NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Any way to suppress select arp messages?

At Fri, 26 Aug 2011 16:51:45 -0400 (EDT), "Michael T. Davis" 
<> wrote:
Subject: Any way to suppress select arp messages?
>       We have a number of Windows systems with multiple network interfaces
> that are "ganged" via Intel's load balancing configuration.  Our NetBSD
> (i386 5.1 release) firewall keeps reporting ARP messages of the following 
> form:
> arp info overwritten for <ip-addr> by 00:06:5b:ef:29:9f
> arp info overwritten for <ip-addr> by 00:06:5b:ef:29:a0

I must admit ignorance of this Intel load balancing thing you speak of
but I'm a wee bit astounded by something which would cause such a
mis-configuration on purpose.  How's it work?  Does it use some other
protocol than IP, i.e. something that doesn't use ARP?

Or is it just for fail-over?

> Of course, there are cases where we would want to know when the IP address of
> a host seems to somehow migrate to another MAC address.  But in the case of
> these specific systems, where this behavior is unavoidable, we'd like to be
> able to suppress these notifications.

I think you might want to look at suppressing them after the kernel
generates them -- i.e. with a filter on your log viewer/analyzer.

And only filter those MACs for which you know this is just noise.

                                                Greg A. Woods
                                                Planix, Inc.

<>       +1 250 762-7675

Attachment: pgp5KwGBP8UrD.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index