From owner-freebsd-questions@FreeBSD.ORG Thu Feb 26 03:37:09 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A4C816A4CE for ; Thu, 26 Feb 2004 03:37:09 -0800 (PST) Received: from smtp.mailbox.co.uk (smtp.mailbox.net.uk [195.82.125.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 687A643D2D for ; Thu, 26 Feb 2004 03:37:08 -0800 (PST) (envelope-from waynep@smtp.penguinpowered.org) Received: from [212.18.250.170] (helo=smtp.penguinpowered.org) by smtp.mailbox.co.uk with esmtp (Exim 3.36 #1) id 1AwJpC-0004rP-00 for freebsd-questions@freebsd.org; Thu, 26 Feb 2004 11:37:06 +0000 Received: from waynep by smtp.penguinpowered.org with local (Exim 4.30; FreeBSD) id 1AwJrK-000FN1-9L for freebsd-questions@freebsd.org; Thu, 26 Feb 2004 11:39:18 +0000 Date: Thu, 26 Feb 2004 11:39:18 +0000 From: Wayne Pascoe To: freebsd-questions@freebsd.org Message-ID: <20040226113918.GA58296@marvin.penguinpowered.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-System: FreeBSD i386 with kernel 5.1-RELEASE-p10 Sender: Wayne Pascoe Subject: Different networks on same switch X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Feb 2004 11:37:09 -0000 Hi all, I have a firewall with three network cards. There are two networks on the inside of the firewall. One is private IP's and those are NATted by the firewall. The other is public IP's being protected by the firewall. The two internal networks used to be on separate switches. All of the machines on that network connected to a switch, and that switch connected to the firewall. I've had to move all of the connections to a single switch, and since then, I've been seeing the following in my firewall logs: Feb 26 11:30:40 styx-tmp kernel: arp: 192.168.2.1 is on lo0 but got reply from 00:01:03:48:79:2d on xl1 Feb 26 11:31:18 styx-tmp kernel: arp: 193.xxx.xxx.1 is on lo0 but got reply from 00:04:76:8c:95:db on xl0 Feb 26 11:36:00 styx-tmp kernel: arp: 192.168.2.1 is on lo0 but got reply from 00:01:03:48:79:2d on xl1 Feb 26 11:40:17 styx-tmp kernel: arp: 193.xxx.xxx.1 is on lo0 but got reply from 00:04:76:8c:95:db on xl0 I've tried the following: - Deleting all arp entries (arp -da) - Adding specific arp entries for the IP's as follows: arp -s 193.xxx.xxx.1 00:04:76:8c:95:db and arp -s 193.xxx.xxx.1 00:04:76:8c:95:db only and done the same for the 192 IP and ether address. Is there any way I can resolve this, or do I have to go back to multiple switches ? Is this causing any problems ? The reason I ask all of this is that people on the 192 network are complaining about occasional lags. Regards, -- Wayne Pascoe You cannot apply a technological solution to a sociological problem. (Edwards' Law)