Re: [2.4 PATCH] bugfix: ARP respond on all devices

From: Alan Cox
Date: Sun Aug 17 2003 - 08:44:55 EST

Next message: Daniel Phillips: "Re: [BUG] Serious scheduler starvation"
Previous message: Con Kolivas: "[RFC] Re: Blender profiling-1 O16.2int"
In reply to: Robert Collier: "Re: [2.4 PATCH] bugfix: ARP respond on all devices"
Next in thread: Richard Underwood: "RE: [2.4 PATCH] bugfix: ARP respond on all devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sul, 2003-08-17 at 14:09, Carlos Velasco wrote:>
> >I can only think of one scenario where an arp request would come in
> from
> >192.168.140.x to a router interface that has 192.168.128.1. That one
> >scenario is a misconfiguration.

Two virtual networks sharing the same lan is a perfectly valid one.
There since the router doesn't know how to reach 140.x it wouldnt reply,
if it also *is* 140.1 for example then it can reply if it wishes but I
see nothing in 826 requiring it does. In normal situations the routing
tables will indicate preferred routes and gateways.

> >I believe that reason we do the sanity check is because of basic IP
> >routing. If the source is not from an IP address on the interface we
> >received it on, we cannot reply to that IP address. It is simple as
> that.

Thats not true at the IP level for basic situations like asymmetric
routing.

> >As I stated, ARP is designed to be used on a LAN. This means that all
> >stations that send/receive ARP packets are on the same subnet. This
> is
> >the reason we do the check.

Actual ARP is used on everything from 300 baud radio networks up

> >correctly. There is no case where a properly configured host should
> ever
> >send a ARP request for an IP address on a different subnet.

See above, multiple virtual networks.

> >not on the same network, then the host/router/client needs to find the
> >gateway which is on the local network

See "both are my address" case above

> >Basic and proper implementations of the TCP/IP stack should never ARP
> out
> >for a device that it is not located on the same logical network the
> host
> >is, the reason for this being they cannot communicate directly unless

See above, multiple lans co-existing.

> >I hope this clears up the reson why Cisco's ARP implementation has
> this
> >safeguard you have found along with several others, HOWEVER, please
> refer
> >to RFC 1027, (http://www.ietf.org/rfc/rfc1027.txt) and under section
> 2.4,
> >it contains the following paragraph:

RFC1027 covers proxy ARP only

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Daniel Phillips: "Re: [BUG] Serious scheduler starvation"
Previous message: Con Kolivas: "[RFC] Re: Blender profiling-1 O16.2int"
In reply to: Robert Collier: "Re: [2.4 PATCH] bugfix: ARP respond on all devices"
Next in thread: Richard Underwood: "RE: [2.4 PATCH] bugfix: ARP respond on all devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]