From owner-freebsd-questions Wed Sep 18 14:33: 5 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F1FA337B404 for ; Wed, 18 Sep 2002 14:33:02 -0700 (PDT) Received: from sccrmhc01.attbi.com (sccrmhc01.attbi.com [204.127.202.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id 12CB643E4A for ; Wed, 18 Sep 2002 14:33:02 -0700 (PDT) (envelope-from crist.clark@attbi.com) Received: from blossom.cjclark.org ([12.234.91.48]) by sccrmhc01.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020918213301.QQPV14978.sccrmhc01.attbi.com@blossom.cjclark.org>; Wed, 18 Sep 2002 21:33:01 +0000 Received: from blossom.cjclark.org (localhost. [127.0.0.1]) by blossom.cjclark.org (8.12.3/8.12.3) with ESMTP id g8ILX0Wn014066; Wed, 18 Sep 2002 14:33:00 -0700 (PDT) (envelope-from crist.clark@attbi.com) Received: (from cjc@localhost) by blossom.cjclark.org (8.12.3/8.12.3/Submit) id g8ILWxu6014065; Wed, 18 Sep 2002 14:32:59 -0700 (PDT) X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f Date: Wed, 18 Sep 2002 14:32:58 -0700 From: "Crist J. Clark" To: jim@jwweeks.com Cc: questions@FreeBSD.ORG Subject: Re: arplookup xx.xxx.xx.xxx failed: host is not on local network Message-ID: <20020918213258.GA13852@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20020917223014.GB3323@blossom.cjclark.org> <2033.68.59.219.194.1032375332.squirrel@siteplus.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2033.68.59.219.194.1032375332.squirrel@siteplus.net> User-Agent: Mutt/1.4i X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Sep 18, 2002 at 02:55:32PM -0400, Jim wrote: > This is a very good explanation, however I have this identical scenario > with one of my co-los. I have gone round and round with the administrator > for over a year now with no solution. > > You make the statement below that these two machines can't communicate, > however I can ping and tracroute the offending machines, and they can do > the same in reverse. On traceroute, the traffic definitely travels > through the router as it should, but I still see these out of network ARP > requests. > > I know I'm confused :( Actually, the communications can work depending on the situation. You can get some asymetric routing going where the machine with the smaller netmask is bouncing everything through a router and the other machine is talking back directly. The router is often, but not always, going to be generating ICMP redirects in such a scenario. They are another marker for this kind of misconfiguration. In your example, make sure to not only run traceroute(8), but run a tcpdump(8) too with the '-e' option. Check the MACs to see if the responses are _really_ coming back through the router. Remember, a traceroute(8) shows you the route packets take to get to a remote host. It tells you nothing about the route they take back. > > [Inappropriate cross-post to -stable removed.] > > > > On Sun, Sep 15, 2002 at 02:08:51PM -0500, Chris Byrnes wrote: > >> My /var/log/messages is being filled, non-stop, by these errors > >> looped: > >> > >> Sep 15 13:41:28 servername /kernel: arplookup xx.xxx.xx.xxx failed: > >> host is not on local network > >> Sep 15 13:41:28 servername /kernel: arplookup xx.xxx.xx.xxx failed: > >> host is not on local network > >> > >> After doing some reading, I've already issued, "sysctl -w > >> net.link.ether.inet.log_arp_wrong_iface=0" thinking that would fix the > >> problem. Unfortunately, it has not. > >> > >> Any ideas? > > > > This is a netmask problem, but not really the one that other people have > > described. This is how it usually works. Your troubled machine above, > > "servername," receives an ARP who-has from another machine on the LAN > > called "clientname." However, the IP address that clientname gives as a > > source does not match up to any local networks that > > servername knows about. > > > > For example, say servername has an address of 192.0.2.10/25. The other > > machine has 192.0.2.210/24. When servername gets an ARP (which is > > broadcast so servername gets it fine), > > > > who-has 192.0.2.10 tell 192.0.2.210 > > > > It gets confused. 192.0.2.210 is not local (as far as it is concerned) > > so it logs an error. > > > > Note that this is not a harmless error. These two machine cannot talk to > > each other. > > > > The fix, of course, is to make sure all machines on the same LAN have > > the same netmask. > > -- > > Crist J. Clark | cjclark@alum.mit.edu > > | cjclark@jhu.edu > > http://people.freebsd.org/~cjc/ | cjc@freebsd.org > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-stable" in the body of the message > > -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message