Re: [patch] sysctl to not log arp "host is not on local network"

To: tech-kern%netbsd.org@localhost
Subject: Re: [patch] sysctl to not log arp "host is not on local network"
From: christos%astron.com@localhost (Christos Zoulas)
Date: Thu, 13 Nov 2014 13:27:36 +0000 (UTC)

In article <5464904D.3020300%nbs-system.com@localhost>,
Adrien Urban  <adrien.urban%nbs-system.com@localhost> wrote:
>-=-=-=-=-=-
>-=-=-=-=-=-
>
>Hello,
>
>
>Hosts on our network tend to get "alot" of messages like:
>
>/netbsd: arplookup: unable to enter address for
>10.x.x.x@xx:xx:xx:xx:xx:xx on xennet1 (host is not on local network)
>
>Enough to get log/messages to get rotated every 6 hours.
>
>We know we do have such arp on our network, which is "normal" for us.
>Trying to search a way to reduce those messages, and prevent those
>specific messages to be logged, we couldn't find any option to.
>
>As there are already sysctl configs to suppress some arp messages, what
>about also adding a sysctl for that one ?
>
>
>Here is a patch that does exactly that, and nothing more. Of course,
>default behaviour unchanged, logging those per default.

While I would be inclined to add such a patch, why don't you use a packet
filter and kill the offending packet before it reaches the network stack.
This is a safer solution for me, since it handles the "known" case, and
it will warn if other broken machines appear in your network in the future.

christos

Follow-Ups:
- Re: [patch] sysctl to not log arp "host is not on local network"
  - From: Adrien Urban

References:
- [patch] sysctl to not log arp "host is not on local network"
  - From: Adrien Urban

Prev by Date: [patch] sysctl to not log arp "host is not on local network"
Next by Date: link-set
Previous by Thread: [patch] sysctl to not log arp "host is not on local network"
Next by Thread: Re: [patch] sysctl to not log arp "host is not on local network"
Indexes:

Home | Main Index | Thread Index | Old Index