On 11/11/2013 2:12 AM, Kilburn Abrahams wrote: > On 11/11/2013 02:55 AM, Tom Eastep wrote: >> On 11/10/2013 2:37 AM, Kilburn Abrahams wrote: >>> Hi >>> >>> I got a server with dual nics. Each nic is connected to an dsl gateway. >>> This is essentially a dual standalone system with a single network >>> interface, but all Ethernet cables is using 1 switch. >>> >>> Eth0 and eth1 and 192.168.1.0/24 and 192.168.2.0/24 >>> >>> All is working fine, except I am getting these messages in the logs. >>> >>> kernel: [101768.560151] IPv4: martian source 192.168.2.255 from >>> 192.168.2.230, on dev eth0 >>> kernel: [101768.560160] ll header: 00000000: ff ff ff ff ff ff 00 25 90 >>> 57 d4 64 08 00 >>> >>> The switch does not have vlan capabilities, so I am putting the PC's >>> through the IP phone's and uplinked to the switch. The PC are in >>> 192.168.1.0/24 and Phones in 192.168.2.0/24 >>> >>> I have read the multiple ISP setup, but it is not exactly the same. I >>> removed routefilter and left logmartians in interfaces. >>> >>> I am not sure what I should be putting rules file to prevent this. The >>> other alternative I done is remove logmatians but I prefer to keep that >>> option. >> You need to use the arp_filter or arp_ignore interface option on both >> interfaces to prevent them from responding to who-has requests for the >> other one. >> >> -Tom >> > Tom, > > I tried all arp_ignore options and still get the same results.
It may take hours before the change takes effect because the upstream routers have cached the bogus ARP responses that they have been getting from your Shorewall box. You can possibly speed up the process by following the procedure under 'ARP Cache' at http://www.shorewall.org/ProxyARP.htm -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
