From owner-freebsd-questions Thu Jan 2 6: 0:39 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C284837B401 for ; Thu, 2 Jan 2003 06:00:37 -0800 (PST) Received: from hotmail.com (f104.law15.hotmail.com [64.4.23.104]) by mx1.FreeBSD.org (Postfix) with ESMTP id 77C9043E4A for ; Thu, 2 Jan 2003 06:00:37 -0800 (PST) (envelope-from bill_moran2@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 2 Jan 2003 05:56:42 -0800 Received: from 66.132.12.15 by lw15fd.law15.hotmail.msn.com with HTTP; Thu, 02 Jan 2003 13:56:42 GMT X-Originating-IP: [66.132.12.15] From: "Bill Moran" To: y.grossel@hexanet.fr, freebsd-questions@freebsd.org Subject: Re: promiscuous mode / strange ethernet packets duplication problem Date: Thu, 02 Jan 2003 08:56:42 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 02 Jan 2003 13:56:42.0610 (UTC) FILETIME=[C7AB5D20:01C2B266] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >From: Yann GROSSEL > >Hi, > >We have several FreeBSD 4.7 boxes that put automatically >all their interfaces into promiscuous mode during the >boot process. What should I do to prevent this from >happening ? > >Our boxes are connected on a D-Link switch. We have noticed >a very weird behaviour from a few of these machines, I'll >try yo explain it : > >Our switch has a standard MAC address aging value of 300 seconds. >When one MAC address expires on the switch, the next packet targeted >to this MAC address is broadcasted on all ports of the switch (because >the switch doesn't remember anymore on what port the target MAC address >is). That at least seems to be normal. > >But each time an ethernet packet broadcasted as descrbibed above arrives >on the interfaces of our machines, these machines resend the packet to >the network, decrementing the TTL value bye one. I mean, these machines >are resending packets that are NOT targeted to them - neither the >destination MAC address OR the destination IP address of the packet >match the interface of the machine. > >This happends only on machines with interfaces in promiscuous mode >AND with net.inet.ip.forwarding = 1. There's your answer. Any machine with forwarding turned on will resend a packet that isn't destin for it. That's by design. It doesn't make much sense to me that you'd have a lot of machines with forwarding turned on. Usually only gateways use this. Honestly, I can't thing of any reason to have forwarding on if your machine only has 1 IP address. >As several boxes have this problem, they resend packets to each others >very quickly, generating a flood on the network. This flood only stop >when all TTL of packets reach 0 or when the switch finally re-learn >on what port is located the interface with the target MAC address. > >Does anybody have any clue about what this kind of problem may be ? Turn forwarding of on all but your gateways. -Bill _________________________________________________________________ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message