Re: proxy_arp - Vigneswaran R

netfilter.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Vigneswaran R <vignesh@atc.tcs.com>
To: netfilter@vger.kernel.org
Cc: richard lucassen <mailinglists@lucassen.org>
Subject: Re: proxy_arp
Date: Tue, 29 Apr 2014 08:43:08 +0530	[thread overview]
Message-ID: <535F18C4.5000803@atc.tcs.com> (raw)
In-Reply-To: <20140428190404.2786b822002cc5ad8f001ff7@lucassen.org>

On 04/28/2014 10:34 PM, richard lucassen wrote:
> On Mon, 28 Apr 2014 09:23:31 +0530
> Vigneswaran R <vignesh@atc.tcs.com> wrote:
>
>> It seems, iptable rules will not affect the ARP.
> No, it should not :)
>
>> By any chance you
>> have arptables or ebtables installed on srv1 which is causing the
>> problem?
> Nope:
>
> # ebtables -L
> Bridge table: filter
>
> Bridge chain: INPUT, entries: 0, policy: ACCEPT
>
> Bridge chain: FORWARD, entries: 0, policy: ACCEPT
>
> Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
>
> # arptables -L
> Chain INPUT (policy ACCEPT)
>
> Chain OUTPUT (policy ACCEPT)
>
> Chain FORWARD (policy ACCEPT)
>
> I just don't understand why srv1 is not arp-replying to the ip
> addresses it owns...

Did you check the rp_filter also? Try disabling the rp_filter on srv1 
(if it is not disabled already) and check.
(Just in case the source IP of the arp request and the incoming 
Interface are not matching according to the routing table entries).

echo "0" > /proc/sys/net/ipv4/conf/eth1/rp_filter

regards,
Vignesh

next prev parent reply	other threads:[~2014-04-29  3:13 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-04-25 17:35 proxy_arp richard lucassen
2014-04-28  3:53 ` proxy_arp Vigneswaran R
     [not found]   ` <20140428190404.2786b822002cc5ad8f001ff7@lucassen.org>
2014-04-29  3:13     ` Vigneswaran R [this message]
2014-04-29 11:13       ` proxy_arp [resolved] richard lucassen
2014-04-29 11:19         ` Vigneswaran R
  -- strict thread matches above, loose matches on Subject: below --
2014-04-27  5:43 proxy_arp fnavarro

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=535F18C4.5000803@atc.tcs.com \
    --to=vignesh@atc.tcs.com \
    --cc=mailinglists@lucassen.org \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).