Date: Thu, 26 Jul 2001 14:23:52 -0500 From: "john taylor" <jdtaylor451@hotmail.com> To: freebsd-questions@freebsd.org Subject: ARP flipping address? Message-ID: <F213iQKYhDtgvux74kd00005bd2@hotmail.com>
next in thread | raw e-mail | index | archive | help
I have a Sonicwall XPRS firewall with a DMZ port that controls DoS attacks on our publicly addressable servers. The server is a FreeBSD 4.3-Release machine with a single NIC with a static, public IP running ProFTPd, Apache, SSH, Postfix. Due to the circumstance of when I first began noticing the flip I had thought that afpd (Mac file sharing over TCP) might be involved in the problem, but I have since rebuilt the machine without afpd, netatalk, and samba and the problem persists. I know that this issue is more than likely due to the configuration of the firewall, but hoped that someone here may recognize something with regard to FreeBSD in the problem. Alert shown from dmesg... arp: AAA.AAA.AAA.AAA moved from YY:YY:YY:YY:YY:YY to ZZ:ZZ:ZZ:ZZ:ZZ:ZZ on ep0 arp: ZZ:ZZ:ZZ:ZZ:ZZ:ZZ is using my IP address BBB.BBB.BBB.BBB! where... - BBB.BBB.BBB.BBB is the correct IP of the server's NIC - AAA.AAA.AAA.AAA is the public IP for the LAN - YY.YY.YY.YY.YY.YY is believed to be the MAC for the T1 router (Vina) - ZZ.ZZ.ZZ.ZZ.ZZ.ZZ is the MAC address of the Sonicwall firewall device Any ideas? TIA. John Taylor _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F213iQKYhDtgvux74kd00005bd2>