From mboxrd@z Thu Jan 1 00:00:00 1970 From: Steven M Campbell Subject: Re: arp replies from two adapters of same type in a machine Date: Thu, 23 Feb 2006 13:44:15 -0500 Message-ID: <43FE027F.5060403@SCampbell.net> References: <1140623158.6987.59.camel@triumph> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1140623158.6987.59.camel@triumph> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-bounces@lists.netfilter.org Errors-To: netfilter-bounces@lists.netfilter.org Content-Type: text/plain; charset="us-ascii"; format="flowed" To: Adhiraj Cc: netfilter@lists.netfilter.org Adhiraj wrote: > Hi all, > > I have two RTL-8139 network adapters in a machine, they have these IP > addresses: > eth1: 192.168.20.1 > eth2: 192.168.21.1 > > When I take tcpdump on these interfaces and ping to 192.168.21.1 from > 192.168.21.50, I see that both the adapters reply to ARP requst sent by > 192.168.21.50 machine: > > /usr/sbin/tcpdump -i eth1 -vv > . > . > arp reply 192.168.21.1 is-at > > /usr/sbin/tcpdump -i eth2 -vv > . > . > arp reply 192.168.21.1 is-at > > Ideally eth1 should not reply to the ARP request. > > I doubt that this is a netfilter issue, however.... I suspect proxy arp is enabled, on a 2.6 kernel (possibly on 2.4 also but I'm not sure) you can see if this is so cat /proc/sys/net/ipv4/conf/eth1/proxy_arp If you get a 1 then it is on, if you get a 0 then it is off. It can be controlled with the sysctl program (See man sysctl). Proxy arp would tell an interface to answer arps with it's own mac address, the idea is to allow nodes on the network to route through this system without actually having a route entry. It's almost always a bad thing in practice.