Subject: Re: arp info overwritten
To: None <firstname.lastname@example.org>
From: Guenther Grau <Guenther.Grau@bk.bosch.de>
Date: 04/28/1999 22:52:36
"Andrew J . Kilpatrick" wrote:
> Hi, I'm running NetBSD i386 with a small internal LAN, and
> a cablemodem to the outside. I'm getting a lot of messages
> that my arp info has been overwritten for NIC mac addresses
> on my internal LAN. I'm using 192.168.0.* as my internal
> subnet and it seems as though there are arp messages coming
> in from outside. I have set up an ip filter and it is successfully
> blocking a lot of packets destined for 192.168.0.*. The arp
> messages are still coming in though, which is causing my
> other machines to boot off the network, killing x sessions
> and other nasty things.
> Cany anyone help?
Hmm, what does your network topology look like? Is it
sth. like this:
The Internet (tm:-) <--- cable modem ---> gateway <--- local ethernet
with the other local hosts hanging off the local ethernet?
If so, the gateway machine is not supposed to forward
the ARP-packets to your local ethernet unless you
enabled proxy-ARP on it. This is the desired setup.
The gateway machine can do all sorts of filtering
and NAT if you desire.
If you don't have a gateway machine, but connect the
ethernet interface of the cable modem directly
to your local ethernet LAN then, you'll probably
run into a lot more problems in the future anyway
(think of security ... :-)