[c-nsp] unusual arp behavior
Alexey Toptygin
alexeyt at freeshell.org
Thu Feb 10 13:02:07 EST 2005
On Thu, 10 Feb 2005 sthaug at nethelp.no wrote:
>> I have noticed that some (all?) cisco routers don't respond to ARP
>> requests if the requestor IP address is not in the subnet of that router.
>
> That is the expected behavior.
No, not according to RFC826. If you read closely, the ARP responder is not
supposed to make any checks on the requestor IP address before replying.
>> RFC826 doesn't specify this behavior, and I haven't seen any other devices
>> do this.
>
> There are plenty of other devices that do the same, fortunately.
Like what? Linux and *BSD don't. Microsoft doesn't and documents it
(duplicate address detection support) in MSDN. Solaris doesn't.
>> It also breaks duplicate address detection on DHCP clients, which
>> uses 0.0.0.0 as the requestor IP address.
>
> Um, a DCHP client is supposed to ask for an IP address, and *then* it can
> start using ARP. In the DHCP request it is common to see 0.0.0.0 as the
> requestor address. Not in the ARP reqest, that would be very strange.
Yes, a DHCP client is supposed to ask for an address first, but when it
gets one it can try to arp for it with requestor IP 0.0.0.0 and refuse to
use it if someone answers. This is called duplicate address detection, and
is implemented by many DHCP clients.
Alexey
More information about the cisco-nsp
mailing list