From owner-freebsd-net@FreeBSD.ORG Sun Sep 18 17:52:57 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AD48A16A41F for ; Sun, 18 Sep 2005 17:52:57 +0000 (GMT) (envelope-from sam@errno.com) Received: from ebb.errno.com (ebb.errno.com [66.127.85.87]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC6B043D45 for ; Sun, 18 Sep 2005 17:52:56 +0000 (GMT) (envelope-from sam@errno.com) Received: from [10.0.0.192] ([10.0.0.192]) (authenticated bits=0) by ebb.errno.com (8.12.9/8.12.6) with ESMTP id j8IHqt6j073585 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 18 Sep 2005 10:52:56 -0700 (PDT) (envelope-from sam@errno.com) Message-ID: <432DA922.5030303@errno.com> Date: Sun, 18 Sep 2005 10:51:30 -0700 From: Sam Leffler Organization: Errno Consulting User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Pieter de Boer References: <20050919.004531.92589257.mshindo@mshindo.net> <432D9249.9090202@mac.com> <432DA0AC.8010802@thedarkside.nl> In-Reply-To: <432DA0AC.8010802@thedarkside.nl> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: ARP behavior in FreeBSD vs Linux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Sep 2005 17:52:57 -0000 Pieter de Boer wrote: > Chuck Swiger wrote: > >>> In contrast, on Linux (by default), it >>> responds as long as the target IP address in ARP Request matches with >>> any "local" IP address on the system, which is not necessarily an IP >>> address assigned to the interface through which the ARP request is >>> received. >> >> This sounds like "proxy ARPing" is enabled by default on your >> particular flavor of Linux. I don't think they all do that, >> hopefully, any more than ipforwarding should be enabled by default >> just because a machine has two NICs. > > What Motonori Shindo described is actually the default behaviour for > Linux kernels (at least my 2.6.8-kernel does it by default). It could be > seen as a sort of proxy-arp, but only for the host itself, not other > systems. Let me try to describe when it happens. Say you have > 192.168.42.42 bound on eth0 and have eth1 connected to some ethernet > LAN. When a host on that eth1-connected LAN sends an 'arp who-has > 192.168.42.42', a Linux system will answer that arp-request with it's > eth1 MAC-address, although the IP-address is bound on eth0 and the arp > request comes in on eth0. FreeBSD obviously doesn't do this. > >>> Is there any advantage/disadvantage in ARP implementation on FreeBSD >>> over that of Linux? Thanks. > > I was unhappily surprised by this 'feature'. I find it pretty > counter-intuitive. I expect two interfaces to be seperated inside a > kernel, but Linux more or less binds them together. Incoming traffic on > the 'wrong' interface will gladly be accepted, too. This broke things > for me, because I didn't want to have that certain IP-address accessible. > > That said, this happens only when you have two interfaces connected to > the same subnet, which is a bit evil anyhow. It may be beneficial for > Linux to do things this way, perhaps for redundancy-purposes (two > interfaces, one IP-address, IP reachable over both interfaces, when one > fails, the other takes over.. no idea if that works out-of-the-box). > The linux design philosophy, based on postings from various implementors, is that ip addresses are bound to a host, not to a particular interface. I believe the arp behaviour reflects this. Sam