Martin A. Brown wrote:
Greetings,
Hi - thanks for your reply. Please bear with me, I'm not an expert.
http://linux-ip.net/html/ether-arp.html#ether-arp-flux
But *is* this an arp flux problem? I don't think it is. Arp flux (which I see on a linux box routing here on our network) happens on the *same* segment, according to this description. In my case, the interfaces are on different segments, and they never exhibit arp flux (ie the MAC-IP mapping is always constant), it's just that:
By default, an ARP reply will be generated for IP addresses available on a host, not just IP addresses on the interface through which the ARP query was received.
ie. eth0 (193.a.b.c) receives an ARP query for 10.0.0.1 and returns the MAC of eth1 (10.0.0.1) even though eth1 isn't on the same segment (on nothing except a crossover cable). The ARP data is always constant (193.a.b.c <-> eth0_mac, 10.0.0.1 <-> eth1_mac).
This doesn't seem to me to be the same thing as arp flux. Am I wrong?
What's the advantage of this behaviour being the default - seems to me that it's information disclosure that shouldn't be happening. Why should you tell another network segment what your other interface's IP/MAC addresses are?
-- Illtud Daniel illtud.daniel@xxxxxxxxxxx Uwch Ddadansoddwr Systemau Senior Systems Analyst Llyfrgell Genedlaethol Cymru National Library of Wales Yn siarad drosof fy hun, nid LlGC - Speaking personally, not for NLW
- : send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
