Destination Gateway Genmask Flags Metric Ref Use Iface
128.96.80.0 0.0.0.0 255.255.255.0 U 0 0 8 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 12 lo
0.0.0.0 128.96.80.254 0.0.0.0 UG 0 0 100 eth0
When I do an "arp -a" on another machine (hostname sugaree), I see the following entry among others:
------------------------------------------------------------------------------
?(128.96.80.255) at HWADDR of serrano-1 (my machine!)
------------------------------------------------------------------------------
So now if one does a "ping -sv 128.96.80.255" on sugaree, only serrano-1 replies back. The question is how did that entry get in the arp cache in the first place?
When I ran "snoop" on serrano-1 I saw that it was receiving broadcast packets from another machine called curie. A snoop on curie showed the following:
------------------------------------------------------------------------------
curie -> 128.96.80.255 UDP D=135 S=1047 LEN=88
curie -> thebe PORTMAP C GETPORT prog=100024 (STATMON2) vers=1 proto=TCP
serrano-1 -> curie ICMP Redirect (for host to nvc3-80-cisco)
curie -> thebe PORTMAP C GETPORT prog=100024 (STATMON2) vers=1 proto=TCP (retransmit)
------------------------------------------------------------------------------
Q1)Why is my machine doing an ICMP Redirect? It is probably because of this Redirection that its HWADDR is being mapped to 128.96.80.255 in the arp cache on sugaree.
Q2a)What happens if IP_FORWARDING is enabled and the machine receives a broadcast on its only interface?
2b)What happens in case of multiple interfaces? I did have serrano-1 configured to have a PCMCIA ethernet card on eth1 and a WaveLAN PCMCIA card on eth0. I still had the same problems.
Can anybody shed any light on this problem. I would really appreciate any comments/suggestions,
thanks a lot,
bye,
Rajnish.