Create a Post
Showing results for 
Search instead for 
Did you mean: 

Is it correct to advertises proxy arp as garp on failover?



Does anyone know of any logic that advertises the proxy ARP that the firewall has on failover?

As far as I know, Checkpoint advertises Proxy ARP as GARP.

However, when it is confirmed through tcpdump, it is confirmed that the firewall's VIP is advertised as GARP, but Proxy ARP is not.

I would like to know if the packet dump is wrong or if the checkpoint logic is not advertising it.



There is a problem that about 20 ping losses occur during failover in the customer's firewall.

I suspect that perhaps the upper switch is not updating the path properly.

So I did TCPDUMP to check if the firewall is sending GARP normally.

When viewed from tcpdump, GARP advertising the firewall's VIP was checked normally, but the proxy ARP advertising of the lower server as GARP was not confirmed.


The firewall is a VRRP configuration and the version is R80.40, Hotfix Take 156.





0 Kudos
7 Replies
This widget could not be displayed.