Re: [Ebtables-devel] [PATCH] don't answer gratuitous arp
Brought to you by:
bdschuym
Menu
▾
▴
Re: [Ebtables-devel] [PATCH] don't answer gratuitous arp
|
From: Bart De S. <bds...@pa...> - 2007-03-23 17:26:51
|
Op vr, 23-03-2007 te 09:36 +0200, schreef Ivan Vladimirov: > Carl-Daniel Hailfinger wrote: > > On 22.03.2007 21:36, Bart De Schuymer wrote: > > > >> Hi Patrick, > >> > >> The ebtables arpreply target should not answer gratuitous arp's as this > >> has no use and can give rise to problems when client machines > >> send gratuitous arp requests to check for ip conflicts, as reported by > >> Ivan Vladimirov. > >> The attached patch resolves this. > >> > > > > Please don't apply this patch! It causes more problems than it solves. > > Before the patch, a client machine has a chance to find out that its > > IP conflicts with one handled by the arpreply target. After the patch, > > there will still be an IP conflict, but it is now impossible to find > > that out for the affected machine. > > > > Regards, > > Carl-Daniel > > > You are wrong about ip conflict with machine having arpreply on it . In > case when client machine conflicts with server having arpreply target > arpreply wont answer but the network stack while answer so your consern > is pointless ... Can you explain yourself further, I tend to agree with Carl-Daniel's comment. Are you sure there is no configuration that will suffer from applying this patch? I'll add the --arp-gratuitous option to the ebtables arp match this weekend. That way we don't break anything and checking on gratuitous arp packets can be done elsewhere too. cheers, Bart |
