Hi - hopefully a good place to discuss this (if not, where else?) last week encountered something unexpected, basically what was ages ago described here: http://linux-ip.net/html/ether-arp.html#ether-arp-flux A host (A) with three network links eth0 in 10.0.0.0/8 network eth1 in 172.26.0.0/12 network eth2 in a.b.c.0/24 network (outside, open to the world) we added a couple of virtual kvm guests and created bridges for each of these interfaces (hence moved the Ip to the bridges) and created tap devices where necessary. However, we expected sudden connection drops and sometimes multiple responses to pings (and arpings). Tracing it down, we received ARP replies on the wrong interfaces, i.e. when sitting on a machine (M) in network 10.0.0.0/8 with a gateway (G) allowing hosts from this network to the external a.b.c.d/24 network/ When creating an arp who-has on the external IP a.b.c.d, host A replied with its MAC address participating in network a.b.c.0/24 but on network 10.0.0.0/8 :( After a lot of trial and errors, setting net.ipv4.conf.*.proxy_arp = 1 net.ipv4.conf.*.arp_filter = 1 helped, but left us with a couple of questions: * Why is this not the default for the linux kernel, I guess there is a very sane reason for that, but I have not found it so far * what do these functions actually do? I'm too bad a programmer to read (and possibly) find the code pieces, and chances are very high I won't really get it from there. Would anyone be so kind and lend me a hand/link where I can learn more about this? Cheers Carsten -- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
