1 files changed, 31 insertions, 3 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index 006b39dec87d..2dc7a1d97686 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -692,6 +692,25 @@ proxy_arp - BOOLEAN
        conf/{all,interface}/proxy_arp is set to TRUE,
        it will be disabled otherwise
+proxy_arp_pvlan - BOOLEAN
+        Private VLAN proxy arp.
+        Basically allow proxy arp replies back to the same interface
+        (from which the ARP request/solicitation was received).
+        This is done to support (ethernet) switch features, like RFC
+        3069, where the individual ports are NOT allowed to
+        communicate with each other, but they are allowed to talk to
+        the upstream router.  As described in RFC 3069, it is possible
+        to allow these hosts to communicate through the upstream
+        router by proxy_arp'ing. Don't need to be used together with
+        proxy_arp.
+        This technology is known by different names:
+          In RFC 3069 it is called VLAN Aggregation.
+          Cisco and Allied Telesyn call it Private VLAN.
+          Hewlett-Packard call it Source-Port filtering or port-isolation.
+          Ericsson call it MAC-Forced Forwarding (RFC Draft).
 shared_media - BOOLEAN
        Send(router) or accept(host) RFC1620 shared media redirects.
        Overrides ip_secure_redirects.
@@ -833,9 +852,18 @@ arp_notify - BOOLEAN
            or hardware address changes.
 arp_accept - BOOLEAN
-        Define behavior when gratuitous arp replies are received:
+        Define behavior for gratuitous ARP frames who's IP is not
-        0 - drop gratuitous arp frames
+        already present in the ARP table:
-        1 - accept gratuitous arp frames
+        0 - don't create new entries in the ARP table
+        1 - create new entries in the ARP table
+        Both replies and requests type gratuitous arp will trigger the
+        ARP table to be updated, if this setting is on.
+        If the ARP table already contains the IP address of the
+        gratuitous arp frame, the arp table will be updated regardless
+        if this setting is on or off.
 app_solicit - INTEGER
        The maximum number of probes to send to the user space ARP daemon

diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 006b39dec87d..2dc7a1d97686 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt
@@ -692,6 +692,25 @@ proxy_arp - BOOLEAN
692	conf/{all,interface}/proxy_arp is set to TRUE,	692	conf/{all,interface}/proxy_arp is set to TRUE,
693	it will be disabled otherwise	693	it will be disabled otherwise
694		694
		695	proxy_arp_pvlan - BOOLEAN
		696	Private VLAN proxy arp.
		697	Basically allow proxy arp replies back to the same interface
		698	(from which the ARP request/solicitation was received).
		699
		700	This is done to support (ethernet) switch features, like RFC
		701	3069, where the individual ports are NOT allowed to
		702	communicate with each other, but they are allowed to talk to
		703	the upstream router. As described in RFC 3069, it is possible
		704	to allow these hosts to communicate through the upstream
		705	router by proxy_arp'ing. Don't need to be used together with
		706	proxy_arp.
		707
		708	This technology is known by different names:
		709	In RFC 3069 it is called VLAN Aggregation.
		710	Cisco and Allied Telesyn call it Private VLAN.
		711	Hewlett-Packard call it Source-Port filtering or port-isolation.
		712	Ericsson call it MAC-Forced Forwarding (RFC Draft).
		713
695	shared_media - BOOLEAN	714	shared_media - BOOLEAN
696	Send(router) or accept(host) RFC1620 shared media redirects.	715	Send(router) or accept(host) RFC1620 shared media redirects.
697	Overrides ip_secure_redirects.	716	Overrides ip_secure_redirects.
@@ -833,9 +852,18 @@ arp_notify - BOOLEAN
833	or hardware address changes.	852	or hardware address changes.
834		853
835	arp_accept - BOOLEAN	854	arp_accept - BOOLEAN
836	Define behavior when gratuitous arp replies are received:	855	Define behavior for gratuitous ARP frames who's IP is not
837	0 - drop gratuitous arp frames	856	already present in the ARP table:
838	1 - accept gratuitous arp frames	857	0 - don't create new entries in the ARP table
		858	1 - create new entries in the ARP table
		859
		860	Both replies and requests type gratuitous arp will trigger the
		861	ARP table to be updated, if this setting is on.
		862
		863	If the ARP table already contains the IP address of the
		864	gratuitous arp frame, the arp table will be updated regardless
		865	if this setting is on or off.
		866
839		867
840	app_solicit - INTEGER	868	app_solicit - INTEGER
841	The maximum number of probes to send to the user space ARP daemon	869	The maximum number of probes to send to the user space ARP daemon