Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 18 Sep 2005 12:14:01 -0400
From:      Chuck Swiger <cswiger@mac.com>
To:        Motonori Shindo <mshindo@mshindo.net>
Cc:        freebsd-net@freebsd.org
Subject:   Re: ARP behavior in FreeBSD vs Linux
Message-ID:  <432D9249.9090202@mac.com>
In-Reply-To: <20050919.004531.92589257.mshindo@mshindo.net>
References:  <20050919.004531.92589257.mshindo@mshindo.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Motonori Shindo wrote:
> On FreeBSD (and I guess most Operating Systems as well), ARP reply is
> sent back only when the target IP address in ARP request matches with
> one of the IP addresses assigned to the interface through which the
> ARP Request is received.

This is correct behavior.  Normally, you should only be able to ARP an IP 
address which is on an interface connected to that subnet.

> In contrast, on Linux (by default), it
> responds as long as the target IP address in ARP Request matches with
> any "local" IP address on the system, which is not necessarily an IP
> address assigned to the interface through which the ARP request is
> received.

This sounds like "proxy ARPing" is enabled by default on your particular flavor 
of Linux.  I don't think they all do that, hopefully, any more than 
ipforwarding should be enabled by default just because a machine has two NICs.

> Is there any advantage/disadvantage in ARP implementation on FreeBSD
> over that of Linux? Thanks.

This information disclosure could potentially be a security problem, if Linux 
is providing the MAC address of a NIC not connected to the subnet without being 
explicitly configured to do so...although in practice very few people actually 
implement layer-2 security measures.

-- 
-Chuck



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?432D9249.9090202>