Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 25 Aug 2005 12:02:13 -0700
From:      Jon Simola <>
To:        Colin Dick <>
Subject:   Re: Differences is arp requests FreeBSD vs Linux
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On 8/25/05, Colin Dick <> wrote:

>         My problem with my router dropping packets when moving to FreeBSD
> 4.11 from Linux appears to be related to arp.  This router sits between m=
> network and the upstream ADSL whole-sale ports.  I had thought that the
> upstream's Cisco was not advertising the customer local arps but that doe=
> not appear to be the case.  It must have been a (?broken?) function of
> Linux.

Looks like you're in Kamloops. I'm doing the same in Prince George
(almost certainly with the same provider), and we've had tons of
problems with $upstream on these and related issues.

>         When I grep the who-has arp entries from tcpdump on Linux, I only
> see addresses to or from the sub-interfaces (gateways) of the box.
>         When I grep the who-has arp entires from FreeBSD, I see the end
> users local arps as well.  With viruses and vulnerabilities the way they
> are this increase in arps seems to be causing errors on the Cisco.

I just recently worked through a problem with this. ARP storms on the
Cisco's VLANs were causing major packet loss on the 155Mbps fibre.
There was absolutely nothing I could fix on my router as the issue was
with the design and implementation of $upstream's DSL network and
their deviations from documentation that we were provided. The
problems slowly ramped up and were a direct result of the number of
DSL customers, and not the equipment we had in our network.

>         So, my question is, what can be done to silently discard the
> customer local arps or emulate the way the Linux router is functioning
> with ipfw? Is there a kernel opt that I can set at bootup?  Am I on the
> wrong track entirely?

This has to be done at the Cisco or at the customer's site. If you
think of the DSL network as a large switch, you can pretty quickly see
that some issues come up. If you've got 99 customers with DSL
(ignoring vpi/pvc stuff in the middle) then the Cisco functions as a
100 port switch, with your router hanging off of it and the 99 virtual
ports sharing a single physical fibre. There's not much that can be
done on your router's switch port to stop the other 99 from talking
amongst themselves.

I'm sure a lot of this is logical to a CCIE, but I learned the hard
way that some of the recommendations from $upstream on DSL reselling
were rather... imaginative.

Email me privately if you have any further questions about $upstream.

Jon Simola
Systems Administrator
ABC Communications

Want to link to this message? Use this URL: <>