Raven, corporate courtesan
raven at oneeyedcrow.net
Mon Nov 5 13:11:56 EST 2001
Quoth Jeff Dike (Fri, Nov 02, 2001 at 06:59:21PM -0500):
> OK, so if an arp request comes in on an interface with proxy_arp on, and
> there's an arp entry in the routers cache for it, and the target machine
> doesn't live on the same ethernet strand, then it will reply with its own
> ethernet address. That explains things.
> One question, though. If a machine on one side of the router arps for a
> machine on the other side, and the router hasn't heard from that machine, the
> arp will fail, right?
> Are machines supposed to arp their own addresses
> occasionally, so this would be a temporary problem, when the other machine
> has just booted?
No -- the router or whatever device will update the arp cache
from the source of packets that it recieves. So if it gets a packet
from 10.1.1.17 with a source MAC address of 0A:32:B4:whatever, it will
automatically enter that into its arp cache. So any machine that's
sending packets (which would be most networked machines) should have an
updated entry in the arp cache.
Of course, this means that if you can packet-spoof, you can also
poison the ARP cache on your router. So it kind of sucks for LAN
"Oh -- oop, is Raven still here?"
"It's okay -- she's one of the guys. Come on, she's in a committed
relationship with a woman. That's more than you can say for most
of the rest of us."
-- Alex, on geek men
More information about the Techtalk