From owner-freebsd-net@FreeBSD.ORG Thu Aug 23 02:28:36 2012 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9EC01106564A for ; Thu, 23 Aug 2012 02:28:36 +0000 (UTC) (envelope-from peter@rulingia.com) Received: from vps.rulingia.com (host-122-100-2-194.octopus.com.au [122.100.2.194]) by mx1.freebsd.org (Postfix) with ESMTP id 15FEA8FC08 for ; Thu, 23 Aug 2012 02:28:35 +0000 (UTC) Received: from server.rulingia.com (c220-239-249-137.belrs5.nsw.optusnet.com.au [220.239.249.137]) by vps.rulingia.com (8.14.5/8.14.5) with ESMTP id q7N2SYKk091533 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 23 Aug 2012 12:28:34 +1000 (EST) (envelope-from peter@rulingia.com) X-Bogosity: Ham, spamicity=0.000000 Received: from server.rulingia.com (localhost.rulingia.com [127.0.0.1]) by server.rulingia.com (8.14.5/8.14.5) with ESMTP id q7N2SSWl032996 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 23 Aug 2012 12:28:28 +1000 (EST) (envelope-from peter@server.rulingia.com) Received: (from peter@localhost) by server.rulingia.com (8.14.5/8.14.5/Submit) id q7N2SS20032995 for freebsd-net@freebsd.org; Thu, 23 Aug 2012 12:28:28 +1000 (EST) (envelope-from peter) Date: Thu, 23 Aug 2012 12:28:28 +1000 From: Peter Jeremy To: freebsd-net@freebsd.org Message-ID: <20120823022828.GA32766@server.rulingia.com> References: <20120822040201.GA96087@server.rulingia.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="AqsLC8rIMeq19msA" Content-Disposition: inline In-Reply-To: <20120822040201.GA96087@server.rulingia.com> X-PGP-Key: http://www.rulingia.com/keys/peter.pgp User-Agent: Mutt/1.5.21 (2010-09-15) Subject: Re: Incorrect ARP table entries X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Aug 2012 02:28:36 -0000 --AqsLC8rIMeq19msA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2012-Aug-22 14:02:01 +1000, Peter Jeremy wro= te: >I've run into a problem where the ARP table on several of my hosts is >apparently spontaneously replacing correct entries with incorrect MAC >addresses. I've done some digging with tcpdump and can't identify the >cause. I've tried to look in the code but lost my way since ARP and >IP routing seem to be closely intermingled. I'm hoping someone might >be able to shed some light on why it is behaving the way it is. I've done some more detailed trawling through tcpdump captures and found that this is another entry in the "never buy HP" collection. It turns out the iLO is sending ARP requests with the correct link- layer source MAC address in the Ethernet frame but the "sender hardware address" in the ARP request is wrong - and (as required by RFC826) FreeBSD is using the latter MAC address to update its ARP table. Note that this iLO has a physically separate NIC and doesn't have provision for shared NIC so there's no excuse for it's behaviour. RFC826 is fairly clear that FreeBSD is behaving correctly in using the "sender hardware address" in the ARP request (though it doesn't specifically address the case where that is different to the link-layer source address). My work-around is to use arp(8) to permanently wire the correct MAC address into the local ARP table. --=20 Peter Jeremy --AqsLC8rIMeq19msA Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlA1lUwACgkQ/opHv/APuIfYWQCeKOC5PMELctc2eOYiGTPdLqdY qgwAoKmQeoRZTdZ8O1vKepo2Zo9KrfMD =gxFG -----END PGP SIGNATURE----- --AqsLC8rIMeq19msA--