On 08/16/07 10:07, Pascal Hambourg wrote:
> The default behaviour is to reply on any interface for any local
> address. It can be changed on a per-interface basis with the kernel
> parameter /proc/sys/net/ipv4/conf/<interface>/arp_ignore. Definitions
> and values are in Documentation/networking/ip-sysctl.txt :
Ok, so this can be set up, it is just something that has to be turned on
via /proc.
> arp_ignore - INTEGER
> Define different modes for sending replies in response to
> received ARP requests that resolve local target IP addresses:
> 0 - (default): reply for any local target IP address, configured
> on any interface
> 1 - reply only if the target IP address is local address
> configured on the incoming interface
> 2 - reply only if the target IP address is local address
> configured on the incoming interface and both with the
> sender's IP address are part from same subnet on this interface
> 3 - do not reply for local addresses configured with scope host,
> only resolutions for global and link addresses are replied
> 4-7 - reserved
> 8 - do not reply for all local addresses
>
> The max value from conf/{all,interface}/arp_ignore is used
> when ARP request is received on the {interface}
If I understand the OP and what you have provided here correctly I
believe the OP would simply want to issue the following commands:
echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/eth1/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/eth2/arp_ignore
This should configure the interfaces to only respond to ARP requests for
their own IP address(s) (not other interfaces IP address(s)) correct?
Thus the kernel would take care of what the OP is wanting to do and the
there would be no need for ARP / IPTables, correct?
So I can correctly update my references, where did you copy and past
that documentation from?
Grant. . . .
