From owner-freebsd-questions@FreeBSD.ORG Thu Feb 28 14:52:52 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E6CB8106566B for ; Thu, 28 Feb 2008 14:52:52 +0000 (UTC) (envelope-from pmaechler@glattnet.ch) Received: from mail01.glattnet.ch (mx10.glattnet.ch [80.242.193.210]) by mx1.freebsd.org (Postfix) with ESMTP id 3FEA18FC12 for ; Thu, 28 Feb 2008 14:52:51 +0000 (UTC) (envelope-from pmaechler@glattnet.ch) Received: from GWS050 ([80.242.192.34]) by mail01.glattnet.ch (WELCOME TO GLATTWERK AG) with ASMTP id IQC03957; Thu, 28 Feb 2008 15:52:57 +0100 From: "Maechler Philippe" To: "'Erik Norgaard'" Date: Thu, 28 Feb 2008 15:52:49 +0100 Message-ID: <005801c87a19$966b13b0$3202a8c0@glattwerk.local> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.5709 In-Reply-To: <47C526C6.5080809@locolomo.org> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 Cc: freebsd-questions@freebsd.org Subject: RE: ARP Messages X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Feb 2008 14:52:53 -0000 Hi Erik > -----Original Message----- > From: Erik Norgaard [mailto:norgaard@locolomo.org]=20 > Sent: Wednesday, February 27, 2008 10:01 AM > To: Maechler Philippe > Cc: freebsd-questions@freebsd.org > Subject: Re: ARP Messages >=20 >=20 > Maechler Philippe wrote: > >>> ------------- =20 > >>> | server | switch switch =20 > >>> |192.168.3.222|----[(3.x/24)]--[(3.x/24)] > >>> |80.242.192.80|bge1 | =20 > >>> ------------- | > >>> |bge0 ------------------- > >>> | | > >>> [switch]----[Gateway 80.242.192.65]---[INTERNET] | > >>> | | > >>> | | > >>> [switch] | > >>> | | > >>> |bge0 | > >>> --------------------------------- | > >>> | 80.242.192.81 00:19:bb:25:7b:63| | > >>> | 192.168.3.226 00:19:bb:25:7b:64|-------------------- > >>> --------------------------------- > >> Do you see the same loop as I do? > >> > >> Request goes out on one interface, response comes back on the > > other - > >> pretty much what the message says. > >> > >=20 > > Yes I see the loop, the error messages make sense but don't=20 > understand=20 > > it :/ I set up extra routes for the private network so how can a=20 > > packet from the public interface arrive at a private one? > >=20 > > I'll recheck the cabeling, the routes on the servers and the switch=20 > > the're connected to and give you feedback here >=20 > Well, it appears to me that you are on the wrong box to solve the=20 > problem. The server sends an error message as it should. >=20 > What happens is that your unnamed box receives an arp request on its=20 > bge0 interface, but sends the respond on its bge1 interface.=20 > You can use=20 > snort to listen for arp packets to see what's going on. >=20 > I do not know why you have created a loop, with correct routing and=20 > firewall there should be no need for a loop. The easy solution is to=20 > pull a cable - either one on that unnamed box. >=20 Ok I rechecked everything and found the loop. There was a "missconfiguration/misscabling" on one switch/vlan which caused leaking arp-broadcast packages to other ports :( Thanks to all for your hints and help Philippe