|
On Mon, 22 Nov 1999, Julian Anastasov wrote:
> Hi Stephen,
>
> On Sun, 21 Nov 1999, Stephen D. WIlliams wrote:
>
> > Of course the ARP code in the kernel needs to be fixed so my filter
> > code isn't needed. Still, I'm confused by this statement. The
> > IFF_NOARP flag determines whether a device arp replies or not.
> > What's wrong with honoring that? If you mean that arp replies
> > should never be sent on another interface, that what I currently
> > believe to be correct.
>
> My understanding is that 2.2.x ARP code is not buggy and
> there is no need to be "fixed".
Hi Julian,
Then I'm confused all again.
I thought the 2.0.36 implementation of [-]arp was just fine (it
did everything I wanted) and now that 2.2.x has a different behaviour I
would be quite happy to say it's a bug (or at least it's now different to
the other unices). It sounds like have a more subtle understanding of the
situation.
> IFF_NOARP means "Don't talk ARP on this device",
> from the 'man ifconfig':
>
> [-]arp Enable or disable the use of the ARP protocol on
> this interface.
to me this means do not reply to requests like "who has IP, tell host".
Is this right?
Since tunl0,dummy,lo are not associated with a hardware address,
what is returned in response to an arp request? Not a MAC address?
How does a packet get routed to a non-arping device?
> So, where is the bug ? The ARP code never talks through
> lo, dummy and tunl devices when they are set NOARP. It uses
> eth (ARP) device.
is this the 2.0.36 behaviour, the 2.2.x behaviour or what you think
is the correct behavour (according to the man page)
> If You hide all NOARP interfaces from the ARP protocol
> this is a bug. One example:
>
> +--------+ppp0 +------+
> | Host A |------------ppp link----------|ROUTER|------ The World
> +--------+A.B.C.1 (www.domain.com) +------+
> |eth0
> |A.B.C.2
> |
> |A.B.C.3
> +--------+
> | Host B |
> +--------+
I have this setup with Host A being a 2.0.36 box (which I have assumed
has the "correct" behaviour) and ppp0 is "NOARP". I can ping the IP of
the ppp0 device from Host B, which I wouldn't have expected for a NOARP
device.
I don't have a 2.2.x ppp box, but I can setup a tunl0 device on a Host A
running (unpatched) 2.2.13 and it is not pingable from Host B (I would
have thought it would be pingable from your first posting, which
describes dummy0 etc as arping devices on 2.2.x kernels).
I take it that you can ping a NOARP device on another box. I thought
you couldn't ping a NOARP device on another box.
In one of your earlier postings you pointed out that the dummy0
device in 2.2.x kernels does reply to pings and I took this to mean
that it was in the ARP state.
>
> Is it possible after your patch Host B to access www.domain.com ?
> How ?
snip
>
> On Nov 6 I posted one patch proposal to the
> linux-kernel list which adds the ability to hide interfaces
> from the ARP queries and replies. But the difference is that
> only specified interfaces are not replied, not all NOARP
> interfaces.
How is the behiour after your patch different to the 2.0.36 [-]arp
behviour, to the 2.2.x [-]arp behaviour?
Thanks
Joe
--
Joseph Mack mack@xxxxxxxxxxx
----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
|
