Date: Tue, 17 Jan 2006 09:06:26 -0200 From: "Edinilson J. Santos" <edinilson@atinet.com.br> To: "Jeff at NorrisTechs" <jeff@norristechs.net>, "FreeBSD ISP" <freebsd-isp@freebsd.org> Subject: Re: ARP MESSAGES FILLING CONSOLE Message-ID: <00b001c61b56$0fd3bd30$1d1de7c8@atinet.com.br> References: <43CC3F2F.6090301@norristechs.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Try to use in sysctl.conf net.link.ether.inet.log_arp_wrong_iface=0 Edinilson --------------------------------------------------------- ATINET-Professional Web Hosting Tel Voz: (0xx11) 4412-0876 http://www.atinet.com.br ----- Original Message ----- From: "Jeff at NorrisTechs" <jeff@norristechs.net> To: "FreeBSD ISP" <freebsd-isp@freebsd.org> Sent: Monday, January 16, 2006 10:49 PM Subject: ARP MESSAGES FILLING CONSOLE Everyone, First off, no attitude or sarcasm g; After running BSD since 4.0 I have come to love the feature rich set it offers and stability as well. I have an interesting network situation. I have several BSD based servers which are multi-hone (Two Nics) one Nic faces the internet, the other faces a PRIVATE IP subnet and wireless DMZ. However since the internet router is also the end point for the wireless DMZ I get a barrage of ARP messages indicating the the private nic is receiving ARP for the public network and vice versa. Heres a ascii drawing of whats going on. (example we will say that 10.0.0.0/8 is the public side and 192.168.100.0/24 is the private side) (INTERNET) 10.0.0.0/8 (again an exmple) ! ! v ROUTER -----> (10.0.0.1/8)<-> WIRELESS (DMZ) 192.168.100.2/24 Connect to Client AP below ! BSD-1 10.0.0.200/8 (FXP0) ! ! 10.0.0.5/8 (NAT BOX) ! ! ! BSD-1 192.168.100.200/24 (XL0) PRIVATE 192.168.100.24 (NAT IP for PC etc) ! !--------(CLIENT AP) 192.168.100.5----------------^Connected to above AP (Wireline to client AP 192.168.1.0/24) Now BSD1 FXP0 (public) and XL0 (priate) are connected together to common Layer network, not looped on a Layer2 level otherwise the network would crash, but both NICs are connect in a broadcast domain. If I down XL0 of course everthing is cool , and no ARP messages, but the XL0 nic is used for management traffic. I could either put a router between the Client AP and the router-wireles DMZ or leave XL0 down. Move the client AP to the DMZ side and multinet the NAT box (all ready done this) but NAT gets in the way for several applications (remote server management) I would like to know if at all possible to disable ARP requests per NIC, make static entiries that override any manual ARP request. -- ------------------------------------------------------------------------ */Jeff Norris/* /~ Web Hosting ~ VPN Solutions ~ Network Management ~ Design, deploy, kick ass. / *N*orris*Techs* dot net http://www.norristechs.net *AOL IM or Yahoo IM: _ ntshelper _* _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00b001c61b56$0fd3bd30$1d1de7c8>