On Sat, Sep 27, 2025 at 03:32:38PM -0400, Jon Maloy wrote:
On 2025-09-26 19:25, Jon Maloy wrote:
On 2025-09-23 23:22, David Gibson wrote:
On Tue, Sep 23, 2025 at 09:13:30PM -0400, Jon Maloy wrote:
Gratuitious ARP and unsolicitated NA should be handled with caution because of the risk of malignant users emitting them to disturb network communication.
[...]
+ req.ah.ar_op = htons(ARPOP_REPLY); + req.ah.ar_hrd = htons(ARPHRD_ETHER); + req.ah.ar_pro = htons(ETH_P_IP); + req.ah.ar_hln = ETH_ALEN; + req.ah.ar_pln = 4; + + /* ARP message */ + memcpy(req.am.sha, mac, sizeof(req.am.sha)); + memcpy(req.am.sip, &ip, sizeof(req.am.sip)); + memcpy(req.am.tha, MAC_BROADCAST, sizeof(req.am.tha)); + memcpy(req.am.tip, &ip, sizeof(req.am.tip));
So, I was trying to check if it made sense to use the same IP for both source and target here, and came across https://www.rfc-editor.org/rfc/rfc5227#section-3
Which suggests we should (counter intuitively) be using ARP requests, not ARP replies for announcements.
I have now read through it, and it seems to come to the conclusion that this is not advisable. In principle it should work, if all
What "this" refers to here is not clear to me.
implementations stick to standard, but there might be stacks which are not stateless in this regard, i.e., they only accepts ARP replies as a response to a sent request. In short, I think I will stick to my current approach, since it is evidently harmless and is proven to work.
///jon
My response above may look confusing.
Yes.. and I'm still confused. Without knowing what "this" is above, I'm not clear what "it" or "the other" are below either.
I had actually experimented with both methods, and had in my mind that it was the "ARP Announcement" implementation I had posted. It is now fixed.
That said, further investigation indicates that the other method is fully legit, and actually widely used (Windows, Cisco), although not by Linux.
My understanding of that RFC is that it is advising _against_ sending unsolicited ARP replies (as your earlier posted versions did). Instead, it advises sending ARP requests in order to announce a MAC to the networm. The history is confusing because "ARP announcements" and "gratuitous ARP" can and have been used to refer to both variants. Does that match your current understanding? -- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson