From owner-freebsd-questions@FreeBSD.ORG Tue Aug 28 22:39:08 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3298916A418 for ; Tue, 28 Aug 2007 22:39:08 +0000 (UTC) (envelope-from colin@ips.gov.au) Received: from gatekeeper.ips.gov.au (ns.ips.gov.au [138.24.1.34]) by mx1.freebsd.org (Postfix) with SMTP id AEF3313C45D for ; Tue, 28 Aug 2007 22:39:07 +0000 (UTC) (envelope-from colin@ips.gov.au) Received: from gpo.dmz.ips.gov.au (gpo.dmz.ips.gov.au [138.24.8.4]) by gatekeeper.ips.gov.au (Postfix) with ESMTP id 86D1E20F01 for ; Wed, 29 Aug 2007 08:18:41 +1000 (EST) Received: from localhost (localhost.dmz.ips.gov.au [127.0.0.1]) by gpo.dmz.ips.gov.au (Postfix) with ESMTP id 7FC7B7E848; Wed, 29 Aug 2007 08:18:41 +1000 (EST) X-Virus-Scanned: amavisd-new at ips.gov.au Received: from gpo.dmz.ips.gov.au ([127.0.0.1]) by localhost (gpo.dmz.ips.gov.au [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gxHf7kWHLC4s; Wed, 29 Aug 2007 08:18:36 +1000 (EST) Date: Wed, 29 Aug 2007 08:19:13 +1000 From: Colin Yuile To: freebsd-questions@freebsd.org Message-Id: <20070829081913.a0234091.colin@ips.gov.au> Organization: IPS Radio and Space Services X-Mailer: Sylpheed 2.4.4 (GTK+ 2.10.14; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: routed corrupting arp table with multiple ip aliases ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Aug 2007 22:39:08 -0000 Hi all, I stumbled on this while trying to track down an mbuf leak on a new server. It seems that routed corrupts the arp table on FreeBSD 6.2 when there are more than one ip alias on an interface. The behaviour differs depending on whether routed is enable in rc.d or manually started after boot. How to repeat: configure multiple aliases on an interface if routed is not enabled in rc.d ping all aliases arp -a shows that each alias has the nics mac eg lnat.ips.gov.au (192.168.1.100) at 00:30:1b:ba:bb:01 on bge0 [permanent] knat.ips.gov.au (192.168.1.101) at 00:30:1b:ba:bb:01 on bge0 [permanent] run routed and wait a few seconds run arp -a again, the mac address for all aliases (except the last) will have changed to a 0 or 128 hex numbers seperated by :'s eg lnat.ips.gov.au (192.168.1.100) at 0 [permanent] knat.ips.gov.au (192.168.1.101) at 00:30:1b:ba:bb:01 on bge0 [permanent] All aliases are still pingable A netstat -r shows something like the following for the aliases 192.168.1.100 192.168.1.100 UHLW 1 30 lo0 => 192.168.1.100/32 link#1 UC 0 0 bge0 192.168.1.101 00:30:1b:ba:bb:01 UHLW 1 16 lo0 => 192.168.1.101/32 link#1 UC 0 0 bge0 If routed is enabled in rc.d and the system rebooted only the last alias shows with arp -a . A netstat -r shows something like the following for the aliases 192.168.1.100 192.168.1.100 UH 1 30 bge0 => 192.168.1.100/32 link#1 UC 0 0 bge0 192.168.1.101 00:30:1b:ba:bb:01 UHLW 1 16 lo0 => 192.168.1.101/32 link#1 UC 0 0 bge0 Only the primary ip and the last alias are pingable. I have tried this on several machines running 6.2- stable with similar results. Can anyone confirm this behaviour. Cheers Colin -- -- Colin Yuile (colin@ips.gov.au)