Proxy ARP Best Practices
Proxy ARP is a type of ARP hat is often linked to poor or misconfigured network designs due to potential issues like broadcast storms and increased network traffic.
In a "normal" network, devices use ARP to figure out the MAC address of a destination IP address. They do this for hosts on the same subnet. If they want to reach another subnet, they are configured with a default gateway to figure out how to reach that router:
ARP to Determine Next Hop IP Address
If you can avoid proxy ARP, you should. Having said that, there might be scenarios where you do need it:
- Legacy systems that don't support the configuration of a default gateway.
- Two subnets that require communication and you are unable to configure the default gateway on the hosts in these subnets.
There are also some scenarios that deal with VPNs or NAT where you might need it. Keep in mind that Proxy ARP is usually a workaround and not something you want as a long-term solution.
Local Proxy ARP is a variation that operates within the same network or VLAN. Similar best practices should be applied to this type of Proxy ARP as well.
Links
https://networklessons.com/cisco/ccie-enterprise-infrastructure/proxy-arp-explained/