From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: Richard Underwood <richard@aspectgroup.co.uk>
Cc: "'David S. Miller'" <davem@redhat.com>,
Stephan von Krawczynski <skraw@ithnet.com>,
willy@w.ods.org, carlosev@newipnet.com, lamont@scriptkiddie.org,
davidsen@tmr.com, bloemsaa@xs4all.nl,
Marcelo Tosatti <marcelo@conectiva.com.br>,
netdev@oss.sgi.com, linux-net@vger.kernel.org, layes@loran.com,
torvalds@osdl.org,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: RE: [2.4 PATCH] bugfix: ARP respond on all devices
Date: 19 Aug 2003 13:35:45 +0100 [thread overview]
Message-ID: <1061296544.30566.8.camel@dhcp23.swansea.linux.org.uk> (raw)
In-Reply-To: <353568DCBAE06148B70767C1B1A93E625EAB57@post.pc.aspectgroup.co.uk>
On Maw, 2003-08-19 at 13:02, Richard Underwood wrote:
> ARP is local to a broadcast net. The ARP standard explicitly
> prohibits responding to an ARP request on a different interface.
Correct, but we don't do that
> If you broadcast a request asking for a reply on an entirely
> different subnet, you're asking for trouble. You REDUCE the likelyhood of a
> successful ARP reply, not increase it.
You increase it and you shortcut on shared lans. Thats really a seperate
issue to the question of which source is used. If you loopback someone
elses address on your own lo device I'm not suprised weird shit happens,
put the alias on eth0 where it belongs.
> All you can possibly achieve by sending REQUESTS from the wrong IP
> number is assist screwed up networks where you've got multiple subnets on
> the same copper and cause a shed-load of security issues.
Not in general. If you are using ARP your lan is hardly "secure". For
most situations the trust across multiple aggregated lans is the same,
if it isnt people use vlan (which rarely helps 8))
next prev parent reply other threads:[~2003-08-19 12:38 UTC|newest]
Thread overview: 173+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-19 12:02 [2.4 PATCH] bugfix: ARP respond on all devices Richard Underwood
2003-08-19 12:35 ` Alan Cox [this message]
2003-08-19 18:30 ` Daniel Gryniewicz
2003-08-19 18:29 ` David S. Miller
2003-08-19 19:12 ` Daniel Gryniewicz
2003-08-19 19:10 ` David S. Miller
2003-08-20 16:49 ` Bill Davidsen
2003-08-20 17:00 ` David S. Miller
2003-08-20 17:44 ` Ben Greear
2003-08-20 17:48 ` David S. Miller
2003-08-20 21:34 ` [RFC][2.4 PATCH] source address selection for ARP requests Willy Tarreau
2003-08-20 21:47 ` David S. Miller
2003-08-20 22:27 ` Willy Tarreau
2003-08-20 22:35 ` David S. Miller
2003-08-20 22:59 ` Willy Tarreau
2003-08-20 23:18 ` [2.4 PATCH] bugfix: ARP respond on all devices Julian Anastasov
2003-08-23 20:50 ` Bill Davidsen
2003-08-20 19:08 ` Bill Davidsen
2003-08-20 20:07 ` Bas Bloemsaat
2003-08-19 19:17 ` Discussion fucking closed WAS(Re: " jamal
2003-08-19 19:42 ` bill davidsen
2003-08-20 5:31 ` ARP and knowledge of IP addresses [Re: [2.4 PATCH] bugfix: ARP respond on all devices] Pekka Savola
2003-08-19 13:11 ` [2.4 PATCH] bugfix: ARP respond on all devices Bas Bloemsaat
2003-08-19 15:34 ` David S. Miller
2003-08-19 17:39 ` Lars Marowsky-Bree
2003-08-19 17:36 ` David S. Miller
2003-08-19 21:01 ` Harley Stenzel
2003-08-19 16:19 ` Stephan von Krawczynski
2003-08-19 16:54 ` David S. Miller
2003-08-19 17:15 ` Stephan von Krawczynski
2003-08-19 16:56 ` David S. Miller
2003-08-20 5:18 ` host vs interface address ownership [Re: [2.4 PATCH] bugfix: ARP respond on all devices] Pekka Savola
2003-08-20 5:38 ` Valdis.Kletnieks
-- strict thread matches above, loose matches on Subject: below --
2003-08-20 20:10 [2.4 PATCH] bugfix: ARP respond on all devices Richard Underwood
2003-08-20 8:58 Richard Underwood
2003-08-20 15:23 ` jamal
2003-08-20 15:28 ` jamal
2003-08-19 22:12 Richard Underwood
2003-08-19 22:11 ` David S. Miller
2003-08-19 23:15 ` Stephan von Krawczynski
[not found] <mfYi.374.31@gated-at.bofh.it>
[not found] ` <mkbE.6Rk.35@gated-at.bofh.it>
2003-08-19 20:00 ` Andi Kleen
2003-08-19 19:56 ` David S. Miller
2003-08-19 19:00 Richard Underwood
2003-08-19 18:58 ` David S. Miller
[not found] <mdtk.Zy.1@gated-at.bofh.it>
[not found] ` <mgUv.3Wb.39@gated-at.bofh.it>
[not found] ` <mgUv.3Wb.37@gated-at.bofh.it>
[not found] ` <miMw.5yo.31@gated-at.bofh.it>
2003-08-19 18:48 ` Andi Kleen
2003-08-19 19:17 ` Daniel Gryniewicz
2003-08-19 19:21 ` Andi Kleen
2003-08-19 19:27 ` Daniel Gryniewicz
2003-08-19 19:24 ` David S. Miller
2003-08-19 19:32 ` Andi Kleen
2003-08-19 19:28 ` David S. Miller
2003-08-20 9:53 ` Alan Cox
2003-08-20 15:41 ` Stephan von Krawczynski
2003-08-20 15:38 ` David S. Miller
2003-08-19 19:38 ` Valdis.Kletnieks
2003-08-19 19:37 ` David S. Miller
2003-08-19 20:44 ` Valdis.Kletnieks
2003-08-19 18:16 Richard Underwood
2003-08-19 18:13 ` David S. Miller
2003-08-19 18:30 ` Bas Bloemsaat
2003-08-19 18:05 Richard Underwood
2003-08-19 18:21 ` David S. Miller
2003-08-20 12:52 ` Harley Stenzel
2003-08-19 17:56 Richard Underwood
2003-08-19 17:53 ` David S. Miller
2003-08-19 16:54 Richard Underwood
2003-08-19 16:51 ` David S. Miller
2003-08-19 17:10 ` Stephan von Krawczynski
2003-08-19 17:07 ` David S. Miller
2003-08-19 19:57 ` bill davidsen
2003-08-19 14:34 Richard Underwood
2003-08-19 14:54 ` Willy Tarreau
2003-08-19 15:07 ` Stephan von Krawczynski
2003-08-19 15:57 ` David S. Miller
2003-08-19 16:52 ` Stephan von Krawczynski
2003-08-19 16:53 ` David S. Miller
2003-08-19 17:12 ` Stephan von Krawczynski
2003-08-19 17:09 ` David S. Miller
2003-08-19 19:04 ` Alan Cox
2003-08-19 19:01 ` David S. Miller
2003-08-19 19:19 ` Bas Bloemsaat
2003-08-19 19:16 ` David S. Miller
2003-08-20 8:49 ` Roman Pletka
2003-08-20 14:15 ` Stephan von Krawczynski
2003-08-20 14:43 ` Roman Pletka
2003-08-20 15:55 ` Stephan von Krawczynski
2003-08-20 16:47 ` Roman Pletka
2003-08-19 15:53 ` Bill Davidsen
2003-08-19 16:14 ` David S. Miller
2003-08-19 17:17 ` Bill Davidsen
2003-08-19 19:08 ` Alan Cox
2003-08-19 21:53 ` Stephan von Krawczynski
[not found] <e2Yb.5CB.17@gated-at.bofh.it>
[not found] ` <e43Y.6x0.17@gated-at.bofh.it>
[not found] ` <e43Y.6x0.19@gated-at.bofh.it>
[not found] ` <e43Y.6x0.21@gated-at.bofh.it>
[not found] ` <e43Y.6x0.23@gated-at.bofh.it>
[not found] ` <e43Y.6x0.25@gated-at.bofh.it>
[not found] ` <e43Y.6x0.15@gated-at.bofh.it>
[not found] ` <e4nd.6K9.5@gated-at.bofh.it>
[not found] ` <e4ne.6K9.11@gated-at.bofh.it>
[not found] ` <e4x3.6RV.23@gated-at.bofh.it>
[not found] ` <e4Qe.7cR.3@gated-at.bofh.it>
[not found] ` <e503.7kj.23@gated-at.bofh.it>
[not found] ` <e5jh.7yW.5@gated-at.bofh.it>
[not found] ` <edJU.6nT.25@gated-at.bofh.it>
2003-07-28 20:45 ` Julien Oster
2003-07-27 20:52 Bas Bloemsaat
2003-07-27 22:12 ` David S. Miller
2003-07-28 2:31 ` Ben Greear
2003-07-28 7:33 ` Bas Bloemsaat
2003-07-27 23:40 ` Carlos Velasco
2003-07-27 23:46 ` David S. Miller
2003-07-27 23:58 ` Carlos Velasco
2003-07-27 23:58 ` David S. Miller
2003-07-28 0:11 ` Carlos Velasco
2003-07-28 0:14 ` David S. Miller
2003-07-28 0:35 ` Carlos Velasco
2003-07-28 0:36 ` David S. Miller
2003-07-28 0:53 ` Carlos Velasco
2003-07-28 0:55 ` David S. Miller
2003-07-28 1:23 ` Carlos Velasco
2003-07-28 1:35 ` David S. Miller
2003-07-28 10:43 ` Carlos Velasco
2003-07-28 17:09 ` Phil Oester
2003-07-28 18:56 ` Bas Bloemsaat
2003-07-28 4:37 ` David Lang
2003-07-28 4:39 ` David S. Miller
2003-07-28 10:49 ` Carlos Velasco
2003-07-29 2:51 ` Bill Davidsen
2003-07-29 4:48 ` Lamont Granquist
2003-08-04 6:10 ` Pekka Savola
2003-08-17 13:09 ` Carlos Velasco
2003-08-17 13:16 ` Carlos Velasco
2003-08-17 13:41 ` Alan Cox
2003-08-17 13:55 ` Carlos Velasco
2003-08-17 15:12 ` Bernd Eckenfels
2003-08-17 15:28 ` Alan Cox
2003-08-17 15:57 ` Bas Bloemsaat
2003-08-17 15:59 ` Carlos Velasco
2003-08-17 16:26 ` Alan Cox
2003-08-17 16:27 ` Carlos Velasco
2003-08-17 17:24 ` Alan Cox
2003-08-17 22:48 ` Willy Tarreau
2003-08-18 5:22 ` David S. Miller
2003-08-18 6:56 ` Willy Tarreau
2003-08-18 7:01 ` David S. Miller
2003-08-18 7:29 ` Willy Tarreau
2003-08-18 7:43 ` Willy Tarreau
2003-08-18 5:31 ` David S. Miller
2003-08-18 11:39 ` Stephan von Krawczynski
2003-08-18 11:44 ` David S. Miller
2003-08-18 12:34 ` Stephan von Krawczynski
2003-08-18 12:30 ` David S. Miller
2003-08-18 12:51 ` Mr. James W. Laferriere
2003-08-18 12:53 ` Stephan von Krawczynski
2003-08-18 12:55 ` David S. Miller
2003-08-18 13:17 ` Stephan von Krawczynski
2003-08-18 13:14 ` David S. Miller
2003-08-18 14:23 ` Stephan von Krawczynski
2003-08-18 14:19 ` David S. Miller
2003-08-18 15:46 ` Stephan von Krawczynski
2003-08-18 13:23 ` jamal
2003-08-18 13:21 ` David S. Miller
2003-08-18 13:40 ` Stephan von Krawczynski
2003-08-20 6:55 ` Bas Bloemsaat
2003-08-18 21:54 ` Bill Davidsen
2003-08-18 13:40 ` Dominik Kubla
2003-08-18 12:51 ` Willy Tarreau
2003-08-18 12:53 ` David S. Miller
2003-08-18 14:28 ` Willy Tarreau
2003-08-18 14:28 ` David S. Miller
2003-08-18 12:08 ` Bas Bloemsaat
2003-08-18 12:03 ` David S. Miller
2003-08-18 21:32 ` Bill Davidsen
2003-08-19 3:21 ` Ben Greear
2003-08-19 15:22 ` David S. Miller
2003-08-19 7:58 ` Bas Bloemsaat
2003-08-17 16:51 ` David T Hollis
2003-08-17 16:45 ` Carlos Velasco
2003-08-17 17:13 ` Arjan van de Ven
2003-08-17 19:46 ` insecure
2003-08-18 5:11 ` David S. Miller
2003-08-18 5:29 ` David S. Miller
2003-08-17 13:59 ` Bas Bloemsaat
2003-08-18 10:48 ` Robert Collier
2003-08-17 13:38 ` Alan Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1061296544.30566.8.camel@dhcp23.swansea.linux.org.uk \
--to=alan@lxorguk.ukuu.org.uk \
--cc=bloemsaa@xs4all.nl \
--cc=carlosev@newipnet.com \
--cc=davem@redhat.com \
--cc=davidsen@tmr.com \
--cc=lamont@scriptkiddie.org \
--cc=layes@loran.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-net@vger.kernel.org \
--cc=marcelo@conectiva.com.br \
--cc=netdev@oss.sgi.com \
--cc=richard@aspectgroup.co.uk \
--cc=skraw@ithnet.com \
--cc=torvalds@osdl.org \
--cc=willy@w.ods.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).