Home page logo
/

nanog logo nanog mailing list archives

Re: IP4 address conservation method
From: Jimmy Hess <mysidia () gmail com>
Date: Thu, 6 Jun 2013 23:06:12 -0500

On 6/6/13, William Herrin <bill () herrin us> wrote:
Yes, the system default may be tuned for host/desktop usage
No, it doesn't default to reasonable desktop settings for ARP... it
defaults to a version of wrong that on a desktop with one NIC and one
IP doesn't happen to break anything. It'd be nice if it defaulted to
RFC compliant instead and let the few folks with wacky needs move it
off the standard behavior.

I find Linux's arp defaults annoying also,  but they're not "wrong"
or "non-RFC compliant".

An interpretation that applies in the design of Linux networking, is
that IP addresses belong to the host,   and IP addresses do not belong
to IP interfaces  (excepting 'scope local' IPs, such as IPv6
link-local).

An interface has a source IP address assigned to it  for outgoing
traffic from the host.
All destination IPs for incoming traffic to the host belong to no
specific interface on the host.

Any  IP address  added to any interface, belongs to the host as a
valid destination IP,  and can be ARP'ed on any of the host's IP
interfaces.

Excepting a firewall rule to the contrary,  traffic for any of the
host's destination IPs can come in any interface.


This is a totally valid and correct  way of  a host managing that
host's IP addresses.
However, it is a tad inconvenient for the administrator,  in some
real-world circumstances; mainly unusual configs such as servers with
multiple NICs plugged into different subnets, or servers behind a load
balancer.


And the ARP behavior is counterintuitive,  because   regardless of
that fact, in Linux you _still_  configure  IP addresses on
interfaces;    every interface has a preferred IP, and maybe some
alias IPs.



In most case's  Linux's  choice not to restrict  ARP to a specific
interface  bound to the IP is not useful.


However,   it is useful if you have a host that has multiple NICs
plugged into the same network.



The kernel has its defaults,  but  distribution vendors such as
Redhat/Ubuntu/Debian, are free to supply their own defaults  through
sysctl.conf or their NetworkManager packages  or network configuration
scripts...

It's interesting to note they have so far chosen to go (mostly) with
the defaults.

I'm sure most people do not have a problem,  or else,  someone would
have updated the defaults by now

-Bill
--
-JH


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault