n Fri, 30 Apr 1999, Ignatios Souvatzis wrote:

> see pr7497 ... is this the right think to do?
> (I think yes, but want confirmation).
> 	-is

Since I am the originator of that kern/7489 and 7490, I thought that I
should do some research in the RFCs. I found rfc 826 (about ARP) and
1122 (Host Requirements) to be relevant. No others seemed relevant in
rfc 1880 (Internet Standards).

None of these standards discusses static ARP entries. They only assume
entries that are dynamically created. So the change I'm proposing is
merely backed up by my "common sense": if I added an ARP entry manually,
I had a reason for it and it should not be changed lightly. 

To get to the other change. Rfc 826 describes (but does not mandate) an
algorithm to update the ARP table. This algorithm always updates its
table if an arp packet comes in. It does not do much validation whether
it makes sense, if for instance it came in from the appropriate
interface. So again, the change I'm proposing is merely backed up by my
"common sense", in this case, hosts with addresses that do not fit the
network number they are on are misconfigured and are not to be trusted.

-Olaf.
--
___ Olaf 'Rhialto' Seibert - rhialto@polder.ubc. ---- Unauthorized duplication,
\X/ .kun.nl ---- while sometimes necessary, is never as good as the real thing.