* [LARTC] ARP queries generating entries in routing cache
@ 2005-03-18 8:39 Szymon Miotk
0 siblings, 0 replies; only message in thread
From: Szymon Miotk @ 2005-03-18 8:39 UTC (permalink / raw)
To: lartc
Hello!
I've noticed a strange thing: when a client system generates an arp
query for an unexistent host, the routing cache entry is being made.
My system is Fedora 2 with vanilla 2.6.11.
the client is 10.1.1.2 with mask 255.255.0.0
the router/firewall is 10.1.1.1 with mask 255.255.255.0
Yes, the masks are different and this cannot be fixed easily.
So, when the client generates ARP query for an unexistent host in
10.1.1.0/24 network everything is fine - query is dropped.
But when it asks for something like 10.1.44.4, then the router drops the
query, but an entry in routing cache is being made.
This is a serious problem, because when someone has a virus which tries
to spread itself, it generates thousands ARP queries per second and my
routing cache overflows and the traffic crawls.
did anybody meet such a problem?
Szymon Miotk
PS. The routing is configured ok. No <incompletes> are in arp cache,
only routing cache is being affected.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-03-18 8:39 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-03-18 8:39 [LARTC] ARP queries generating entries in routing cache Szymon Miotk
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.