I've a strange problem in my network that I beleave is related to the arp table
and would like to ask if someone could help me trace down the source of my
probleme.
My firewall has two internal networks on the same nic and routes back trafic
from one network to the other eaven they are on the same segment. It's not
elegand, but in an emergency (after a host crash) its what I could bring up.
Internet
|
| eth0=PublicIP
firewall
| eth1=200.1.1.1/27
| eth1:0=200.2.2.9/29
|
Host-A Host-B Serv6
200.2.2.12/29 200.2.2.14/29 200.1.1.6/27 eth0:0=200.1.1.5/27
At Host-A it happens that the IP+MAC of Serv6 gets in his arp table, but there
is no direct route between this hosts. When that happens every services
provided by serv6 can still be accessed at Host-A as they are routed thru the
firewall. But I can't ping from Host-A to Serv6.
If I force to remove Serve6 from host-A arp table (arp -i eth0 -d Serv6) and
flush his route table (ip route flush cache) then I can ping Serv6.
Unfortunetly, some minutes later, Serv6 gots into the arp table from Host-A and
stops ping that I use to monitore the server.
The problem just occurs on Host-A, I can't see a topological difference betwean
Host-A and Host-B, just the service they are running.
Also I have a secont IP bind to the same nic at Serv6, that doesn't get afected
by this problem (in fact the second IP doesn't ever apears in the arp table).
What I whant to figure out is how the base IP from Serv6 goes into Host-A arp
table, as there are no explicit route between the two networks on both (host-A
and Serv6) forcing them to use the Default Gatway to comunicate. As I
understand they shouldn't issue any arp requests from the other host as they
will comunicate thru the GW (firewall).
Any idea ?
Thanks
Alexander E. Belck
-----------------------------------------------------------------
Esta mensagem foi enviada pelo IMP, o Internet Messaging Program.
