ARP Messages

Maechler Philippe pmaechler at glattnet.ch
Thu Feb 28 14:52:53 UTC 2008 

Hi Erik

> -----Original Message-----
> From: Erik Norgaard [mailto:norgaard at locolomo.org] 
> Sent: Wednesday, February 27, 2008 10:01 AM
> To: Maechler Philippe
> Cc: freebsd-questions at freebsd.org
> Subject: Re: ARP Messages
> 
> 
> Maechler Philippe wrote:
> >>>  -------------                           
> >>> |   server    |      switch      switch  
> >>> |192.168.3.222|----[(3.x/24)]--[(3.x/24)]
> >>> |80.242.192.80|bge1                |     
> >>>   -------------                    |
> >>>        |bge0                        -------------------
> >>>        |                                               |
> >>>     [switch]----[Gateway 80.242.192.65]---[INTERNET]   |
> >>>        |                                               |
> >>>        |                                               |
> >>>     [switch]                                           |
> >>>        |                                               |
> >>>        |bge0                                           |
> >>>  ---------------------------------                     |
> >>> |  80.242.192.81 00:19:bb:25:7b:63|                    |
> >>> | 192.168.3.226  00:19:bb:25:7b:64|--------------------
> >>>  ---------------------------------
> >> Do you see the same loop as I do?
> >>
> >> Request goes out on one interface, response comes back on
the
> > other -
> >> pretty much what the message says.
> >>
> > 
> > Yes I see the loop, the error messages make sense but don't 
> understand 
> > it :/ I set up extra routes for the private network so how
can a 
> > packet from the public interface arrive at a private one?
> > 
> > I'll recheck the cabeling, the routes on the servers and the
switch 
> > the're connected to and give you feedback here
> 
> Well, it appears to me that you are on the wrong box to solve
the 
> problem. The server sends an error message as it should.
> 
> What happens is that your unnamed box receives an arp request
on its 
> bge0 interface, but sends the respond on its bge1 interface. 
> You can use 
> snort to listen for arp packets to see what's going on.
> 
> I do not know why you have created a loop, with correct routing
and 
> firewall there should be no need for a loop. The easy solution
is to 
> pull a cable - either one on that unnamed box.
> 

Ok I rechecked everything and found the loop. There was a
"missconfiguration/misscabling" on one switch/vlan which caused
leaking arp-broadcast packages to other ports :(

Thanks to all for your hints and help
Philippe

More information about the freebsd-questions mailing list