What happens when ARP Request comes from a different subnet?

ARP only works between devices in the same IP subnet.

When device A with IP address A needs to send a packet to device B with IP address B, the first thing it does is consulting its routing table to determine if IP address B belongs to a subnet it can directly reach through its network interface(s); if it does, then devices A uses ARP to map IP address B to a physical Ethernet address, and then sends an Ethernet frame to that address.

But if the two IP Addresses are on different subnets, the device will follow a completely different logic: it will look in its routing table for a route to the destination network, and then it will send its packet to the appropriate router (or to its default gateway if no more specific route is present); in this scenario, ARP will be used to find the hardware address of the router, because the destination IP address has already be deemed to not be directly reachable, so the packet must be delivered to a router which can take care of it.


In SOME cases (I know Linux can behave this way, not sure of others), but a host can respond to ARP's on the "wrong" interface. Take this network:

10.0.0.0/24  ==== Host A ==== 192.168.0.0/24

Host A has an address on both networks; let's say 10.0.0.1 and 192.168.0.1

If Host A receives an ARP for 192.168.0.1 via the 10.0.0.1 interface, it will respond with the MAC address of the 10.0.0.1 interface.

This behaviour is controlled by the arp_ignore kernel tunable (Source: http://blog.steve-miller.org/2010/03/tweaking-arp-behavior-in-linux.html):

arp_ignore - Define different modes for sending replies in response to received ARP requests that resolve local target IP addresses:
0 - (default): reply for any local target IP address, configured on any interface.
1 - reply only if the target IP address is local address configured on the incoming interface.
2 - reply only if the target IP address is local address configured on the incoming interface and both with the sender's IP address are part from same subnet on this interface.
3 - do not reply for local addresses configured with scope host, only resolutions for global and link addresses are replied.
4-7 - reserved
8 - do not reply for all local addresses.

As above, the default is to respond for any local address (ie, an address configured on Host A) regardless of the interface the ARP is received on.


your topology is not clear for me. do you have one ip address on router1/intf1 and 2 ip addresses on router2/intf2? however when router1/intf1 sends an arp request to router2/intf2, router2 will send an arp reply and router1 will store the mac address for the ip address 20.0.0.2 in his arp table. this will work because 20.0.0.1/24 is included in the network 20.0.0.2/8. why do you configure the ip addresses that way it's a little bit strange