[Top] [All Lists]

Re: Change proxy_arp to respond only for valid neighbours

To: "David S. Miller" <davem@xxxxxxxxxx>
Subject: Re: Change proxy_arp to respond only for valid neighbours
From: Julian Anastasov <ja@xxxxxx>
Date: Tue, 10 Feb 2004 00:32:56 +0200 (EET)
Cc: netdev@xxxxxxxxxxx, kuznet@xxxxxxxxxxxxx
In-reply-to: <>
References: <Pine.LNX.4.58.0402082234110.6268@u.domain.uli> <>
Sender: netdev-bounce@xxxxxxxxxxx

On Mon, 9 Feb 2004, David S. Miller wrote:

> > - the 'skb->pkt_type == PACKET_HOST' check has no semantic anymore,
> > the requestor should have same information no matter the packet
> > type. In all cases we add response delay for all requests, broadcast
> > or unicast, to help other authoritative hosts to reply before us.
> Do we really want to reply to all the garbage tcpdump causes us
> to capture?
> That is what the pkt_type is dealing with.  If we're in promiscuous
> mode, we'll hear ARP requests meant not for any of our devices, we
> should not proxy for them right?

        But this is true for local TIPs too. Do we need early check for
{HOST|BROADCAST} or you prefer it only for the proxy_arp case?

> RTCF_*NAT is dead wood, the existing route nating stuff is totally broken
> an unusable in 2.6.x, the eventual plan was to code up XFRM engine version
> of that feature but this is of course not done.  Since nobody is complaining
> about lack of routing NAT in 2.6.x, I think we should just kill off all 
> references
> and if someone gets inspired they can code up the XFRM engine version.

        I complained once but everything is doable with netfilter,
with more rules, of course.


Julian Anastasov <ja@xxxxxx>

<Prev in Thread] Current Thread [Next in Thread>