Re: [PATCH] arp_filter patch for 2.4.4 kernel.

Mark Hahn (hahn@coffee.psychology.mcmaster.ca)
Sun, 6 May 2001 12:35:39 -0400 (EDT)


> > also -- isn't it kind of wrong for arp to respond with addresses from
> > other interfaces?
>
> Usually it makes sense, because it increases your chances of successfull
> communication. IP addresses are owned by the complete host on Linux, not by
> different interfaces.

this is one of those things that is still hurting Linux's credibility in the
read world. people see this kind of obviously broken behavior, and install
*BSD or Solaris instead.

isn't this clearly a case of the kernel being too smart: making it impossible
for a clueful admin to do what he needs? multi-nic machines are now quite
common, but this "feature" makes them far less useful, since the stack is
violating the admin's intention.

> For some weirder setups (most of them just caused by incorrect routing
> tables, but also a few legimitate ones; including incoming load balancing
> via multipath routes) it causes problems, so arpfilter was invented to
> sync ARP replies with the routing tables as needed.

there's NOTHING weird about a machine having two nics and two IPs,
wanting to behave like two hosts.

is there any positive/beneficial reason for the current behavior?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/