[rbak-nsp] route table poisoning ? (unsolicited ARP replay reaction) ?

Marcin Kuczera marcin at leon.pl
Thu Jun 2 05:26:06 EDT 2016



In log file I have a lot of:
May 30 04:09:15: %ARP-6-INFO: Unsolicited ARP reply from 192.168.0.120
(c4:54:44:da:a5:e4)

as a result:
[bgp1]R0_SE600#show ip ro
[bgp1]R0_SE600#show ip route 192.168.0.120
    Longest match Routing entry for 192.168.0.120/32 is 192.168.0.120/32
, version: 3705203
    Route Uptime: 7062w0d
    Paths: total 1, best path count 1

    Route has been downloaded to following slots
      iPPA: 01

    Path information :

      Active path :  
       Known via adjacency, type-hidden route, distance 254, metric 0,
      Tag 0, Next-hop 192.168.0.120, NH-ID 0x345001A4, Adj ID: slot
number=0, adj id=0x1a3, Interface vlan110
      Circuit 1/1:511:63:31/1/2/1022
      External Circuit :  1/1 vlan-id 110
[bgp1]R0_SE600#


Now - how to make it to ignore such ARP replays ?


VLAN 110 is a static bind interface towards Internet Exchange Point.

Regards,
Marcin



More information about the redback-nsp mailing list