[c-nsp] Followup: ARP on ASR9k 4.3.2

Florian Lohoff f at zz.de
Wed Feb 12 10:58:43 EST 2014

On Wed, Feb 12, 2014 at 07:42:01AM -0800, Michael Loftis wrote:
> Not surprising to me actually since this behavior is the default for
> Linux.  Linux will also respond to ARPs where it shouldn't (set an IP
> on an lo interface or just another interface, and it will ARP reply
> for that IP on other interfaces that it does not belong on).

Answering to ARP is a different beast than accepting/snooping out of
link arp responses and putting it into your ARP Table. Linux does not do
this and i have never seen anybody else doing this.

And worst case is than trying to use out of link arp entries and trying
to send traffic there and then stumbling over your own feet and dropping
the packet.

Linux does by default to proxy-arp which one can turn of by sysctl

Florian Lohoff                                                 f at zz.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20140212/34f73ad7/attachment.sig>

More information about the cisco-nsp mailing list