[opensuse] Weird arp problem
![](https://seccdn.libravatar.org/avatar/8cf2daa7694e65578c8c683f05152e5f.jpg?s=120&d=mm&r=g)
Hello listmates: I have an openSuse 11.1 box with multiple interfaces. One of these interfaces connects to a Cisco router which then connects via DSL to my ISP. There is an ip on the Linux interface and a corresponding IP on the cisco interface (of course) and both devices are setup with a netmask of 255.255.255.248. The default gateway for the Linux machine is set as the Cisco IP address. The Linux machine has another interface that connects to an inside network with a netmask of 255.255.255.0. The Linux machine runs iptables firewall and has ip forwarding turned on. I noticed that the Linux machine is sending ARP requests for almost all outside traffic to the Cisco router. This is one part of the conundrum. Shouldn't the Linux machine only arp for addresses it determines are on the local network? Whenever traffic has to be forwarded out to the Internet, the Linux machine sends an ARP for the destination address before TCP session setup. The second part of the conundrum is that the Cisco router actually answers and in the arp table of the Linux machine, I end up having hundreds of public IP addresses all associated with the MAC address of the Cisco router. Does anyone else see this? I would not have thought this type of arp'ing from Linux was standard behavior. Thanks in advance for any insight. -- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
![](https://seccdn.libravatar.org/avatar/851d76b261abaeb6ac09dc67aacfc203.jpg?s=120&d=mm&r=g)
On Monday 19 October 2009 00:23:21 Moby wrote:
Hello listmates:
I have an openSuse 11.1 box with multiple interfaces. One of these interfaces connects to a Cisco router which then connects via DSL to my ISP. There is an ip on the Linux interface and a corresponding IP on the cisco interface (of course) and both devices are setup with a netmask of 255.255.255.248.
The default gateway for the Linux machine is set as the Cisco IP address. The Linux machine has another interface that connects to an inside network with a netmask of 255.255.255.0. The Linux machine runs iptables firewall and has ip forwarding turned on.
I noticed that the Linux machine is sending ARP requests for almost all outside traffic to the Cisco router. This is one part of the conundrum. Shouldn't the Linux machine only arp for addresses it determines are on the local network? Whenever traffic has to be forwarded out to the Internet, the Linux machine sends an ARP for the destination address before TCP session setup.
Hi Moby, what does the routing table on your linux machine look like (/bin/ip route) ? Regards .....Volker -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
![](https://seccdn.libravatar.org/avatar/8cf2daa7694e65578c8c683f05152e5f.jpg?s=120&d=mm&r=g)
Volker wrote:
On Monday 19 October 2009 00:23:21 Moby wrote:
Hello listmates:
I have an openSuse 11.1 box with multiple interfaces. One of these interfaces connects to a Cisco router which then connects via DSL to my ISP. There is an ip on the Linux interface and a corresponding IP on the cisco interface (of course) and both devices are setup with a netmask of 255.255.255.248.
The default gateway for the Linux machine is set as the Cisco IP address. The Linux machine has another interface that connects to an inside network with a netmask of 255.255.255.0. The Linux machine runs iptables firewall and has ip forwarding turned on.
I noticed that the Linux machine is sending ARP requests for almost all outside traffic to the Cisco router. This is one part of the conundrum. Shouldn't the Linux machine only arp for addresses it determines are on the local network? Whenever traffic has to be forwarded out to the Internet, the Linux machine sends an ARP for the destination address before TCP session setup.
Hi Moby,
what does the routing table on your linux machine look like (/bin/ip route) ?
Regards .....Volker
Thanks for the reply Volker. Just found the problem - I had some routes set by using the dev <ifname> syntax instead of specifying the next hop IP address. Apparently this causes the machine to send out arp requests through that interface for all connections to be able to determine the next hop IP address. Once I replaced the dev <ifname> with via <next hop ip>, the arp table growth became rational again. Now my next endeavor is going to be how to launch my own script when a dhcp interface comes up, and more importantly, how to pass dhcp information (ip address, default route etc) to my custom script, but that may end up being a question for another thread. Thanks again. -- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
![](https://seccdn.libravatar.org/avatar/e01b8e9d7672014c0a2b6cf5b65a67e6.jpg?s=120&d=mm&r=g)
On Mon, Oct 19, 2009 at 12:41:19PM -0500, Moby wrote: [ 8< ]
Now my next endeavor is going to be how to launch my own script when a dhcp interface comes up, and more importantly, how to pass dhcp information (ip address, default route etc) to my custom script, but that may end up being a question for another thread.
It is possible to call individual scripts per /etc/sysconfig/network/ifcfg-* file. There you need to define POST_UP_SCRIPT which points to a script available from /etc/sysconfig/network/scripts/ Unbelievable but true this is documented in the ifup man page. ;) Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
![](https://seccdn.libravatar.org/avatar/8cf2daa7694e65578c8c683f05152e5f.jpg?s=120&d=mm&r=g)
Lars Müller wrote:
On Mon, Oct 19, 2009 at 12:41:19PM -0500, Moby wrote: [ 8< ]
Now my next endeavor is going to be how to launch my own script when a dhcp interface comes up, and more importantly, how to pass dhcp information (ip address, default route etc) to my custom script, but that may end up being a question for another thread.
It is possible to call individual scripts per /etc/sysconfig/network/ifcfg-* file.
There you need to define POST_UP_SCRIPT which points to a script available from /etc/sysconfig/network/scripts/
Unbelievable but true this is documented in the ifup man page. ;)
Lars
Thanks Lars. I did indeed find the above in man ifup. I take that to mean I can create a script in /etc/sysconfig/network/script and then reference that script in /etc/sysconfig/network/ifcfg-dhcpif. The possible question I may have (still reading and trying to decide the best way to do this) is how dhcp data (most importantly default gateway) will be passed into my script. Thanks again. -- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
![](https://seccdn.libravatar.org/avatar/e01b8e9d7672014c0a2b6cf5b65a67e6.jpg?s=120&d=mm&r=g)
On Mon, Oct 19, 2009 at 01:30:51PM -0500, Moby wrote: [ 8< ]
I take that to mean I can create a script in /etc/sysconfig/network/script and then reference that script in /etc/sysconfig/network/ifcfg-dhcpif. The possible question I may have (still reading and trying to decide the best way to do this) is how dhcp data (most importantly default gateway) will be passed into my script.
Cf. /etc/sysconfig/network/if-up.d/21-dhcpcd-hook-samba This script should at least provide you enough background information how the dhcpcd or dhcp-client DHCP clients provide the information to the remaining parts of the system. Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
![](https://seccdn.libravatar.org/avatar/8cf2daa7694e65578c8c683f05152e5f.jpg?s=120&d=mm&r=g)
Lars Müller wrote:
On Mon, Oct 19, 2009 at 01:30:51PM -0500, Moby wrote: [ 8< ]
I take that to mean I can create a script in /etc/sysconfig/network/script and then reference that script in /etc/sysconfig/network/ifcfg-dhcpif. The possible question I may have (still reading and trying to decide the best way to do this) is how dhcp data (most importantly default gateway) will be passed into my script.
Cf. /etc/sysconfig/network/if-up.d/21-dhcpcd-hook-samba
This script should at least provide you enough background information how the dhcpcd or dhcp-client DHCP clients provide the information to the remaining parts of the system.
Lars
Many thanks Lars - I took a peek at it, I am writing one in Perl and it is able to hook into the dhcp up event fine now. I read /var/lib/dhcpcd-intname.info to get dhcp information. In case anyone else is interested, I can post the script either here or somewhere else. Thanks again. -- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Lars Müller
-
Moby
-
Volker