Proxy ARP is a technique by which a proxy server on a given network answers the Address Resolution Protocol (ARP) queries for an IP address that is not on that network. The proxy is aware of the location of the traffic's destination and offers its own MAC address as the (ostensibly final) destination. The traffic directed to the proxy address is then typically routed by the proxy to the intended destination via another interface or via a tunnel. The process, which results in the proxy server responding with its own MAC address to an ARP request for a different IP address for proxying purposes, is sometimes referred to as publishing.

Uses

Below are some typical uses for proxy ARP:

Disadvantages

Disadvantage of proxy ARP include scalability as ARP resolution by a proxy is required for every device routed in this manner, and reliability as no fallback mechanism is present, and masquerading can be confusing in some environments. Proxy ARP can create DoS attacks on networks if misconfigured. For example, a misconfigured router with proxy ARP has the ability to receive packets destined for other hosts (as it gives its own MAC address in response to ARP requests for other hosts/routers), but may not have the ability to correctly forward these packets on to their final destination, thus blackholing the traffic. Proxy ARP can hide device misconfigurations, such as a missing or incorrect default gateway.

Implementations