Re: arp replies from two adapters of same type in a machine

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Steven M Campbell <Netfilter@SCampbell.net>
To: Adhiraj <adhiraj@linsyssoft.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: arp replies from two adapters of same type in a machine
Date: Thu, 23 Feb 2006 13:44:15 -0500	[thread overview]
Message-ID: <43FE027F.5060403@SCampbell.net> (raw)
In-Reply-To: <1140623158.6987.59.camel@triumph>

Adhiraj wrote:
> Hi all,
>
> I have two RTL-8139 network adapters in a machine, they have these IP
> addresses:
> eth1: 192.168.20.1
> eth2: 192.168.21.1
>
> When I take tcpdump on these interfaces and ping to 192.168.21.1 from
> 192.168.21.50, I see that both the adapters reply to ARP requst sent by
> 192.168.21.50 machine:
>
> /usr/sbin/tcpdump -i eth1 -vv
> .
> .
> arp reply 192.168.21.1 is-at <MAC add of eth1>
>
> /usr/sbin/tcpdump -i eth2 -vv
> .
> .
> arp reply 192.168.21.1 is-at <MAC add of eth2>
>
> Ideally eth1 should not reply to the ARP request.
>
>   
I doubt that this is a netfilter issue, however....

I suspect proxy arp is enabled,  on a 2.6 kernel (possibly on 2.4 also 
but I'm not sure) you can see if this is so
    cat /proc/sys/net/ipv4/conf/eth1/proxy_arp
If you get a 1 then it is on, if you get a 0 then it is off.    It can 
be controlled with the sysctl program (See man sysctl).

Proxy arp would tell an interface to answer arps with it's own mac 
address, the idea is to allow nodes on the network to route through this 
system without actually having a route entry.  It's almost always a bad 
thing in practice.

next prev parent reply	other threads:[~2006-02-23 18:44 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-02-22 15:45 arp replies from two adapters of same type in a machine Adhiraj
2006-02-23 18:44 ` Steven M Campbell [this message]
2006-02-24 14:57 ` Ard van Breemen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=43FE027F.5060403@SCampbell.net \
    --to=netfilter@scampbell.net \
    --cc=adhiraj@linsyssoft.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.