Routers may answer ARP/NDISC solicitations on behalf of other hosts.
In Linux-2.2 proxy ARP on an interface may be enabled
by setting the kernel sysctl variable
/proc/sys/net/ipv4/conf/<dev>/proxy_arp to 1. After this, the router
starts to answer ARP requests on the interface <dev>, provided
the route to the requested destination does not go back via the same
device.
The variable /proc/sys/net/ipv4/conf/all/proxy_arp enables proxy
ARP on all the IP devices.
However, this approach fails in the case of IPv6 because the router must join the solicited node multicast address to listen for the corresponding NDISC queries. It means that proxy NDISC is possible only on a per destination basis.
Logically, proxy ARP/NDISC is not a kernel task. It can easily be implemented in user space. However, similar functionality was present in BSD kernels and in Linux-2.0, so we have to preserve it at least to the extent that is standardized in BSD. 1cm NB. Linux-2.0 ARP had a feature called subnet proxy ARP. It is replaced with the sysctl flag in Linux-2.2.
The ip utility provides a way to manage proxy ARP/NDISC
with the ip neigh command, namely:
ip neigh add proxy ADDRESS [ dev NAME ]adds a new proxy ARP/NDISC record and
ip neigh del proxy ADDRESS [ dev NAME ]deletes it.
If the name of the device is not given, the router will answer solicitations
for address ADDRESS on all devices, otherwise it will only serve
the device NAME. Even if the proxy entry is created with
ip neigh, the router will not answer a query if the route
to the destination goes back via the interface from which the solicitation
was received.
It is important to emphasize that proxy entries have no parameters other than these (IP/IPv6 address and optional device). Particularly, the entry does not store any link layer address. It always advertises the station address of the interface on which it sends advertisements (i.e. it's own station address).