25.07.2019 13:00, Peter Suetterlin пишет:
I wonder if one of the network gurus around here can give me some hints on an
issue I'm seeing here:
We have a normal, visible IP address range for our observatory network. As we
also have lots of guests that want internet access, I prefer to have them in a
separate subnet (192.168 class), but using the same infrastructure.
For this, the central server has two IP addresses on its (bonded) interface,
and unknown clients get (via dhcp) an address in the 192 subnet, with the
servers 192 address as gateway, and its set up to do forwarding and
masquerading for them. This works fine (AFAICT)
However, the server log is full of martians (ARP requests) like this
Jul 25 09:00:26 helios kernel: IPv4: martian source 192.168.13.51 from 192.168.13.1, on
Jul 25 09:00:26 helios kernel: ll header: 00000000: ff ff ff ff ff ff 00 e0 81 24 72 bf
08 06 .........$r...
13.51 is one of those unknown clients, 13.1 is the secondary address of bond0
This is ARP request from your system; it goes out of 192.168.13.1 and is
received by the second interface on the same physical port too (because
it is broadcast). So it is the second IP that logs them.
As I understand martians, they would be packets
arriving on an interface that
is not configured for that network. But I do have both the address and a
routing entry for it, so I'm not really sure why it is regarding those as
martian. Is something wrong in my setup? Are they only logged, or completely
discarded? Can/should I just disable martian logging for this interface?
Or are there better solutions?
To unsubscribe, e-mail: opensuse-support+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-support+owner(a)opensuse.org