Incorrect ARP table entries
Peter Jeremy
peter at rulingia.com
Thu Aug 23 02:28:36 UTC 2012
On 2012-Aug-22 14:02:01 +1000, Peter Jeremy <peter at server.rulingia.com> wrote:
>I've run into a problem where the ARP table on several of my hosts is
>apparently spontaneously replacing correct entries with incorrect MAC
>addresses. I've done some digging with tcpdump and can't identify the
>cause. I've tried to look in the code but lost my way since ARP and
>IP routing seem to be closely intermingled. I'm hoping someone might
>be able to shed some light on why it is behaving the way it is.
I've done some more detailed trawling through tcpdump captures and
found that this is another entry in the "never buy HP" collection.
It turns out the iLO is sending ARP requests with the correct link-
layer source MAC address in the Ethernet frame but the "sender
hardware address" in the ARP request is wrong - and (as required by
RFC826) FreeBSD is using the latter MAC address to update its ARP
table. Note that this iLO has a physically separate NIC and doesn't
have provision for shared NIC so there's no excuse for it's behaviour.
RFC826 is fairly clear that FreeBSD is behaving correctly in using the
"sender hardware address" in the ARP request (though it doesn't
specifically address the case where that is different to the link-layer
source address).
My work-around is to use arp(8) to permanently wire the correct MAC
address into the local ARP table.
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20120823/07c18c2d/attachment.pgp
More information about the freebsd-net
mailing list