|
Bugtraq
mailing list archives
Re: Arp records in solaris
From: Brad Arlt <arlt () cpsc ucalgary ca>
Date: Mon, 14 Apr 2003 14:06:13 -0600
On Fri, Apr 11, 2003 at 04:41:35PM +0400, Edward J. Aivazian wrote:
When I make a record with -s option, in a very short period of time
(sometimes less than half-an-hour) this record is deleted. One more
article is available here, but it's in russian -
http://www.void.ru/content/856
Can anyone give a reasonable explanation to this?
As no one has answered this yet...
I have the source but don't feel like reading through it at this time.
The arp cache flush under a default install of Solaris is 20 minutes.
The recommended value is one minute.
ndd -set /dev/arp arp_cleanup_interval 60000
As for the issue of permanence. Are you sure it is marked as a
perminate entry in the ARP table. If not, you have your answer. ARP
is inserting the entry into the ARP table without the needed flag, and
normal cleanup happens.
If the ARP flag is set, ensure you are running the latest patch set.
If the problem persists, give Sun a description of the problem, quote
the same bit from the manpage, and give them the output from "uname
-a" and "showrev -p". As there a major (though likely easy fix)
problem with the ARP routines.
But don't talk to Sun until you are running the latest patch set and
you verify the problem again.
-----------------------------------------------------------------------
__o Bradley Arlt Security Team Lead
_ \<_ arlt () cpsc ucalgary ca University Of Calgary
(_)/(_) I should be biking right now. Computer Science
 By Date 
By Thread
Current thread:
|
Intro
