From owner-freebsd-net@FreeBSD.ORG Fri Oct 21 23:55:27 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9F1001065673 for ; Fri, 21 Oct 2011 23:55:27 +0000 (UTC) (envelope-from prvs=1275951b39=killing@multiplay.co.uk) Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23]) by mx1.freebsd.org (Postfix) with ESMTP id 2D6128FC0C for ; Fri, 21 Oct 2011 23:55:26 +0000 (UTC) X-MDAV-Processed: mail1.multiplay.co.uk, Sat, 22 Oct 2011 00:44:14 +0100 X-Spam-Processed: mail1.multiplay.co.uk, Sat, 22 Oct 2011 00:44:14 +0100 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on mail1.multiplay.co.uk X-Spam-Level: X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST shortcircuit=ham autolearn=disabled version=3.2.5 Received: from r2d2 ([188.220.16.49]) by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23]) (MDaemon PRO v10.0.4) with ESMTP id md50015726281.msg for ; Sat, 22 Oct 2011 00:44:13 +0100 X-MDRemoteIP: 188.220.16.49 X-Return-Path: prvs=1275951b39=killing@multiplay.co.uk X-Envelope-From: killing@multiplay.co.uk X-MDaemon-Deliver-To: freebsd-net@freebsd.org Message-ID: <02FFC9CF360C4E2F81B00B653DE1584E@multiplay.co.uk> From: "Steven Hartland" To: Date: Sat, 22 Oct 2011 00:44:07 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5931 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6109 Subject: very strange arp problem after ip move - icmp works udp doesn't X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Oct 2011 23:55:27 -0000 After a HD failure we moved an IP of one of our DNS servers to some new hardware. Now we are seeing some very strange behaviour on a number of machines when talking to the ip which was moved. Specifically it seems both icmp and tcp work just fine but udp doesn't. I've just done a trace from one such box and to my horror the tcpdump shows icmp and udp traffic for the same IP going to different mac's. icmp is going to the right mac and is working fine but udp is going to the wrong mac and isn't (as you would expect) In /var/log/messages there are arp messages which show the ip moving from -> to the correct macs but it seems like something somewhere is caching the resolution. arp -a also show's the correct result and arp -d -a doesn't help. So the question how on earth is udp resolving the mac to something different than icmp and tcp? To complicate matters even further some machines are working intermittently and the traces show the udp some times going to the right place and some times not. In all tests we're using just a dig with a specified server. The machines involved are all running 8.2-RELEASE on amd64 Any help would be most appreciated as its causing chaos due to the IP that moved being our DNS servers and hence things are randomly stalling left right and center :( Regards Steve ================================================ This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to postmaster@multiplay.co.uk.