On Wed, Sep 18, 2002 at 02:55:32PM -0400, Jim wrote: > This is a very good explanation, however I have this identical scenario > with one of my co-los. I have gone round and round with the administrator > for over a year now with no solution. > > You make the statement below that these two machines can't communicate, > however I can ping and tracroute the offending machines, and they can do > the same in reverse. On traceroute, the traffic definitely travels > through the router as it should, but I still see these out of network ARP > requests. > > I know I'm confused :(
Actually, the communications can work depending on the situation. You can get some asymetric routing going where the machine with the smaller netmask is bouncing everything through a router and the other machine is talking back directly. The router is often, but not always, going to be generating ICMP redirects in such a scenario. They are another marker for this kind of misconfiguration. In your example, make sure to not only run traceroute(8), but run a tcpdump(8) too with the '-e' option. Check the MACs to see if the responses are _really_ coming back through the router. Remember, a traceroute(8) shows you the route packets take to get to a remote host. It tells you nothing about the route they take back. > > [Inappropriate cross-post to -stable removed.] > > > > On Sun, Sep 15, 2002 at 02:08:51PM -0500, Chris Byrnes wrote: > >> My /var/log/messages is being filled, non-stop, by these errors > >> looped: > >> > >> Sep 15 13:41:28 servername /kernel: arplookup xx.xxx.xx.xxx failed: > >> host is not on local network > >> Sep 15 13:41:28 servername /kernel: arplookup xx.xxx.xx.xxx failed: > >> host is not on local network > >> > >> After doing some reading, I've already issued, "sysctl -w > >> net.link.ether.inet.log_arp_wrong_iface=0" thinking that would fix the > >> problem. Unfortunately, it has not. > >> > >> Any ideas? > > > > This is a netmask problem, but not really the one that other people have > > described. This is how it usually works. Your troubled machine above, > > "servername," receives an ARP who-has from another machine on the LAN > > called "clientname." However, the IP address that clientname gives as a > > source does not match up to any local networks that > > servername knows about. > > > > For example, say servername has an address of 192.0.2.10/25. The other > > machine has 192.0.2.210/24. When servername gets an ARP (which is > > broadcast so servername gets it fine), > > > > who-has 192.0.2.10 tell 192.0.2.210 > > > > It gets confused. 192.0.2.210 is not local (as far as it is concerned) > > so it logs an error. > > > > Note that this is not a harmless error. These two machine cannot talk to > > each other. > > > > The fix, of course, is to make sure all machines on the same LAN have > > the same netmask. > > -- > > Crist J. Clark | [EMAIL PROTECTED] > > | [EMAIL PROTECTED] > > http://people.freebsd.org/~cjc/ | [EMAIL PROTECTED] > > > > To Unsubscribe: send mail to [EMAIL PROTECTED] > > with "unsubscribe freebsd-stable" in the body of the message > > -- Crist J. Clark | [EMAIL PROTECTED] | [EMAIL PROTECTED] http://people.freebsd.org/~cjc/ | [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
