Re: [B.A.T.M.A.N.] [PATCHv4 5/7] batman-adv: Distributed ARP Table - add snooping functions for ARP messages

public inbox for b.a.t.m.a.n@lists.open-mesh.org
 help / color / mirror / Atom feed

From: Andrew Lunn <andrew@lunn.ch>
To: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n@lists.open-mesh.org>
Subject: Re: [B.A.T.M.A.N.] [PATCHv4 5/7] batman-adv: Distributed ARP Table - add snooping functions for ARP messages
Date: Fri, 25 Nov 2011 22:09:11 +0100	[thread overview]
Message-ID: <20111125210911.GA23936@lunn.ch> (raw)
In-Reply-To: <20111125111708.GC17321@autistici.org>

On Fri, Nov 25, 2011 at 12:17:08PM +0100, Antonio Quartulli wrote:
> On Fri, Nov 25, 2011 at 09:45:56AM +0100, Andrew Lunn wrote:
> > Hi Antonio
> > 
> > General question. In the Linux ARP decode code is:
> > 
> > /*
> >  *      Check for bad requests for 127.x.x.x and requests for multicast
> >  *      addresses.  If this is one such, delete it.
> >  */
> >         if (ipv4_is_loopback(tip) || ipv4_is_multicast(tip))
> >                 goto out;
> > 
> > I don't see the same filtering here. What would happen if you did
> > receiver and cached such a bad request?
> 
> atually there isnot such control over the arp message content. In case
> of, let's say, a malicious ARP message of this type, it is stored like
> any other one.

It might make sense to drop such messages, since they are
invalid. However, nothing obvious comes to mind which would go wrong
if you did cache them, other than somebody could DOS you by sending
lots of ARP entries for multicast addresses.

> > In a similar direction, how does duplicate address detection work?
> > i.e. i ARP my own address to see if somebody else is using it? 

> Don't think so. Actually I/we didn't think too much about this kind of
> cases. Well, a duplicate entry is simply overwritten: I mean, if we
> already have the entry [IPa,MACa] in the table, any other ARP reply containing
> [IPa,MACb] will update the older one and MACa will be lost.

The basic idea with duplicate address detection is to send out an ARP
request for your own address. If you get an answer, you know somebody
is using the address. I think Windoz then shuts the interface down, or
at least gives a warning. So in the case of duplicate address
detection, you want to fallback to broadcasting the ARP request and
see if anybody answers. You can detect if a node is performing
aduplicate detection, if the ARP requests source MAC address is the
same as the answer in the cache. If so, fall back to broadcasting
rather than answering from the cache.

Looking at RFC 3927 might also be interesting, since it uses ARP
messages in a different way.

Also, i know some dhcp servers try to ping an IP address before giving
it out, just to be sure it is not in use. Answering the ARP request
from what could be an out of date cache entry doesn't i think causes a
problem, so long as the ping that follows it does not get
answered. But maybe some DHCP servers just perform an ARP request?

Some things to think about...

	  Andrew

next prev parent reply	other threads:[~2011-11-25 21:09 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-11-24 22:21 [B.A.T.M.A.N.] [PATCHv4 0/7] DAT: Distributed ARP Table Antonio Quartulli
2011-11-24 22:21 ` [B.A.T.M.A.N.] [PATCHv4 1/7] batman-adv: implement an helper function to forge unicast packets Antonio Quartulli
2011-11-25  8:18   ` Andrew Lunn
2011-11-25  8:54     ` Sven Eckelmann
2011-11-24 22:21 ` [B.A.T.M.A.N.] [PATCHv4 2/7] batman-adv: add a new log level for DAT-ARP debugging Antonio Quartulli
2011-11-24 22:21 ` [B.A.T.M.A.N.] [PATCHv4 3/7] batman-adv: Distributed ARP Table - create the DHT helper functions Antonio Quartulli
2011-11-24 22:21 ` [B.A.T.M.A.N.] [PATCHv4 4/7] batman-adv: Distributed ARP Table - add ARP parsing functions Antonio Quartulli
2011-11-25  8:31   ` Andrew Lunn
2011-11-25 11:04     ` Antonio Quartulli
2011-11-24 22:21 ` [B.A.T.M.A.N.] [PATCHv4 5/7] batman-adv: Distributed ARP Table - add snooping functions for ARP messages Antonio Quartulli
2011-11-25  1:18   ` Marek Lindner
2011-11-25  8:45   ` Andrew Lunn
2011-11-25 11:17     ` Antonio Quartulli
2011-11-25 21:09       ` Andrew Lunn [this message]
2011-11-26  9:09         ` Antonio Quartulli
2011-11-24 22:21 ` [B.A.T.M.A.N.] [PATCHv4 6/7] batman-adv: Distributed ARP Table - increase default soft_iface ARP table timeout Antonio Quartulli
2011-11-24 22:21 ` [B.A.T.M.A.N.] [PATCHv4 7/7] batman-adv: add Distributed ARP Table compile option Antonio Quartulli
2011-11-25  1:19   ` Marek Lindner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20111125210911.GA23936@lunn.ch \
    --to=andrew@lunn.ch \
    --cc=b.a.t.m.a.n@lists.open-mesh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox