On Sun, Oct 21, 2001 at 09:21:32PM +0400, A.N.Kuznetsov wrote:
>
> > What do you think will happen when a broadcast ARP request for 1.2.3.4
> > arrives to both eth0 and eth2?
>
> Nothing. Linuxes attached to the segment even will not notice this.
> Just check and guess why. :-)
>
> Windows will dump a funny popup saying that someone uses
> their address, but however will continue to work. Probably
> with short periods of service deaths if the router is not a router
> really, but drops everything instead.
Are you saying that proxy_delay is sufficient protection from diverting other
hosts to this "proxy", and from starting to answer proxy's own requests sent
to eth2 and seen on eth0?
> > How can it be done better?
>
[snip]
> If you broke them f.e. announcing a pseudo-router with forwarding
> enabled but dropping everything with a firewall rule, ARP must not
> take care of this. That part of code which drops IP is responsible
I would prefer to put it this way: with this kind of firewall rule, the
question of working ARP needs to be taken care.
I've been doing it by setting up necessary ARP entries manually, the feature
you're going to remove from ip :-)
> for ARPing being in sync to its rules.
Andrey
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/