From owner-freebsd-isp@FreeBSD.ORG Fri Jan 20 00:52:20 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5D66E16A41F for ; Fri, 20 Jan 2006 00:52:20 +0000 (GMT) (envelope-from jeff@norristechs.net) Received: from scooby.norristechs.net (scooby.norristechs.net [71.36.89.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id A002343D46 for ; Fri, 20 Jan 2006 00:52:19 +0000 (GMT) (envelope-from jeff@norristechs.net) Received: from [127.0.0.1] [71.36.89.205] by scooby.norristechs.net with ESMTP (SMTPD-8.21) id A44101C0; Thu, 19 Jan 2006 17:52:17 -0700 Message-ID: <43D03441.6020702@norristechs.net> Date: Thu, 19 Jan 2006 17:52:17 -0700 From: Jeff at NorrisTechs Organization: NorrisTechs.NET.COM User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Edinilson J. Santos" References: <43CC3F2F.6090301@norristechs.net> <00b001c61b56$0fd3bd30$1d1de7c8@atinet.com.br> In-Reply-To: <00b001c61b56$0fd3bd30$1d1de7c8@atinet.com.br> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: FreeBSD ISP Subject: Re: ARP MESSAGES FILLING CONSOLE X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jan 2006 00:52:20 -0000 Thanks.. saved me some frustration and also not filling up the syslog either. ------------------------------------------------------------------------ */Jeff Norris/* /~ Web Hosting ~ VPN Solutions ~ Network Management ~ Design, deploy, kick ass. / *N*orris*Techs* dot net http://www.norristechs.net *AOL IM or Yahoo IM: _ ntshelper _* Edinilson J. Santos wrote: >Try to use in sysctl.conf > >net.link.ether.inet.log_arp_wrong_iface=0 > > >Edinilson >--------------------------------------------------------- >ATINET-Professional Web Hosting >Tel Voz: (0xx11) 4412-0876 >http://www.atinet.com.br > > >----- Original Message ----- >From: "Jeff at NorrisTechs" >To: "FreeBSD ISP" >Sent: Monday, January 16, 2006 10:49 PM >Subject: ARP MESSAGES FILLING CONSOLE > > > >Everyone, >First off, no attitude or sarcasm g; > >After running BSD since 4.0 I have come to love the feature rich set it >offers and stability as well. > >I have an interesting network situation. I have several BSD based >servers which are multi-hone (Two Nics) one Nic faces the internet, the >other faces a PRIVATE IP subnet and wireless DMZ. However since the >internet router is also the end point for the wireless DMZ I get a >barrage of ARP messages indicating the the private nic is receiving ARP >for the public network and vice versa. > >Heres a ascii drawing of whats going on. (example we will say that >10.0.0.0/8 is the public side and 192.168.100.0/24 is the private side) > >(INTERNET) 10.0.0.0/8 (again an exmple) > ! > ! > v > > ROUTER -----> (10.0.0.1/8)<-> WIRELESS (DMZ) 192.168.100.2/24 Connect >to Client AP below > ! BSD-1 10.0.0.200/8 (FXP0) > ! > ! > 10.0.0.5/8 > (NAT BOX) > ! > ! > ! BSD-1 192.168.100.200/24 (XL0) > PRIVATE 192.168.100.24 (NAT IP for PC etc) > ! > !--------(CLIENT AP) 192.168.100.5----------------^Connected to above AP > (Wireline to client AP 192.168.1.0/24) > > >Now BSD1 FXP0 (public) and XL0 (priate) are connected together to >common Layer network, not looped on a Layer2 level otherwise the network >would crash, but both NICs are connect in a broadcast domain. >If I down XL0 of course everthing is cool , and no ARP messages, but the >XL0 nic is used for management traffic. > >I could either put a router between the Client AP and the router-wireles >DMZ or leave XL0 down. >Move the client AP to the DMZ side and multinet the NAT box (all ready >done this) but NAT gets in the way for several applications (remote >server management) > >I would like to know if at all possible to disable ARP requests per NIC, >make static entiries that override any manual ARP request. > > > >