On 10/18/2018 01:10 AM, Erik Auerswald wrote:
Hi,
Hi,
One example I experienced are misconfigured end-systems using IP addresses from network A in the broadcast domain of network B. The gateway for both networks was based on the Linux kernel. Misconfigured hosts were able to reach their gateway without problems (the ARP request was answered from the "wrong" interface, any interface accepts any IP destined for the host).
I feel like there are details pertinent to the conversation that I'm not privy to. Including shared or separate broadcast domains, routing, IP addressing scheme, etc. Most of which would need to be known from both ends of the communications to be able to even speculate.
AFAIK one can configure ARP to separate more, but not competely. Using bridges is said to allow for more separation, but I have not yet tested this.
I'm going to be doing some testing in this area, partially around this conversation and other very similar conversations.
For version 4, but this changes with version 6. ;-)
Would you please elaborate?I've not run across anything indicating such. I've not gotten far enough in the reading that I'm doing to delve this deep into IPv6 yet.
I'd say the same. But part of the problem is that the weak host model is a bit more surprising than the strong host model. In my experience this is especially true when a weak host is used as a router.
I assume that the weak host (end system) model is easier to code for, thus more likely to be used on single homed hosts (end systems) a they are the vast majority compared to multi-homed hosts (E.S.).
Thanks,
Thank you! Good discussion that is banging some of my brain cells together. -- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature