* /proc/sys/net/ipv4/config/eth0/arp_filter not working?
@ 2003-12-09 14:58 Felix von Leitner
2003-12-09 19:15 ` Jose Luis Domingo Lopez
2003-12-09 19:39 ` David S. Miller
0 siblings, 2 replies; 3+ messages in thread
From: Felix von Leitner @ 2003-12-09 14:58 UTC (permalink / raw)
To: linux-kernel
Hi!
I'm having trouble with the Linux kernel answering ARP requests it
shouldn't answer.
In particular, I have added the IP 10.0.0.23 to lo using ip from
iproute2. On another machine, I have added the IP 10.0.0.23 to eth0
using ip. Now, an ARP request from a third machine is answered by both.
According to the documentation I found, the kernel (2.6.0-test11) should
not answer ARP requests for the lo alias if I write 1 to
/proc/sys/net/ipv4/config/eth0/arp_filter, and to be on the safe side, I
also wrote 1 to /proc/sys/net/ipv4/config/lo/arp_filter. However, the
kernel still answers the ARP requests.
Any takers?
Felix
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: /proc/sys/net/ipv4/config/eth0/arp_filter not working?
2003-12-09 14:58 /proc/sys/net/ipv4/config/eth0/arp_filter not working? Felix von Leitner
@ 2003-12-09 19:15 ` Jose Luis Domingo Lopez
2003-12-09 19:39 ` David S. Miller
1 sibling, 0 replies; 3+ messages in thread
From: Jose Luis Domingo Lopez @ 2003-12-09 19:15 UTC (permalink / raw)
To: linux-kernel
On Tuesday, 09 December 2003, at 15:58:47 +0100,
Felix von Leitner wrote:
> Any takers?
>
For Linux network related questions, please check
linux-net@vger.kernel.org, where Linux networking gurus go more often
than linux-kernel.
Greetings.
--
Jose Luis Domingo Lopez
Linux Registered User #189436 Debian Linux Sid (Linux 2.6.0-test10-mm1)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: /proc/sys/net/ipv4/config/eth0/arp_filter not working?
2003-12-09 14:58 /proc/sys/net/ipv4/config/eth0/arp_filter not working? Felix von Leitner
2003-12-09 19:15 ` Jose Luis Domingo Lopez
@ 2003-12-09 19:39 ` David S. Miller
1 sibling, 0 replies; 3+ messages in thread
From: David S. Miller @ 2003-12-09 19:39 UTC (permalink / raw)
To: Felix von Leitner; +Cc: linux-kernel
On Tue, 9 Dec 2003 15:58:47 +0100
Felix von Leitner <felix-kernel@fefe.de> wrote:
> According to the documentation I found, the kernel (2.6.0-test11) should
> not answer ARP requests for the lo alias if I write 1 to
> /proc/sys/net/ipv4/config/eth0/arp_filter, and to be on the safe side, I
> also wrote 1 to /proc/sys/net/ipv4/config/lo/arp_filter. However, the
> kernel still answers the ARP requests.
Read the documentation again more clearly:
====================
arp_filter - BOOLEAN
1 - Allows you to have multiple network interfaces on the same
subnet, and have the ARPs for each interface be answered
based on whether or not the kernel would route a packet from
the ARP'd IP out that interface (therefore you must use source
based routing for this to work). In other words it allows control
of which cards (usually 1) will respond to an arp request.
====================
This is telling you that you need to set up your routes correctly
in order for the ARP packets to be filtered the way you want.
The decision to block ARP packets is not just based upon this sysctl
value, it is instead made if this sysctl value is set _AND_ the routes
indicate that we would not use this device for a route to reach that
destination which is trying to be resolved by the ARP request.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-12-09 20:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-12-09 14:58 /proc/sys/net/ipv4/config/eth0/arp_filter not working? Felix von Leitner
2003-12-09 19:15 ` Jose Luis Domingo Lopez
2003-12-09 19:39 ` David S. Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).