LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: using arptables to block ARP

from [Brett Simpson] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: using arptables to block ARP
From: Brett Simpson <simpsonb@xxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 18 Jun 2004 13:32:35 -0400 
On Fri, 2004-06-18 at 13:14, Joseph Mack wrote:
> Kjetil Torgrim Homme wrote:
> > 
> > we're in the process of upgrading our real servers to RHEL 3.0 WS, and
> > to avoid compiling our own kernel with Julian's hidden patch, I thought
> > I'd try using the arptables-jf package.
> 
> you can also use arp filtering, although no-one seems to be doing it

With Redhat WS?/ES/AS 3.0 with the latest kernel update includes Julians
ARP ignore patch.

/etc/sysctl.conf
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

/etc/sysconfig/network-scripts/ifcfg-lo:1
DEVICE=lo:1
IPADDR=192.168.0.57
NETMASK=255.255.255.255
NETWORK=192.168.0.0
ONBOOT=yes
ARP=no
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Compared performances fwm vs masq, Guillaume Arcas
Next by Date:  Re: using arptables to block ARP, Joseph Mack
Previous by Thread:  Re: using arptables to block ARP, Joseph Mack
Next by Thread:  Re: using arptables to block ARP, Joseph Mack
Indexes:  [Date] [Thread] [Top] [All Lists]