From owner-freebsd-stable  Wed Sep 11 22:44:16 2002
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A7FCE37B400
	for <stable@FreeBSD.ORG>; Wed, 11 Sep 2002 22:44:14 -0700 (PDT)
Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D068E43E65
	for <stable@FreeBSD.ORG>; Wed, 11 Sep 2002 22:44:12 -0700 (PDT)
	(envelope-from eugen@svzserv.kemerovo.su)
Received: from svzserv.kemerovo.su (kost [213.184.65.82])
	by www.svzserv.kemerovo.su (8.12.5/8.12.5) with ESMTP id g8C5hxie032046;
	Thu, 12 Sep 2002 13:44:06 +0800 (KRAST)
	(envelope-from eugen@svzserv.kemerovo.su)
Message-ID: <3D802998.BD05F382@svzserv.kemerovo.su>
Date: Thu, 12 Sep 2002 13:43:52 +0800
From: Eugene Grosbein <eugen@svzserv.kemerovo.su>
Organization: SVZServ
X-Mailer: Mozilla 4.79 [en] (Win95; U)
X-Accept-Language: ru,en
MIME-Version: 1.0
To: Stacy Millions <stacy@millions.ca>
Cc: Ivajlo Nikolov <ivailon@mobikom.com>, stable@FreeBSD.ORG
Subject: Re: Static ARP table
References: <3D7F3D34.9BB71DB6@mobikom.com> <3D7F5D17.50609@millions.ca>
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

> If I understand you correctly, you want to disable the arp protocol so
> that the only entries in your arp table are the static ones that you
> add. If that is the case, you want to use the -arp option to ifconfig
> to disable arp on the interface in qestion.
> 
> Keep in mind, that disabling the arp protocol means your box will not
> respond to arp request, so all host on your network must be configured
> in this manner (I hope it is a small network :-)

There is http://www.FreeBSD.org/cgi/query-pr.cgi?pr=kern/40763

It introduces new sysctl named
net.link.ether.inet.strict_noarp with default value of 1.

This value corresponds to current meaning of IFF_NOARP.
One can change it to 0 to enable host to reply to ARP queries;
the ARP table is still protected from modifications
via interfaces marked as NOARP.

I have confirmation from several people that it works as expected.
I run it myself in production.

Eugene Grosbein

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message