Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 17 Apr 2000 18:56:47 -0400 (EDT)
From:      miy <miyako@sakr.net>
To:        cjclark@home.com
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: network replies causing system messages flooding
Message-ID:  <Pine.BSF.4.10.10004171838230.4331-100000@sakr.net>
In-Reply-To: <20000416212801.C48499@cc942873-a.ewndsr1.nj.home.com>

next in thread | previous in thread | raw e-mail | index | archive | help



On Sun, 16 Apr 2000, Crist J. Clark wrote:

> On Sun, Apr 16, 2000 at 01:22:06AM -0400, miy wrote:
> > 
> > I originally had a windows box [10.0.0.2] connected to my cable connection
> > through a FreeBSD gateway running natd. I recently added a second windows
> > box to the network, and I it connects properly to the gateway, but I am 
> > getting flooded by the following system message:
> > 
> > arp: 10.0.0.4 is on ed1 but got reply from 00:80:c8:e8:ea:d7 on rl0
> > arp: 10.0.0.4 is on ed1 but got reply from 00:80:c8:e8:ea:d7 on rl0
> > arp: 10.0.0.4 is on ed1 but got reply from 00:80:c8:e8:ea:d7 on rl0
> > arp: 10.0.0.4 is on ed1 but got reply from 00:80:c8:e8:ea:d7 on rl0 
> > 
> > My natd configuration is as follows:
> > /sbin/natd -s -n rl0 -redirect_port tcp 10.0.0.2:2121 2121
> > /sbin/ipfw add 1000 divert 6668 ip from any to any via rl0
> > /sbin/ipfw add 1002 divert 6668 ip from 10.0.0.2/24 to any via rl0
> > 
> > 
> > #10.0.0.4 is the most recent windows box that was added to the network.
> 
> Well, if it weren't for the fact that you say that the 10.0.0.4 host
> is on your net behind the NAT gateway, I would think that you
> connected the 10.0.0.4 machine on the rl0 interface. Just to be safe,
> how do you have the network physically configured? You don't have both
> NICs on the gateway plugged into one hub or something like that,
> right?
> 
> It could be that someone else on your cable LAN is leaking RFC 1918
> addresses, and they make it over the modem to your machine. The modems
> should not do that, but the idea of a poorly configured ISP, even a
> coax cable one, never shocks me.


My network is configured with the cable modem connected to my FreeBSD
gateway machine (into rl0). The FreeBSD machine's second card (ed1) is 
connected to my hub's uplink. The two windows boxes (10.0.0.2 & 10.0.0.4)
are connected directly to the hub. 

I don't completely understand what leaking RFC 1918 addresses are. 
Are these essentially leaked packets from my ISP's local subnet (other
machines in my district) that are being collected by my gateway from the
cable modem? Are these causing the problem or is it an issue of my
physical configuration?

My system message buffer now has 10 pages or so worth of:
arp: 10.0.0.4 is on ed1 but got reply from 00:80:c8:e8:ea:d7 on rl0

I still have a lot to learn about configuring a home network, and I
appreciate both your help and your patience with me as I work through
this. 

Thanks again,
Fred



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10004171838230.4331-100000>