Subject: kern/7490: ARP entries can be overwritten from wrong interface
To: None <gnats-bugs@gnats.netbsd.org>
From: None <rhialto@polder.ubc.kun.nl>
List: netbsd-bugs
Date: 04/28/1999 13:51:29
>Number:         7490
>Category:       kern
>Synopsis:       ARP entries can be overwritten from wrong interface
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people (Kernel Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Apr 28 13:50:00 1999
>Last-Modified:
>Originator:     Rhialto
>Organization:
	
>Release:        1.3.3
>Environment:
	
System: NetBSD polder 1.3.3 NetBSD 1.3.3 (ROUTER) #13: Sun Apr 25 17:56:09 CEST 1999 rhialto@polder:/usr/src/sys/arch/i386/compile/ROUTER i386


>Description:
	
	I had configured a gateway to respond to several IP addresses
	for purposes of NAT. To do that I needed to add ARP entries
	for these IP addresses corresponding to the appropriate
	Ethernet address.

	Then an incorrectly configured machine came along, set to one
	of the same IP adresses. This machine was on the OTHER interface:
	its IP address did not correspond to the network it was in.
	But still the ARP entry for this IP address was overwritten and
	of course never restored.

	Lossage ensued.

	Of course, the system should only accept ARP info if such
	info comes from an interface that has the same network number.

	(This looks a lot like my previous PR but I suffered from two
	bugs at once)
>How-To-Repeat:
	
	# arp -s ipaddr etheraddr pub
	configure another machine to use the same ip addr on another i/f.
	watch the ARP entry get overwritten.

>Fix:
	
	None supplied.
>Audit-Trail:
>Unformatted: