ARP flux on bond interface

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* ARP flux on bond interface
@ 2014-08-25  8:47 Max Dmitrichenko
  2014-08-25 21:20 ` Paul Robert Marino
  0 siblings, 1 reply; 2+ messages in thread
From: Max Dmitrichenko @ 2014-08-25  8:47 UTC (permalink / raw)
  To: netfilter-devel

Hi!

There is a strange problem on the following setup.

There is two bond interfaces in the same IP-subnet (I know this is a
little bit weird). Let's say first has IP-address Ai and MAC-address
Am and the second Bi and Bm respectively.

Sometimes when interface B makes an ARP-request, the same request
appears on the interface A, but with source MAC-address of B, i.e. Bm.
This event poisons the ARP-table of the upstream switch and it sends
to A packets addressed to B which are dropped by my host system.

I've set arp_ignore=1 and tried to set arp_announce to 1 and 2, but
neither combination helps.

Is it kind of bug or it is expected behavior?

The kernel version is 2.6.32 from Scientific Linux 6.5 (i.e. it is
very close to one from RHEL 6).

--
Max

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: ARP flux on bond interface
  2014-08-25  8:47 ARP flux on bond interface Max Dmitrichenko
@ 2014-08-25 21:20 ` Paul Robert Marino
  0 siblings, 0 replies; 2+ messages in thread
From: Paul Robert Marino @ 2014-08-25 21:20 UTC (permalink / raw)
  To: Max Dmitrichenko; +Cc: netfilter-devel

That sounds like you have forwarding enabled. disable ip forwarding if
you can and that should go away.
In /etc/sysctl.conf set the following "net.ipv4.ip_forward = 0",
"net.ipv4.conf.all.mc_forwarding = 0", "net.ipv4.ip_forward = 0",
"net.ipv6.conf.all.forwarding = 0", "net.ipv6.conf.all.mc_forwarding =
0", etc. which should be the default in SL 6
In short if you run " sysctl -a |grep forward" and any thing has a 1
next to it set it to 0 in /etc/sysctl.conf

then run "sysctl -p"

If that does not work you may have a bug, or it could be just a funkie
routing table. this is why you gennerally dont put 2 or more
interfaces on the same subnet with different IP addresses if you can
avoid it.

On Mon, Aug 25, 2014 at 4:47 AM, Max Dmitrichenko <dmitrmax@gmail.com> wrote:
> Hi!
>
> There is a strange problem on the following setup.
>
> There is two bond interfaces in the same IP-subnet (I know this is a
> little bit weird). Let's say first has IP-address Ai and MAC-address
> Am and the second Bi and Bm respectively.
>
> Sometimes when interface B makes an ARP-request, the same request
> appears on the interface A, but with source MAC-address of B, i.e. Bm.
> This event poisons the ARP-table of the upstream switch and it sends
> to A packets addressed to B which are dropped by my host system.
>
> I've set arp_ignore=1 and tried to set arp_announce to 1 and 2, but
> neither combination helps.
>
> Is it kind of bug or it is expected behavior?
>
> The kernel version is 2.6.32 from Scientific Linux 6.5 (i.e. it is
> very close to one from RHEL 6).
>
> --
> Max
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2014-08-25 21:20 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-25  8:47 ARP flux on bond interface Max Dmitrichenko
2014-08-25 21:20 ` Paul Robert Marino

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).