Proxy arp disable

Question

Hi,&nbsp;
I have a Forwarding VIP which is configured for /24 subnet with ARP and ICMP echo enabled, i see all the hosts are reachable from the subnet if the hosts are alive (or) NOT alive. I guess this is something expected behaviour of LTM where the connections are proxying and returning to ping. Could anyone let me know how can i disable the proxy arp for the hosts which are not live in the network. (iRule or inbuilt option is also fine)&nbsp;

jinshu · Answer

Can you paste the VIP configuration pls..&nbsp;
-Jinshu&nbsp;

techt · Answer

ping!!&nbsp;

kai_wilke · Answer

Hi Maneesh,
to transparently forward ICMP-PING packets to the destination IPs, you have to turn off "ICMP Echo" and "ARP" on the 10.X.33.0 Virtual Address object.
ltm virtual-address 10.X.33.0 {
    address 10.X.33.0
    arp disabled
    icmp-echo disabled
    mask 255.255.255.0
    spanning enabled
    traffic-group traffic-group-1
}

After the change your F5 should stop to answer ICMP-Pings for IPs that are either not in use nor currently reachable.
Cheers, Kai

Forum Discussion

Proxy arp disable

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Proxy Protocol v2 Initiator

Unstable communication L2 and ARP

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Intelligent Proxy Steering - Office365

SSL PROXY

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS