Posted: Wed Oct 27, 2021 10:01 Post subject: How can ARP be forwarded?
ARP frame (Layer 2) can only be sent/received from one MAC address to another. When router forwards a packet (Layer 3) from WAN host to LAN client, the packet reaches LAN client, but MAC address of WAN host is discarded by router and LAN client receives WAN host packet with router ARP frame. Is that correct or not?
So if LAN DNS server is not router and IP forwarding on LAN DNS server is disabled via SysCTL and IPTables, then LAN DNS server only needs INPUT and OUTPUT of ARP requests from LAN clients and router. It doesn't need/use any ARP forwarding, does it?
Joined: 13 Aug 2013 Posts: 6867 Location: Romerike, Norway
Posted: Sat Oct 30, 2021 11:02 Post subject:
A DNS server does not use any ARP. A client need to know the IP address of the DNS server.
ARP is used by the IP stack to find the MAC address of another node that the netmask shows is on the same Ethernet segment. If the IP belongs to another sub-net, the packet is sent to the gateway.
word of advice is to control all kinds of spoofing.
DNS is part of everything, even arp. arp spoofing
should help. generally you need to improve performance.
arp forwards itself. It already does. To improve
its performance you need to pay attention to router
discovery and neighbor discovery.