Re: arp, kernel 2.2.15 and 2.3.99-pre6

Date: Thu May 04 2000 - 13:57:00 EST


> The Ville's patch looks neat, and I like it.

It is not OK, Andrey. See below.

> I really think that all the "ARP hide" stuff is a crap. It doesn't have any
> clear meaning, only a pure shamanism.


> Checks for ARP sending via routing table is a good idea, provided that we get
> rid of the "hidden" flags. We may do it as Andi has done. Or we may do it
> in the following way: add "noarp" flag to routes, and if route lookup gives
> an entry with the flag being set, we do not send reply.

It is even worse than shamanism, it is sort of satanism. 8)8)

Please, hold one statement involatile: you must answer to unicast
ARP requests, not depending on anything. Host cannot know, how
requestor got initial information about your MAC.

Second: any scheme must be correlated with source address
selection. If you advertised wrong address and do some ARP blocking,
you introduce fatal bug.

> Anyway, "ARP hide" stuff is broken because it establishes additional

It was simple and easy to manage, at least. I delayed merging
it to 2.3 exactly because I still hope to converge to some
solution looking less ugly.

Does Andi patch help to solve the same problem, which "hidden"
solved? If it is, I definitely prefer arpfilter. [I am sorry,
my brain cache is busy now, I cannot answer myself fastly 8)]


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Sun May 07 2000 - 21:00:15 EST