Re: snat local packets and arp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Marco Berizzi wrote:
Hello everybody.
I have configured a linux 2.6.23 box with two ip
addresses on a single interface:

# ip a s dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
    link/ether 00:30:05:cb:27:c1 brd ff:ff:ff:ff:ff:ff
    inet hdsl.254/27 brd hdsl.255 scope global eth0
    inet adsl.134/29 brd adsl.135 scope global eth0

This box is running squid as a proxy server. The
default gateway is hdsl.225
Locally generated packets from squid are snated with
adsl.134 and then they are market so they are forwarded
to the adsl router (adsl.129).
There is always (one/second) packet flow between both
the cisco routers (hdsl.225 and adsl.129) and the
linux box.
But linux is arping every few seconds the adsl.129
router:

10:54:11.787680 : arp who-has adsl.129 tell adsl.134
10:54:11.788293 : arp reply adsl.129 is-at 00:1b:...
10:54:34.580798 : arp who-has adsl.129 tell adsl.134
10:54:34.581441 : arp reply adsl.129 is-at 00:1b:...
10:55:17.420198 : arp who-has adsl.129 tell adsl.134
10:55:17.420836 : arp reply adsl.129 is-at 00:1b:...
10:56:00.552606 : arp who-has adsl.129 tell adsl.134
10:56:00.553231 : arp reply adsl.129 is-at 00:1b:...

It is like linux doesn't undestand it is using
also the adsl.129, because it is generating packets
with source ip=hdsl.254 and then I snat them with
adsl.134 in the postrouting chain.

Is this behaviour expected?

Running ping adsl.129 stop linux from arping the
adsl.129 router.

I don't get it. You say this box is using adsl.129 as
nexthop for the locally generated squid packets.
So whats wrong with sending arp queries for that router?

-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux