netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

proxy arp handling with multiple NICs

from [Kyle Sparger] [Permanent Link][Original]
To: netdev@xxxxxxxxxxx
Subject: proxy arp handling with multiple NICs
From: Kyle Sparger <ksparger@xxxxxxxxxxxxxxxxxxxx>
Date: Mon, 2 Oct 2000 14:33:56 -0400 (EDT)
Sender: owner-netdev@xxxxxxxxxxx 
Hi,

Found this email list in the maintainers file in 2.2.17, hopefully, it's
the right place to go.

I've been experiencing a problem with some of our multiple NIC servers, in
that all NICs reply when an arp request is sent to an IP on any one of the
NICs.  Here's a tcpdump log (addresses changed to protect the innocent) of
a request going to a 3 NIC system:

14:07:35.699706 B arp who-has xx.xx.xx.xxx tell 64.65.14.1
14:07:35.699905 P arp reply xx.xx.xx.xxx is-at 0:1:2:b:c1:9 (0:2:7e:a5:41:0)
14:07:35.700325 P arp reply xx.xx.xx.xxx is-at 0:50:da:46:eb:b9 (0:2:7e:a5:41:0)
14:07:35.700868 P arp reply xx.xx.xx.xxx is-at 0:1:2:5f:0:a4 (0:2:7e:a5:41:0)

Now, I understand that this has been an on-going with LVS as well, but I
propose that this is a problem for a reason different than that.  

Basically, what appears to be happening is that the sender picks one of
the MAC addresses.  That interface will receive the traffic, but send it
out the interface that has the IP address.  

If the interface receiving the traffic never sends traffic on it's own,
upstream switches never have the opportunity to learn a path to it, so
they continually flood the network.  This is a bad situation. :)

Now, as to my solution:  I propose that the behaviour being exibited is in
fact, a "proxy arp" (per RFC 1027), and that the arp_rcv code must NOT
send a reply unless one of the following two conditions is met:
        1.  The device sending the reply is the same device the
        requested IP address is installed on.
        2.  The device sending the reply has "proxy arp" enabled.

I attach a patch which seems to implement the change.  It is lightly
tested -- ie, it works for me -- and is against 2.2.17.  I have personally
seen the problem in 2.2.14 and 2.2.17, so I assume it exists in at least
14-17.  I did a quick review of 2.4.0-test8, and by my inexperienced eye,
it appears to suffer from the same problem.

Thanks,

Kyle Sparger - Senior System Administrator
Dialtone Internet - Extremely Fast Web Systems
(954) 581-0097 - Voice (954) 581-7629 - Fax
ksparger@xxxxxxxxxxxxxxxxxxxx
http://www.dialtoneinternet.net
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • proxy arp handling with multiple NICs, Kyle Sparger <=
Previous by Date:  Re: PATCH 2.4.0.9.2: export ethtool interface, kuznet
Next by Date:  Re: socklen_t instead of size_t in struct cmsghdr, kuznet
Previous by Thread:  socklen_t instead of size_t in struct cmsghdr, Jakub Jelinek
Next by Thread:  how many u32 filters?, Rafal Maszkowski
Indexes:  [Date] [Thread] [Top] [All Lists]