Hello listmates: I have an openSuse 11.1 box with multiple interfaces. One of these interfaces connects to a Cisco router which then connects via DSL to my ISP. There is an ip on the Linux interface and a corresponding IP on the cisco interface (of course) and both devices are setup with a netmask of 255.255.255.248. The default gateway for the Linux machine is set as the Cisco IP address. The Linux machine has another interface that connects to an inside network with a netmask of 255.255.255.0. The Linux machine runs iptables firewall and has ip forwarding turned on. I noticed that the Linux machine is sending ARP requests for almost all outside traffic to the Cisco router. This is one part of the conundrum. Shouldn't the Linux machine only arp for addresses it determines are on the local network? Whenever traffic has to be forwarded out to the Internet, the Linux machine sends an ARP for the destination address before TCP session setup. The second part of the conundrum is that the Cisco router actually answers and in the arp table of the Linux machine, I end up having hundreds of public IP addresses all associated with the MAC address of the Cisco router. Does anyone else see this? I would not have thought this type of arp'ing from Linux was standard behavior. Thanks in advance for any insight. -- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org