lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 19 Jan 2012 07:50:57 +0100
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Bill Fink <billfink@...dspring.com>
Cc:	"Prashant Batra (prbatra)" <prbatra@...co.com>,
	netdev@...r.kernel.org
Subject: Re: route problem

Le mercredi 18 janvier 2012 à 20:29 -0500, Bill Fink a écrit :
> On Wed, 18 Jan 2012, Eric Dumazet wrote:

> Actually, if I'm interpreting the "ip route list cache" output
> correctly, it appears it has local IP addresses of both 192.168.101.10
> and 192.168.101.20.
> 
> > local 192.168.101.10 from 192.168.101.101 dev lo  src 192.168.101.10 
> >     cache <local,src-direct>  iif eth1
> 
> > local 192.168.101.20 from 192.168.101.101 dev lo  src 192.168.101.20 
> >     cache <local,src-direct>  iif eth1
> 
> And since his gateway is 192.168.101.10, an apparently local
> IP address, that would probably explain the direct ARPS for
> 172.16.60.*.
> 

Ah ok, thanks.

Pity that such a convoluted setup must be guessed instead of clearly
explained in the initial mail.

Prashant, this is netdev mailing list, with more than a thousand
subscribers, you should send mails with your detailed setup, this will
save time for everyone.

If not, people will flag you as "yet another lazy student trying to
understand how things work"


> [Prashant] So is this the correct behavior? What my original intention
> was to capture the packets from the 
> interface acting as gateway. So with this behavior I will not be able
> to capture the packets as 172.16.60.* are not 
> present on the local machine, and it will not get any ARP response.
> Consider the gateway on a different machine, in which case ARP request
> will go for gateway IP, and local machine will 
> get the ARP response and send the packets to gateway.
> 
With the setup you gave, you said : 172.16.60.0/24 addresses are
directly reachable on eth1 device, with source address 192.168.101.20

Why should the kernel send an ARP request for 192.168.101.20, since its
one of its own IP address ?

For localy generated packets, why this machine would act as a 'gateway'
at all ? A gateway should forward packets, and first step would be to
_receive_ a packet, not sending one !



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ