Home page logo
/

nanog logo nanog mailing list archives

Re: IP4 address conservation method
From: Bjørn Mork <bjorn () mork no>
Date: Thu, 06 Jun 2013 21:00:12 +0200

William Herrin <bill () herrin us> writes:
On Wed, Jun 5, 2013 at 6:25 PM, Ricky Beam <jfbeam () gmail com> wrote:
I won't argue against calling Linux "wrong".  However, the linux way of
dealing with ARP is well tuned for "host" and not "router" duty.

I love Linux and use it throughout my work but I can't tell you the
number of times its ARP behavior has bitten me. If you send a packet
to a VIP on a Linux box and it doesn't have an arp entry for the
default gateway, the Linux box will send an arp request... with the
vip as the source. That is just wrong. Wrong, wrong, wrong. Use the
damn interface IP when you arp for something on that interface. If the
router doesn't happen to like the bad arp (since the VIP isn't on the
router's LAN) the router will ignore it. And your service will merrily
pop up and down depending on whether the Linux box has any traffic to
originate.

Did you try setting sys.net.ipv4.conf.all.arp_announce=2 ?

Yes, the system default may be tuned for host/desktop usage, but it's
not like you *have* to use the system default.  Tweak it as you like.
And if there isn't enough knobs, then you can always add another one.
You have the source code.


Bjørn


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]