lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20170206121842.GA7008@unicorn.suse.cz>
Date:   Mon, 6 Feb 2017 13:18:42 +0100
From:   Michal Kubecek <mkubecek@...e.cz>
To:     netdev@...r.kernel.org
Cc:     Shaaa <shaolinfinest@...il.com>
Subject: Re: Pseudo-Interface is returning wrong mac address

On Fri, Feb 03, 2017 at 05:56:31AM +0000, Shaaa wrote:
> 
> I am trying to setup macvlans on a centos7 box. The plan is to have
> 10.1.1.1/24 on the *main* interface, and then a 10.1.1.10/32 on a
> macvlan interface. Output below:
> 
> 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP qlen 1000
>     link/ether 01:0d:26:9d:cd:16 brd ff:ff:ff:ff:ff:ff
>     inet 10.1.1.1/24 brd 10.1.1.1.255 scope global ens33
>        valid_lft forever preferred_lft forever
> 8: peth1@...33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UNKNOWN qlen 1000
>     link/ether 02:1a:11:ed:22:ac brd ff:ff:ff:ff:ff:ff
>     inet 10.1.1.10/32 scope global peth1
>        valid_lft forever preferred_lft forever
> 
> 
> The problem is whenever I do arping 10.1.1.10 from another another
> host on the network, the mac address of ens33 is returned as opposed
> to peth0. I am not entirely sure whether this is intended behaviour or
> whether it is a bug, but from what I have gathered, the mac of peth0
> should be returned.

Yes, it's intentional and it's not specific to macvlan; you can observe
similar effect whenever you connect two interfaces to the same segment.
By default, linux kernel responds to an ARP query for any local address
on any interface (sometimes called "ARP flux"). This behaviour can be
changed via sysctl, see arp_ignore and arp_filter in
Documentation/networking/ip-sysctl.txt

Michal Kubecek

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ