From owner-freebsd-questions@FreeBSD.ORG Tue Dec 12 18:22:40 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4295616A6D7 for ; Tue, 12 Dec 2006 18:22:40 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from smtpout.mac.com (smtpout.mac.com [17.250.248.176]) by mx1.FreeBSD.org (Postfix) with ESMTP id B577343EF0 for ; Tue, 12 Dec 2006 18:19:43 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from mac.com (smtpin05-en2 [10.13.10.150]) by smtpout.mac.com (Xserve/8.12.11/smtpout06/MantshX 4.0) with ESMTP id kBCIKxWn001000; Tue, 12 Dec 2006 10:21:00 -0800 (PST) Received: from [17.214.13.96] (a17-214-13-96.apple.com [17.214.13.96]) (authenticated bits=0) by mac.com (Xserve/smtpin05/MantshX 4.0) with ESMTP id kBCIKumj021352; Tue, 12 Dec 2006 10:20:57 -0800 (PST) In-Reply-To: References: <20061203174849.GA4561@host.my.domain> <20061204154222.GA636@host.my.domain> <200612120014.22107.mapsware@prodigy.net.mx> <4448FE68-D588-4ABA-84E2-504582EFD80F@mac.com> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Chuck Swiger Date: Tue, 12 Dec 2006 10:20:55 -0800 To: Javier Henderson X-Mailer: Apple Mail (2.752.2) X-Brightmail-Tracker: AAAAAA== X-Brightmail-scanned: yes Cc: freeBSD List Subject: Re: How does my computer work with an empty arp table? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2006 18:22:40 -0000 On Dec 12, 2006, at 10:08 AM, Javier Henderson wrote: >> The ARP table only contains information about machines on the >> directly connected collision domain(s). > > Are you sure it's not the same broadcast domain? Yes. The term "collision domain" predates the wide deployment of switches, and switches have to treat ARPs in a special fashion: > A computer on port A on a switch would be on a different collision > domain than a computer on port B on the same switch, yet as long as > they're on the same VLAN (ie, broadcast domain), both would have > each other in their resepctive ARP tables if they were exchanging > Ethernet traffic. ...in particular, ARPOP_REQUEST traffic will be propagated to every port on the switch which is configured to be a part of that VLAN, or, quite possibly, other ports including "trunk ports" or sometimes even ports configured on other VLANs. [1] Many switches will do this for all ethernet packets with an ether_dhost (ie, destination MAC) of all-ones. -- -Chuck [1]: And yes, Virginia, this has negatory implications if your security relies on VLANs to actually be completely hidden from each other.