Subject: kern/7490: ARP entries can be overwritten from wrong interface
To: None <gnats-bugs@gnats.netbsd.org>
From: None <rhialto@polder.ubc.kun.nl>
List: netbsd-bugs
Date: 04/28/1999 13:51:29
>Number: 7490
>Category: kern
>Synopsis: ARP entries can be overwritten from wrong interface
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people (Kernel Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Apr 28 13:50:00 1999
>Last-Modified:
>Originator: Rhialto
>Organization:
>Release: 1.3.3
>Environment:
System: NetBSD polder 1.3.3 NetBSD 1.3.3 (ROUTER) #13: Sun Apr 25 17:56:09 CEST 1999 rhialto@polder:/usr/src/sys/arch/i386/compile/ROUTER i386
>Description:
I had configured a gateway to respond to several IP addresses
for purposes of NAT. To do that I needed to add ARP entries
for these IP addresses corresponding to the appropriate
Ethernet address.
Then an incorrectly configured machine came along, set to one
of the same IP adresses. This machine was on the OTHER interface:
its IP address did not correspond to the network it was in.
But still the ARP entry for this IP address was overwritten and
of course never restored.
Lossage ensued.
Of course, the system should only accept ARP info if such
info comes from an interface that has the same network number.
(This looks a lot like my previous PR but I suffered from two
bugs at once)
>How-To-Repeat:
# arp -s ipaddr etheraddr pub
configure another machine to use the same ip addr on another i/f.
watch the ARP entry get overwritten.
>Fix:
None supplied.
>Audit-Trail:
>Unformatted: