> > > You need to change your routing so that the 129.187.154.153 route goes > > > through eth1 or alternatively add blackhole policy routing with > > > eth0's address as source address. > > Then my machine could not talk to 129.187.154.153 any more because eth1 is > > on a physically separated network. > > If you need to talk to someone on eth0 you should also answer his > arp requests there. You seem to want to answer arp requests on a different > interface than you send packets out, which doesn't make much sense. I do want these hosts to be able to talk to another, but I do not want 129.187.154.153 to be able to talk to the _private_ IP of the other machine. It should answer ARP requests only for addresses bound to the interface the request is arriving upon. Ciao, Roland - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
