IP utility "arping" uses PF_PACKET socket to send the arp_request to the peer. When peer responds with arp_reply, one copy is sent to the PF_PACKET socket and other to the linux kernel. As a result, linux kernel creates the new ARP entry. In this case, kernel doesn't know about the arp_request, hence it should treat the arp_reply as unsolicited. Linux Kernel (v2.6.21) by default does not accept unsolicited ARP replies, then how what makes kernel accept the ARP reply? Is kernel snooping in the packet with arp_request going out over the PF_PACKET socket? Any response is appreciated. Thanks Mahesh -- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
