Hello!
I've noticed a strange thing: when a client system generates an arp query for an unexistent host, the routing cache entry is being made.
My system is Fedora 2 with vanilla 2.6.11. the client is 10.1.1.2 with mask 255.255.0.0 the router/firewall is 10.1.1.1 with mask 255.255.255.0 Yes, the masks are different and this cannot be fixed easily.
So, when the client generates ARP query for an unexistent host in 10.1.1.0/24 network everything is fine - query is dropped.
But when it asks for something like 10.1.44.4, then the router drops the query, but an entry in routing cache is being made.
This is a serious problem, because when someone has a virus which tries to spread itself, it generates thousands ARP queries per second and my routing cache overflows and the traffic crawls.
did anybody meet such a problem?
Szymon Miotk
PS. The routing is configured ok. No <incompletes> are in arp cache, only routing cache is being affected.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc