From owner-freebsd-security  Mon Mar  8 23:48:55 1999
Delivered-To: freebsd-security@freebsd.org
Received: from ns1.seidata.com (ns1.seidata.com [208.10.211.2])
	by hub.freebsd.org (Postfix) with ESMTP id 033C2150B4
	for <freebsd-security@FreeBSD.ORG>; Mon,  8 Mar 1999 23:48:31 -0800 (PST)
	(envelope-from mike@seidata.com)
Received: from localhost (mike@localhost)
	by ns1.seidata.com (8.8.8/8.8.5) with ESMTP id CAA01589;
	Tue, 9 Mar 1999 02:48:12 -0500 (EST)
Date: Tue, 9 Mar 1999 02:48:12 -0500 (EST)
From: <mike@seidata.com>
To: Paul MacKenzie <pc.mackenzie@utoronto.ca>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Quick question about arp error
In-Reply-To: <4.1.19990308175812.009d0310@mail.elehost.com>
Message-ID: <Pine.BSF.4.05.9903090245260.972-100000@ns1.seidata.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Mon, 8 Mar 1999, Paul MacKenzie wrote:

> But, what I do not understand is why is this happening? Is this a security
> risk? What if anything can be done to fix it? What causes it?

The cause is having different logical subnets on the same physical
ethernet segment.  The FreeBSD machine on subnet A sees arp from
sbunet B because they are physically attached, but it gets confused
because the addressing scheme says different subnets.

I get this here, as well, and I believe the only real fix is to keep
one subnet per physical wire...  i.e. don't have multiple logical
subnets on the same physical segment.

Later,

					-Mike




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message