On Sun, Feb 24, 2002 at 03:49:26PM -0500, Adrian Chung wrote:
> On Sun, Feb 24, 2002 at 09:06:24PM +0100, Ard van Breemen wrote:
> .226 and .225 have a default gateway set, and they resolve its MAC
> address fine, (as .224's left hand iface).
>
> So that's not my problem.
Ok. Was going for the obvious. :)
> Plus, as I explained, it's not .226 and .225 getting to machines on
> the .128/25 subnet that's the problem, it's the fact that .128/25
> can't seem to see .226 and .225.
Waita minute, just remembered something: usually isp routers will arp
about each 30 minutes. That's because those cisco's probably do not have
that much cpu capacity...
> > > The HOWTO assumes that you have a router of some sort between the
> > > proxy ARP box and the ISP, so that ARP requests never traverse the
> > > router.
> > Yep and no. It assumes you have a default gateway, which usually is a
> > local router, but it can also be the router of the ISP. So your problem
> > is .225, and .226 not arping for the ISP address. There is nothing
> > wrong with the remainder of your setup.
> They ARP successfully for it, but for some reason the ISP machines on
> .128/25 won't ARP for .225 or .226... But they do for a short period
> of time if I send an unsolicited ARP request/reply to them.
Hmmm, weird...
I think the old tcpdump should give us some hints.
Could you tcpdump your interfaces? That's something like
tcpdump -n -e -i {theinterface} arp
or something like that.
Oh, and while you are at it:
ip rule show
ip route show
ip addr show
from all the boxes if the tcpdump does not give the right hints.
> After about 3 minutes, they stop responding once again, and I never
> see ARP requests/replies from them for .225 or .226.
That sounds like a stale arp entry.
> It's strange.
Yep.
BTW: you could try turning rp_filter off on the .224 box.
If it then works, then the routing is the problem.
Arp request will also follow the rp_filter...
> > > In my case, since it's a bridge, everything goes.
> > Yes, and in the normal situation you would have .252 as a default gateway.
>
> Which I do, on both .225, .226 and .224. And proper routes on .224
> pointing .226 and .225 left, and .252, .128/25 right.
>
> I'm not sure what ARP requests I was answering for, because I didn't
> see the ARP cache. But apparently there were 30-40 ARP entries at the
> ISP router end that all had my MAC address attached.
That should be correct, since your ISP router expects a /26 (unless you
really meant /6...)... That's about 64 possible addresses to arp for.
--
<ard@telegraafnet.nl> Telegraaf Elektronische Media http://wwwijzer.nl
http://leerquoten.monster.org/ http://www.faqs.org/rfcs/rfc1855.html
Let your government know you value your freedom. Sign the petition:
http://petition.eurolinux.org/
