On 16/08/2003 at 16:26 Richard Underwood wrote: >> Oh I see, I seem to remember this was discovered the other >> week and it was deemed a bug in Cisco routers. >> > Ah hah! Yes, this is exactly the same bug. I still believe it's a >bug in Linux rather than Cisco, though ... and it doesn't just affect Cisco >kit either. It's not a Cisco bug, it's a Linux bug. Read: http://marc.theaimsgroup.com/?l=linux-netdev&m=106112653126429&w=2 Richard, to solve your problem in linux, you should apply the "hidden patch" or similar. Read this: http://www.linuxvirtualserver.org/docs/arp.html And this: http://www.ssi.bg/~ja/hidden.txt http://www.ssi.bg/~ja/#hidden The real problem is that in actual Linux, all interfaces are mixed in layer 2 and layer 3, you can arp request for IP in loopback or up to eth1 from interface eth0, moreoever... you can ping IP in lo or eth1 from eth0 when you have forwarding disabled. I have been working in a new patch to extend hidden to make Linux behave like other OSes and systems (real isolation of interfaces) but still isn't finished. > Could someone explain what the *purpose* of Linux giving the wrong >address out is? It appears that this is intentional behaviour?? Yes, intentional. IMHO, David Miller seem to be blocking any patch or discussion regarding this issue for years. If you read: http://www.linuxvirtualserver.org/docs/arp.html You can see that the behaviour has been changed from kernel 2.0 to 2.2 to 2.4... Regards, Carlos Velasco - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
