On Thursday 17 August 2006 14:48, Jacques Rompen wrote: > On 8/17/06, Luciano Ruete <luciano@xxxxxxxxxxxxx> wrote: > > if all ethx are on the same switch, you will need: > > echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore > > #you can also do it in a per iface basis > > > > by default, if you recive an arp request(whohas) on a iface(iface1), > > asking > > for an ip that another iface(iface2) has, then the arp request is ansered > > with the MAC address of the first iface(iface1). If all devices are in > > the same fisical segment this can lead to a single device answer for all > > IPs, or > > to a total caos. > > > > This one is very hard to catch and i forgot to mention, now solved :-) > > > > -- > > Luciano > > I will try all this tommorow, don't have acces to the box right now. > > About turning of arp. If you turn them all of, wouldnt the nics (ip's) be > unfindable from the outside world? Or does the switch they connect to > respond to such an arp request aswell? what you're turning off is that the device answers arp(whohas) requests for ips that are not from that specific device itself. The ips assigned to the device will cotinue answer as normal. > But what you are saying is that if i had a box with 2 nics each connected > to a different ISP, so each nic with a different gateway and ip. That if > nic1 would recieve a arp request for the ip from nic2, it would respond > with mac-adres from nic1. exactly! > So that could mean that all packets would come in > over nic1, even if they have destination ip(nic2)? exactly, and will arrive destiny anyway, but they are incoming for the wrong iface. > Seems to me that this is > never realy desirable. It is a really cuestionable default, but for shure that there are reasons for this(maybe a thread in lkml archives could answer this cuestion), reasons that i do not know. > Especialy if nic2 would have an static ip and i > would unplug nic2 on purpose. well thats the other scenario where i face the same problem, first guess is obvious MAC cache, and you tend to think that is fucked up, and no, it is this crossed arp answer. -- Luciano _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
