Re: ARP responses broken!

Rogier Wolff (R.E.Wolff@BitWizard.nl)
Tue, 17 Apr 2001 23:43:06 +0200 (MEST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andi Kleen: "Re: kernel threads and close method in a device driver"
Previous message: Eric S. Raymond: "CML2 1.1.6, aka "I think I should have stayed in bed this morning.""

Alan Cox wrote:
> > I was asking because I had this problem before (router with two cards
> > against one physical subnet) and arpwatch complained that the router kept
> > switching MACaddresses all the time.

> That sounds like a bug in arpwatch. A box can have multiple mac
> addresses. Its probably a tricky one to handle but arpwatch I guess
> should spot and cope with repeated transitions between the same set
> of addresses as one warning

Well, two. Or three.

- Hey, IP x changed from mac X to mac Y.
- Hey, IP x changed back again to X.
- Hmm. IP X seems to be using both Mac X and and Mac Y.
No further warnings will be issued about this.

If someone is taking over an IP address (which is especially what
arpwatch should be looking for), this is exactly what you'll see. Having
the issue be ignored after one warning is bad.

Oh, and I know people who swear that this would be an invalid
configuration, so that it is good for arpwatch to should loud and
clear about it...

Roger.

-- 
** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
* There are old pilots, and there are bold pilots. 
* There are also old, bald pilots. 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: kernel threads and close method in a device driver"
Previous message: Eric S. Raymond: "CML2 1.1.6, aka "I think I should have stayed in bed this morning.""