I'm observing some odd behavior in the the kernel's sending of ARP
requests. I've got a computer (call it Computer A) that sits on two
networks (Network A and Network B, and respective Addresses 1 and 2.)
Another computer, Computer B, has an interface only on Network A.
Now, Computer B needs to connect to Computer A's address on Network B
(Address 2). When Computer A wants to send a packet back to Computer B
to negotiate the connection, it sees that it is on a subnet with Computer
B and tries to send the data back out over Network A. Of course, this
generates an ARP request. The bad thing is, the ARP request has Address
2 as the source protocol address, but since it's going out over Network
B, it has the source MAC address of Computer B's Network B interface.
Thus, we get corruption in the tables of anyone listening to the
ARP traffic, associating Address 2 with the MAC address of the wrong
card.
This appears to be a similar problem to that posted by Sourav Sen
on this list on July 23, but with "incorrect" ARP requests rather than
replies (so just turning on arpfiltering won't help.) Shouldn't an
ARP request leaving an interface have an IP address associated with that
interface as the source?
TIA,
- neal groothuis
-- PGP key available upon request or at http://www.imsa.edu/~ngroot/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/