Date: Mon, 21 Dec 1998 12:17:30 -0500 (EST) From: Patrick Nadeau <pnadeau@wave.home.com> To: wollman@FreeBSD.ORG, hackers@FreeBSD.ORG Subject: Locking arp entries Message-ID: <Pine.BSF.3.95q.981221121308.14010B-100000@foonly.scimitar.org>
next in thread | raw e-mail | index | archive | help
Originally sent to: wollman@freebsd.org
I recently had to make a mod to the kernel to fix a problem I had with
arp. I'm letting you know in case anyone else is interested in it.
In a nutshell I have an internal ethernet on the 10 network. I have a
number of machines on the inside and a multihomed FreeBSD box connected to
the Rogers @home service. It serves as a firewall and does the NAT for
the machines on the inside.
Somebody hooked up his machine to the Rogers network as 10.0.0.2. This
caused gratuitous arp packets to reach my firewall and corrupt the arp
entries for my inside host 10.0.0.2, making it unreachable.
The problem persisted for a whole day and became so bad I decided to add a
routing flag RTF_LOCK and some logic in in_arpinput to ignore packets if
the flag is on.
I also added code to set the lock flag to arp(8).
I am mentioning this to you because I noticed the comment
TODO: add "inuse/lock" bit
in if_ether.c and assumed somebody meant to get around to do it.
Let me know if you want to see the patches, it's not rocket science but it
really fixed my problem!
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.981221121308.14010B-100000>