Re: Problem with ARP-replies on Kernels 2.6 (possibly 3.0, but not 2.4!)

["Nicolas de Pesloüan" <nicolas.2p.debian@gmail.com>]

Le 28/09/2011 23:25, skandranon a écrit :

>>> So: Is this a bug or a feature?
>>
>> It is a feature.
>>
>> You should have a look at the file Documentation/networking/ip-sysctl in the kernel source tree,
>> in particular the entry about arp_ignore.
>>
>> Nicolas.

> Many thanks for your quick reply and the pointer to that document.

Please, keep netdev in copy.

> Seems this feature has been there a long time already, but this has been the first time in all of
> the 15 years or so I'm working with Linux that It's bitten my ass.
>
> May I ask you for an additional pointer explaining in layman's terms what the use cases for values 2
> and 3 would be? - I plain don't understand.

2 seems obvious and is one more level of strictness. If the ARP seems to come from a different 
subnet, ignore it, even if it enters the host on the "right" interface.

I don't know for 3.

> And maybe even an explanation what the initial reasoning might have been to select the approach of
> assigning IP addresses to the host instead of an interface?

I think it is expected to enhance connectivity, by being liberal at what the host accept, which is 
the base principle of interoperability : Be liberal in what you accept, and conservative in what you 
send [Jon Postel]. Others may explain this with more history in mind.

> The mailing list archive mentioned in e.g. "Understanding Linux Network Internals" I found after
> having your hint as a starting point doesn't seem to contain this discussion, which has obviously
> been old even back in 2003.
> And how come that the 2.4.21 kernel did behave differently? The basics seem to be the same?

Unfortunately, I'm not an archaeologist, so I'm totally unable to answer about 2.4.21. Maybe someone 
else in the list will be.

	Nicolas.