Darren Spruell wrote:
Grab that exchange again with the -n flag to tcpdump. Include the MAC
address(es) of the cable modem if you can get them.
Here it is:
00:14:04.475261 arp who-has 192.168.0.10 tell 24.aaa.bbb.ccc
0001 0800 0604 0001 000b 06bc 7b0e 1891
8674 0000 0000 0000 c0a8 000a 1102 2234
c0a8 6401 008a 00bb 0000 2046 4445
00:14:04.475348 arp reply 192.168.0.10 is-at 0:20:78:1f:0:af
0001 0800 0604 0002 0020 781f 00af c0a8
000a 000b 06bc 7b0e 1891 8674 1102 2234
c0a8 6401 008a 00bb 0000 2046 4445
Did you mean get the MAC addresses from tcpdump? I didn't see the
cable modem box's MAC addresses in the dump file.
MAC address of OpenBSD PC's external NIC: 00:20:78:1f:00:af
Two MAC addresses listed in cable-modem box's admin screen:
00:0B:06:BC:7B:0A (labelled "Self")
00:0B:06:BC:7B:0E (labelled "Learned").
From the way they're labelled, I'm guessing the former is the cable-
modem box's external address and the latter its internal address.
Not sure how to confirm that guess.
J
