On 2018-10-21 22:16, dryden@xxxxxxxxxxxxx wrote: > On 2018-10-16 22:31, Leroy Tennison wrote: >> (1.2.3.4 is an arbitrary replacement but doesn't affect the basic issue) What is causing this? The systems in question have only one interface per subnet but both systems have multiple NICs which are on the same subnets. What I mean is this: on both systems NIC1 connects to subnet 1, NIC2 to subnet 2 and so on for five NICs and different subnets. The subnets do have different IP ranges (no overlap). 10.222.109.3 does happen to be on the same system as 1.2.3.4 but it doesn't have the same mac address and it is a physical interface. >> >> Address HWType HWAddress Flags Mask Iface >> 10.222.109.3 ether bc:30:5b:a6:c4:bf C eth9 >> . >> . >> . >> 1.2.3.4 ether bc:30:5b:a6:c4:bf C eth9 > > On Linux (and many other OSes with IPv4 capability) an IPv4 unicast > address belongs to the entire host, not a specific network interface. > With "typical" settings, the kernel will willingly send ICMP redirects. > If it's annoying to see the addresses from "foreign" addresses show in > the MAC table, consider disabling send and receive of redirects on both > systems. > > sysctl: > net.ipv4.conf.*.accept_redirects > net.ipv4.conf.*.send_redirects > > Probably shouldn't do this if either of the hosts forwards IP packets > though [1], particularly if packets IP forward more than once. > > [1] Usual caveat here: if you "know what you're doing" then disregard > this sentence. ... And as usual, while researching this, I found settings that might be even more relevant to your situation: ...linux/Documentation/networking/ip-sysctl.txt: - arp_announce - arp_ignore which may be more useful for keeping each host's neighbor table "clean" of foreign addresses, and is probably safer than disabling ICMP redirects. Cheers, and apologies for replying to my reply.
Attachment:
signature.asc
Description: OpenPGP digital signature