From: Yann GROSSEL <[EMAIL PROTECTED]> Hi,We have several FreeBSD 4.7 boxes that put automatically all their interfaces into promiscuous mode during the boot process. What should I do to prevent this from happening ? Our boxes are connected on a D-Link switch. We have noticed a very weird behaviour from a few of these machines, I'll try yo explain it : Our switch has a standard MAC address aging value of 300 seconds. When one MAC address expires on the switch, the next packet targeted to this MAC address is broadcasted on all ports of the switch (because the switch doesn't remember anymore on what port the target MAC address is). That at least seems to be normal. But each time an ethernet packet broadcasted as descrbibed above arrives on the interfaces of our machines, these machines resend the packet to the network, decrementing the TTL value bye one. I mean, these machines are resending packets that are NOT targeted to them - neither the destination MAC address OR the destination IP address of the packet match the interface of the machine. This happends only on machines with interfaces in promiscuous mode AND with net.inet.ip.forwarding = 1.
There's your answer. Any machine with forwarding turned on will resend a packet that isn't destin for it. That's by design. It doesn't make much sense to me that you'd have a lot of machines with forwarding turned on. Usually only gateways use this. Honestly, I can't thing of any reason to have forwarding on if your machine only has 1 IP address.
Turn forwarding of on all but your gateways.As several boxes have this problem, they resend packets to each others very quickly, generating a flood on the network. This flood only stop when all TTL of packets reach 0 or when the switch finally re-learn on what port is located the interface with the target MAC address. Does anybody have any clue about what this kind of problem may be ?
STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message