incorrect MAC address. Some
network devices, such as wireless modems, can have these problems.
It may also be used to lock an IP address to a specific MAC address for increasing security or to
avoid denial-of-service if there are rogue users in a network. However, such protection only
applies to packets being sent to that IP address. It does not apply to packets being sent from that
IP address.
Publish and XPublish Modes
With Publish and XPublish modes, the ARP object creates an association between an IP address
and a MAC address for publishing on the interface to external devices.
If the MAC address is not specified, the MAC address of the associated Ethernet interface is used.
224
Chapter 3: Fundamentals