David S. Miller wrote: > > > However, I'm not happy with it trying to resolve it by sending an > > ARP packet which will be dropped by routers as invalid ARP requests. > > Oh I see, I seem to remember this was discovered the other > week and it was deemed a bug in Cisco routers. > Ah hah! Yes, this is exactly the same bug. I still believe it's a bug in Linux rather than Cisco, though ... and it doesn't just affect Cisco kit either. Could someone explain what the *purpose* of Linux giving the wrong address out is? It appears that this is intentional behaviour?? One of three things can happen when a router receives an ARP packet apparently from a host not on its subnet: 1. It can respond to it without looking at the protocol address at all. 2. It can attempt to respond to the protocol address on a different subnet. 3. It can drop the packet. For these three cases: 1. Is the simplest, and therefore probably implemented in most cases. 2. Is horrendous, is a security nightmare, will break networks, and breaks the ARP RFC. 3. Makes a lot of sense, and is suggested in other RFCs as the correct behaviour. Now, my problem is that 3 is happening. Given that on the netdev list it was said that this is *intentional* behaviour, then Linux is apparnetly trying to assist 2 in happening! Of the three, which does Linux do? Thanks, Richard - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
