From: Stephan von Krawczynski <skraw@ithnet.com>
To: "David S. Miller" <davem@redhat.com>
Cc: willy@w.ods.org, richard@aspectgroup.co.uk,
alan@lxorguk.ukuu.org.uk, carlosev@newipnet.com,
lamont@scriptkiddie.org, davidsen@tmr.com, bloemsaa@xs4all.nl,
marcelo@conectiva.com.br, netdev@oss.sgi.com,
linux-net@vger.kernel.org, layes@loran.com, torvalds@osdl.org,
linux-kernel@vger.kernel.org
Subject: Re: [2.4 PATCH] bugfix: ARP respond on all devices
Date: Tue, 19 Aug 2003 18:52:19 +0200 [thread overview]
Message-ID: <20030819185219.116fd259.skraw@ithnet.com> (raw)
In-Reply-To: <20030819085717.56046afd.davem@redhat.com>
On Tue, 19 Aug 2003 08:57:17 -0700
"David S. Miller" <davem@redhat.com> wrote:
> On Tue, 19 Aug 2003 17:07:51 +0200
> Stephan von Krawczynski <skraw@ithnet.com> wrote:
>
> > Hm, what rule is broken by the remote host, then?
>
> It means that systems (like Linux) that make IP addresses owned by the
> host instead of specific interfaces cannot correctly interoperate with
> such remote systems.
>
> It is also the case that a host cannot possibly be aware of all
> subnets present on a given LAN, therefore is should be liberal in it's
> replies to ARP requests.
>
> Finally, it violates the most basic rule of IP networking:
>
> "Be liberal in what you accept, and conservative in what you send"
> -Jon Postel
If I understood what Richard said in this thread Jon just shot you down. The
conservative way to _request_ arp would definitely be to request it from the
"correct" subnet, because as a sender you ought to give credit to knowing that
"bad" boxes out there won't answer if you do otherwise. There can be no doubt
what "conservative" means here.
Additionally, the remote box is not really bad behaving:
<quote RFC-985>
A.3. ARP datagram
An ARP reply is discarded if the destination IP address does not
match the local host address. An ARP request is discarded if the
source IP address is not in the same subnet. It is desirable that
this test be overridden by a configuration parameter, in order to
support the infrequent cases where more than one subnet may
coexist on the same cable (see RFC-925 for examples).
</quote>
This means the remote box is completely ok if not answering to a request with
source ip from another subnet.
So from what I read here requesting arp should really only happen with a source
ip from the same subnet.
Regards,
Stephan
next prev parent reply other threads:[~2003-08-19 17:59 UTC|newest]
Thread overview: 164+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-19 14:34 [2.4 PATCH] bugfix: ARP respond on all devices Richard Underwood
2003-08-19 14:54 ` Willy Tarreau
2003-08-19 15:07 ` Stephan von Krawczynski
2003-08-19 15:57 ` David S. Miller
2003-08-19 16:52 ` Stephan von Krawczynski [this message]
2003-08-19 16:53 ` David S. Miller
2003-08-19 17:12 ` Stephan von Krawczynski
2003-08-19 17:09 ` David S. Miller
2003-08-19 19:04 ` Alan Cox
2003-08-19 19:01 ` David S. Miller
2003-08-19 19:19 ` Bas Bloemsaat
2003-08-19 19:16 ` David S. Miller
2003-08-20 8:49 ` Roman Pletka
2003-08-20 14:15 ` Stephan von Krawczynski
2003-08-20 14:43 ` Roman Pletka
2003-08-20 15:55 ` Stephan von Krawczynski
2003-08-20 16:47 ` Roman Pletka
2003-08-19 15:53 ` Bill Davidsen
2003-08-19 16:14 ` David S. Miller
2003-08-19 17:17 ` Bill Davidsen
2003-08-19 19:08 ` Alan Cox
2003-08-19 21:53 ` Stephan von Krawczynski
-- strict thread matches above, loose matches on Subject: below --
2003-08-20 20:10 Richard Underwood
2003-08-20 8:58 Richard Underwood
2003-08-20 15:23 ` jamal
2003-08-20 15:28 ` jamal
2003-08-19 22:12 Richard Underwood
2003-08-19 22:11 ` David S. Miller
2003-08-19 23:15 ` Stephan von Krawczynski
[not found] <mfYi.374.31@gated-at.bofh.it>
[not found] ` <mkbE.6Rk.35@gated-at.bofh.it>
2003-08-19 20:00 ` Andi Kleen
2003-08-19 19:56 ` David S. Miller
2003-08-19 19:00 Richard Underwood
2003-08-19 18:58 ` David S. Miller
[not found] <mdtk.Zy.1@gated-at.bofh.it>
[not found] ` <mgUv.3Wb.39@gated-at.bofh.it>
[not found] ` <mgUv.3Wb.37@gated-at.bofh.it>
[not found] ` <miMw.5yo.31@gated-at.bofh.it>
2003-08-19 18:48 ` Andi Kleen
2003-08-19 19:17 ` Daniel Gryniewicz
2003-08-19 19:21 ` Andi Kleen
2003-08-19 19:27 ` Daniel Gryniewicz
2003-08-19 19:24 ` David S. Miller
2003-08-19 19:32 ` Andi Kleen
2003-08-19 19:28 ` David S. Miller
2003-08-20 9:53 ` Alan Cox
2003-08-20 15:41 ` Stephan von Krawczynski
2003-08-20 15:38 ` David S. Miller
2003-08-19 19:38 ` Valdis.Kletnieks
2003-08-19 19:37 ` David S. Miller
2003-08-19 20:44 ` Valdis.Kletnieks
2003-08-19 18:16 Richard Underwood
2003-08-19 18:13 ` David S. Miller
2003-08-19 18:30 ` Bas Bloemsaat
2003-08-19 18:05 Richard Underwood
2003-08-19 18:21 ` David S. Miller
2003-08-20 12:52 ` Harley Stenzel
2003-08-19 17:56 Richard Underwood
2003-08-19 17:53 ` David S. Miller
2003-08-19 16:54 Richard Underwood
2003-08-19 16:51 ` David S. Miller
2003-08-19 17:10 ` Stephan von Krawczynski
2003-08-19 17:07 ` David S. Miller
2003-08-19 19:57 ` bill davidsen
2003-08-19 12:02 Richard Underwood
2003-08-19 12:35 ` Alan Cox
2003-08-19 18:30 ` Daniel Gryniewicz
2003-08-19 18:29 ` David S. Miller
2003-08-19 19:12 ` Daniel Gryniewicz
2003-08-19 19:10 ` David S. Miller
2003-08-20 16:49 ` Bill Davidsen
2003-08-20 17:00 ` David S. Miller
2003-08-20 17:44 ` Ben Greear
2003-08-20 17:48 ` David S. Miller
2003-08-20 23:18 ` Julian Anastasov
2003-08-23 20:50 ` Bill Davidsen
2003-08-20 19:08 ` Bill Davidsen
2003-08-20 20:07 ` Bas Bloemsaat
2003-08-19 19:42 ` bill davidsen
2003-08-19 13:11 ` Bas Bloemsaat
2003-08-19 15:34 ` David S. Miller
2003-08-19 17:39 ` Lars Marowsky-Bree
2003-08-19 17:36 ` David S. Miller
2003-08-19 21:01 ` Harley Stenzel
2003-08-19 16:19 ` Stephan von Krawczynski
2003-08-19 16:54 ` David S. Miller
2003-08-19 17:15 ` Stephan von Krawczynski
2003-08-19 16:56 ` David S. Miller
[not found] <e2Yb.5CB.17@gated-at.bofh.it>
[not found] ` <e43Y.6x0.17@gated-at.bofh.it>
[not found] ` <e43Y.6x0.19@gated-at.bofh.it>
[not found] ` <e43Y.6x0.21@gated-at.bofh.it>
[not found] ` <e43Y.6x0.23@gated-at.bofh.it>
[not found] ` <e43Y.6x0.25@gated-at.bofh.it>
[not found] ` <e43Y.6x0.15@gated-at.bofh.it>
[not found] ` <e4nd.6K9.5@gated-at.bofh.it>
[not found] ` <e4ne.6K9.11@gated-at.bofh.it>
[not found] ` <e4x3.6RV.23@gated-at.bofh.it>
[not found] ` <e4Qe.7cR.3@gated-at.bofh.it>
[not found] ` <e503.7kj.23@gated-at.bofh.it>
[not found] ` <e5jh.7yW.5@gated-at.bofh.it>
[not found] ` <edJU.6nT.25@gated-at.bofh.it>
2003-07-28 20:45 ` Julien Oster
2003-07-27 20:52 Bas Bloemsaat
2003-07-27 22:12 ` David S. Miller
2003-07-28 2:31 ` Ben Greear
2003-07-28 7:33 ` Bas Bloemsaat
2003-07-27 23:40 ` Carlos Velasco
2003-07-27 23:46 ` David S. Miller
2003-07-27 23:58 ` Carlos Velasco
2003-07-27 23:58 ` David S. Miller
2003-07-28 0:11 ` Carlos Velasco
2003-07-28 0:14 ` David S. Miller
2003-07-28 0:35 ` Carlos Velasco
2003-07-28 0:36 ` David S. Miller
2003-07-28 0:53 ` Carlos Velasco
2003-07-28 0:55 ` David S. Miller
2003-07-28 1:23 ` Carlos Velasco
2003-07-28 1:35 ` David S. Miller
2003-07-28 10:43 ` Carlos Velasco
2003-07-28 17:09 ` Phil Oester
2003-07-28 18:56 ` Bas Bloemsaat
2003-07-28 4:37 ` David Lang
2003-07-28 4:39 ` David S. Miller
2003-07-28 10:49 ` Carlos Velasco
2003-07-29 2:51 ` Bill Davidsen
2003-07-29 4:48 ` Lamont Granquist
2003-08-04 6:10 ` Pekka Savola
2003-08-17 13:09 ` Carlos Velasco
2003-08-17 13:16 ` Carlos Velasco
2003-08-17 13:41 ` Alan Cox
2003-08-17 13:55 ` Carlos Velasco
2003-08-17 15:12 ` Bernd Eckenfels
2003-08-17 15:28 ` Alan Cox
2003-08-17 15:57 ` Bas Bloemsaat
2003-08-17 15:59 ` Carlos Velasco
2003-08-17 16:26 ` Alan Cox
2003-08-17 16:27 ` Carlos Velasco
2003-08-17 17:24 ` Alan Cox
2003-08-17 22:48 ` Willy Tarreau
2003-08-18 5:22 ` David S. Miller
2003-08-18 6:56 ` Willy Tarreau
2003-08-18 7:01 ` David S. Miller
2003-08-18 7:29 ` Willy Tarreau
2003-08-18 7:43 ` Willy Tarreau
2003-08-18 5:31 ` David S. Miller
2003-08-18 11:39 ` Stephan von Krawczynski
2003-08-18 11:44 ` David S. Miller
2003-08-18 12:34 ` Stephan von Krawczynski
2003-08-18 12:30 ` David S. Miller
2003-08-18 12:51 ` Mr. James W. Laferriere
2003-08-18 12:53 ` Stephan von Krawczynski
2003-08-18 12:55 ` David S. Miller
2003-08-18 13:17 ` Stephan von Krawczynski
2003-08-18 13:14 ` David S. Miller
2003-08-18 14:23 ` Stephan von Krawczynski
2003-08-18 14:19 ` David S. Miller
2003-08-18 15:46 ` Stephan von Krawczynski
2003-08-18 13:23 ` jamal
2003-08-18 13:21 ` David S. Miller
2003-08-18 13:40 ` Stephan von Krawczynski
2003-08-20 6:55 ` Bas Bloemsaat
2003-08-18 21:54 ` Bill Davidsen
2003-08-18 13:40 ` Dominik Kubla
2003-08-18 12:51 ` Willy Tarreau
2003-08-18 12:53 ` David S. Miller
2003-08-18 14:28 ` Willy Tarreau
2003-08-18 14:28 ` David S. Miller
2003-08-18 12:08 ` Bas Bloemsaat
2003-08-18 12:03 ` David S. Miller
2003-08-18 21:32 ` Bill Davidsen
2003-08-19 3:21 ` Ben Greear
2003-08-19 15:22 ` David S. Miller
2003-08-19 7:58 ` Bas Bloemsaat
2003-08-17 16:51 ` David T Hollis
2003-08-17 16:45 ` Carlos Velasco
2003-08-17 17:13 ` Arjan van de Ven
2003-08-17 19:46 ` insecure
2003-08-18 5:11 ` David S. Miller
2003-08-18 5:29 ` David S. Miller
2003-08-17 13:59 ` Bas Bloemsaat
2003-08-18 10:48 ` Robert Collier
2003-08-17 13:38 ` Alan Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030819185219.116fd259.skraw@ithnet.com \
--to=skraw@ithnet.com \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=bloemsaa@xs4all.nl \
--cc=carlosev@newipnet.com \
--cc=davem@redhat.com \
--cc=davidsen@tmr.com \
--cc=lamont@scriptkiddie.org \
--cc=layes@loran.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-net@vger.kernel.org \
--cc=marcelo@conectiva.com.br \
--cc=netdev@oss.sgi.com \
--cc=richard@aspectgroup.co.uk \
--cc=torvalds@osdl.org \
--cc=willy@w.ods.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).