Hi all, I have a problem on neighboring subsystem on network namespace. I am successfully use bridged interface on the test device without ip address to connect client and server by positioning the test device between them. My test scenario as follows: After initialization of the test device, the arp cache of the test device is empty. There is route rules that route packages via device name. The traffic between client and server flows successfully by bridged interface of the test device. But I want to be able to ping client or server from the test device too. As a successful case of my test scenario: I use ping tool on root namespace of bridged device (or without namespace configurations). An arp entry is created on arp table (with <incomplete> state) and arp requests are transmitted by bridged device until an arp reply comes back. By the arp reply comes back, the mac address of the ping destination is written to the <incompleted> stated arp entry of arp table and "icmp echo request" begins to transmit. As the unsuccessful case of my test scenario: I use ping tool on namespace (not root namespace). The arp cache is empty. But instead of creating an arp request to get mac address of ping destination, the "icmp echo request" is sent with broadcast (FF:FF:FF:FF:FF:FF) destination mac address. My problem is that why a broadcast icmp package is sent instead of as an unicast icmp package (by determining destination mac address with an arp request). As a work-around, if I assign an ip address to bridged interface and then release that ip address, ping requests become to trigger arp requests and unicast icmp packages. When I inspect the reason of this problem I saw that; in __inet_dev_addr_type function, the fib_get_table function returns NULL if I route packages at a namespace. Only after the workaround which is explained above is applied, the fib_get_table function returns non-NULL value. I know that it is a special use case which is pinging from bridged ipless interface, but I really need that case. So I want to take your opinions about my problem, could it be a bug for regular use cases too and how can I solve this problem. Thanks for your helps. Best regards, Tugrul -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
