From owner-freebsd-net@FreeBSD.ORG Sun Sep 18 17:15:34 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8998316A41F for ; Sun, 18 Sep 2005 17:15:34 +0000 (GMT) (envelope-from pieter@thedarkside.nl) Received: from mail.thelostparadise.com (129pc197.sshunet.nl [145.97.197.129]) by mx1.FreeBSD.org (Postfix) with ESMTP id D4E9143D46 for ; Sun, 18 Sep 2005 17:15:29 +0000 (GMT) (envelope-from pieter@thedarkside.nl) Received: from [195.16.84.92] (92-unused.virt-ix.net [195.16.84.92]) by mail.thelostparadise.com (8.13.1/8.13.1) with ESMTP id j8IHFPiG039468 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 18 Sep 2005 19:15:25 +0200 (CEST) (envelope-from pieter@thedarkside.nl) Message-ID: <432DA0AC.8010802@thedarkside.nl> Date: Sun, 18 Sep 2005 19:15:24 +0200 From: Pieter de Boer User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050805) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Chuck Swiger References: <20050919.004531.92589257.mshindo@mshindo.net> <432D9249.9090202@mac.com> In-Reply-To: <432D9249.9090202@mac.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: ARP behavior in FreeBSD vs Linux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Sep 2005 17:15:34 -0000 Chuck Swiger wrote: >> In contrast, on Linux (by default), it >> responds as long as the target IP address in ARP Request matches with >> any "local" IP address on the system, which is not necessarily an IP >> address assigned to the interface through which the ARP request is >> received. > This sounds like "proxy ARPing" is enabled by default on your particular > flavor of Linux. I don't think they all do that, hopefully, any more > than ipforwarding should be enabled by default just because a machine > has two NICs. What Motonori Shindo described is actually the default behaviour for Linux kernels (at least my 2.6.8-kernel does it by default). It could be seen as a sort of proxy-arp, but only for the host itself, not other systems. Let me try to describe when it happens. Say you have 192.168.42.42 bound on eth0 and have eth1 connected to some ethernet LAN. When a host on that eth1-connected LAN sends an 'arp who-has 192.168.42.42', a Linux system will answer that arp-request with it's eth1 MAC-address, although the IP-address is bound on eth0 and the arp request comes in on eth0. FreeBSD obviously doesn't do this. >> Is there any advantage/disadvantage in ARP implementation on FreeBSD >> over that of Linux? Thanks. I was unhappily surprised by this 'feature'. I find it pretty counter-intuitive. I expect two interfaces to be seperated inside a kernel, but Linux more or less binds them together. Incoming traffic on the 'wrong' interface will gladly be accepted, too. This broke things for me, because I didn't want to have that certain IP-address accessible. That said, this happens only when you have two interfaces connected to the same subnet, which is a bit evil anyhow. It may be beneficial for Linux to do things this way, perhaps for redundancy-purposes (two interfaces, one IP-address, IP reachable over both interfaces, when one fails, the other takes over.. no idea if that works out-of-the-box). -- Pieter