Oliver,
The reason that arp_filter is not working for you is as follows (let's
tell a little story about an inbound ARP requset):
- inbound ARP request received on ethernet interface(s)
- kernel realizes it's for a locally hosted IP
- it looks up the requestor's IP in its routing table
- it responds with the link layer address of the interface
through which it would route IP packets to this requestor
I probably mislead you last week by suggesting that arp_filter was a good
solution for your particular need. Although it is one of the solutions
for ARP flux, it won't work for your case because of the route lookup
incurred by arp_filter.
Sorry for the lack of clarity on this point in my previous post, Oliver.
As for your ip arp compilation problem....did you patch your kernel, as
well?
http://www.linuxvirtualserver.org/~julian/arprules-2.4.18-2.diff
The ip arp userspace utility has to have something in the kernel to talk
to!! :)
: ... and am I on the right way to solve my initial problem 'two
: interfaces on the same subnet?'
Absolutely.
-Martin
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
