Proxy ARP

Proxy ARP refers to a technique wherein one host, usually a router, answers an ARP (Address Resolution Protocol) request originally intended for another work station.

The host performing the Proxy ARP procedure does the said task by “faking” its identity. It then accepts the responsibility of routing packets to the machine for which the ARP request is intended for.

Proxy ARP is helpful in enabling machines in a subnet to connect with other remote subnets. In addition, through proxy ARP, the said machines do not need to configure routing or identify a default gateway.

To better understand how proxy ARP works, below is an example of an interaction between two hosts: Host A in Subnet A and Host C in Subnet B.

  • Host A needs to send packets to Host C. Host A believes that it is directly connected to Host C’s subnet so Host A sends an ARP request to Host C.
  • In order for Host A to connect to Host C, Host A should first determine Host C’s MAC address. To do this, Host A broadcasts a new ARP request on Subnet A.
  • The ARP request is included in an Ethernet frame with Host A’s MAC address. The ARP request reaches all nodes in Subnet A, including the interface of the router. The request, however, does not actually reach Host C.
  • The router then replies to Host A with the router’s own MAC address. This is called the proxy ARP reply given by the router to Host A.
  • Host A then updates its ARP table. It sends the packets to the router, then the router forwards the packets to Host C.