Incorrect ARP response (network)

Dagmar d'Surreal dagmar at speakeasy.net
Fri Nov 29 10:34:06 PST 2002


On Fri, 2002-11-29 at 04:09, Sanjuro wrote:
(snippage)
> So both cards are responding to an IP that is attached to only one of 
> them. This behaviour is the same in kernel 2.4.19 and 2.4.20. This is a 
> problem because depending on which one arrives first Windows send 
> network traffic to the wrong network card, which happens to be blocked 
> using iptables resulting in a loss of connection.
> 
> My question: What could I have possible to get the kernel to do this? Is 
> it possible I compiled a strange options into the kernel? I am not 
> setting any kernel parameters at run-time or a boot time, so that can't 
> be it.

You're not going to like hearing this, but that's the default (and
considered "normal") behaviour for the 2.4.x kernels--to respond to ARP
queries for all it's addressses on any interface.

> I have tried everything else, if no-one can think of something that 
> might causing this I think I will file a bug report with the Realtek 
> kernel driver maintainer.

Don't do that.  It's not their responsibility.  They might also point
and laugh at you.  ;)

If you were running a 2.2.x kernel, this wouldn't be necessary but since
the mechanism has been changed around somewhat with 2.4.x you do need a
patch to change this behaviour (which can be more than just a little
annoying when you're trying to set up a firewall and lamers outside your
private network are leaking private network addresses that match
yours--well, annoying for _them_ anyway).  You could hop over to Google
and punch in "linux 2.4 hidden patch" or you could just cut to the chase
and go straight to http://www.linux-vs.org/~julian/#hidden.  Don't
forget to read the little hidden.txt file listed on that page which
explains a little more about what's going on and what (little) you need
to do once you've applied the patch and rebuilt your kernel.

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message



More information about the blfs-support mailing list