Date: Thu, 3 Jun 1999 23:49:24 -0700 (PDT) From: Doug White <dwhite@resnet.uoregon.edu> To: Ken Lui <klui@cup.hp.com> Cc: questions@freebsd.org Subject: Re: Question about arp entry in /var/log/messages Message-ID: <Pine.BSF.4.03.9906032344040.774-100000@resnet.uoregon.edu> In-Reply-To: <199906020650.XAA15572@cup44ux.cup.hp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 1 Jun 1999, Ken Lui wrote: > >From dwhite@resnet.uoregon.edu Mon May 31 21:19:25 PDT 1999 > > I'm beginning to wonder if you don't have a loop in your network. I'd > > like to see the output of 'netstat -rn' again after the changes we made > > here. > > > > Also, if possible, crank up two tcpdumps, one on each interface. Then do > > something that illicits the error and check the dumps. Make sure packets > > aren't going the wrong way. > > I've run two tcpdumps per interface and with the exception of some > items at the beginning and the numbers after the timestamp, they're > the same. Looks like both interfaces are seeing packets on net 10 > and net 15. Here are the entries that show up under both dumps after > the following entry ends up in /var/log/messages: > Jun 1 21:14:05 black /kernel: arp: 10.0.0.1 is on lo0 but got reply from > 00:80:c8:fd:88:0d on ed1 _lo0_? Hm! Can I see ifconfig -a, please? Try to keep the whole message around since I'm trying to keep track of this. Do you have proxy arp turned on in the cisco? > 21:14:05.461124 arp who-has green.tmpest1.org tell black.tmpest1.org > 21:14:05.461600 arp reply green.tmpest1.org is-at 8:0:7:6f:1d:fe Is this the proper ether addr for green? > The beginning of ed1 (net 15) has the following when I first > establish a connection to my router (start of dump): > 21:10:28.449996 ce573230.cup.hp.com.iad3 > 15.75.12.3.domain: 1784+ (37) > 21:10:29.390619 ce573230.cup.hp.com.1033 > 15.75.12.3.domain: 23899+ (43) Lots of DNS lookups but no responses. > While ed2 (net 10) has the following (start of dump): > 21:11:48.500727 ce573230.cup.hp.com.1040 > 15.75.12.3.domain: 1785+ (60) > 21:11:48.572032 ce573230.cup.hp.com.1041 > 15.75.12.3.domain: 6263+ (43) ?? What is that stuff going that way? Let me clarify this. The interfaces are listed next to the IPs they're assigned, if I'm getting you right. > p.s. ce573230 is 15.75.136.174 (ed1) > cr873230 is my router, 15.75.136.169 > black is 10.0.0.1 (ed2) > green is 10.0.0.4 > 15.75.12.3 is the name server Doug White Internet: dwhite@resnet.uoregon.edu | FreeBSD: The Power to Serve http://gladstone.uoregon.edu/~dwhite | www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.03.9906032344040.774-100000>