Patrik Lahti
2009-11-02 18:23:13 UTC
Hi folks,
NetBSD has code that drops s.c. ARP probes (and therefore don't answer),
see if_arp.c in_arpinput():
/*
* If the source IP address is zero, this is most likely a
* confused host trying to use IP address zero. (Windoze?)
* XXX: Should we bother trying to reply to these?
*/
if (in_nullhost(isaddr)) {
ARP_STATINC(ARP_STAT_RCVZEROSPA);
goto out;
}
ARP probes are used by DHCP in RFC 2131 (see e.g. section 4.4.1 p38),
IPv4 Link-local addressing in RFC 3927 and further clarified in RFC 5227
(this is a good read on the topic btw!). Because NetBSD drops these, it
won't defend its own IP addresses and other nodes implementing ARP
probing according to these RFCs may end up using the addresses thinking
they're not duplicate.
I believe Gratuitous ARP works though. So if they detect address
duplication then an administrator will be notified and can correct the
problem manually. But then we've turned zeroconf into non-zeroconf :-)
and NetBSD users' addresses get pushed around :-(
For some data points I checked a couple of other implementations. It
looks like OpenBSD, FreeBSD, Dragon Fly BSD, Open Solaris and Linux
handles ARP probes:
http://fxr.watson.org/fxr/source/netinet/if_ether.c?v=OPENBSD#L561
http://fxr.watson.org/fxr/source/netinet/if_ether.c#L612 (FreeBSD)
http://fxr.watson.org/fxr/source/netinet/if_ether.c?v=DFBSD#L778
http://fxr.watson.org/fxr/source/net/ipv4/arp.c?v=linux-2.6#L805
http://fxr.watson.org/fxr/source/common/inet/arp/arp.c?v=OPENSOLARIS#L3555
I believe it is a simple fix, see below. Please let me know your
thoughts. I'm a bit new to NetBSD so go easy :-)
Cheers!
/P
Index: src/sys/netinet/if_arp.c
===================================================================
RCS file: /cvsroot/src/sys/netinet/if_arp.c,v
retrieving revision 1.147
diff -u -r1.147 if_arp.c
--- src/sys/netinet/if_arp.c 16 Sep 2009 15:23:04 -0000 1.147
+++ src/sys/netinet/if_arp.c 2 Nov 2009 18:19:50 -0000
@@ -969,16 +969,6 @@
}
/*
- * If the source IP address is zero, this is most likely a
- * confused host trying to use IP address zero. (Windoze?)
- * XXX: Should we bother trying to reply to these?
- */
- if (in_nullhost(isaddr)) {
- ARP_STATINC(ARP_STAT_RCVZEROSPA);
- goto out;
- }
-
- /*
* Search for a matching interface address
* or any address on the interface to use
* as a dummy address in the rest of this function
@@ -1054,6 +1044,14 @@
goto out;
}
+ /*
+ * If the source IP address is zero, then this is an ARP probe.
+ */
+ if (in_nullhost(isaddr)) {
+ ARP_STATINC(ARP_STAT_RCVZEROSPA);
+ goto reply;
+ }
+
if (in_hosteq(isaddr, myaddr)) {
ARP_STATINC(ARP_STAT_RCVLOCALSPA);
log(LOG_ERR,
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
NetBSD has code that drops s.c. ARP probes (and therefore don't answer),
see if_arp.c in_arpinput():
/*
* If the source IP address is zero, this is most likely a
* confused host trying to use IP address zero. (Windoze?)
* XXX: Should we bother trying to reply to these?
*/
if (in_nullhost(isaddr)) {
ARP_STATINC(ARP_STAT_RCVZEROSPA);
goto out;
}
ARP probes are used by DHCP in RFC 2131 (see e.g. section 4.4.1 p38),
IPv4 Link-local addressing in RFC 3927 and further clarified in RFC 5227
(this is a good read on the topic btw!). Because NetBSD drops these, it
won't defend its own IP addresses and other nodes implementing ARP
probing according to these RFCs may end up using the addresses thinking
they're not duplicate.
I believe Gratuitous ARP works though. So if they detect address
duplication then an administrator will be notified and can correct the
problem manually. But then we've turned zeroconf into non-zeroconf :-)
and NetBSD users' addresses get pushed around :-(
For some data points I checked a couple of other implementations. It
looks like OpenBSD, FreeBSD, Dragon Fly BSD, Open Solaris and Linux
handles ARP probes:
http://fxr.watson.org/fxr/source/netinet/if_ether.c?v=OPENBSD#L561
http://fxr.watson.org/fxr/source/netinet/if_ether.c#L612 (FreeBSD)
http://fxr.watson.org/fxr/source/netinet/if_ether.c?v=DFBSD#L778
http://fxr.watson.org/fxr/source/net/ipv4/arp.c?v=linux-2.6#L805
http://fxr.watson.org/fxr/source/common/inet/arp/arp.c?v=OPENSOLARIS#L3555
I believe it is a simple fix, see below. Please let me know your
thoughts. I'm a bit new to NetBSD so go easy :-)
Cheers!
/P
Index: src/sys/netinet/if_arp.c
===================================================================
RCS file: /cvsroot/src/sys/netinet/if_arp.c,v
retrieving revision 1.147
diff -u -r1.147 if_arp.c
--- src/sys/netinet/if_arp.c 16 Sep 2009 15:23:04 -0000 1.147
+++ src/sys/netinet/if_arp.c 2 Nov 2009 18:19:50 -0000
@@ -969,16 +969,6 @@
}
/*
- * If the source IP address is zero, this is most likely a
- * confused host trying to use IP address zero. (Windoze?)
- * XXX: Should we bother trying to reply to these?
- */
- if (in_nullhost(isaddr)) {
- ARP_STATINC(ARP_STAT_RCVZEROSPA);
- goto out;
- }
-
- /*
* Search for a matching interface address
* or any address on the interface to use
* as a dummy address in the rest of this function
@@ -1054,6 +1044,14 @@
goto out;
}
+ /*
+ * If the source IP address is zero, then this is an ARP probe.
+ */
+ if (in_nullhost(isaddr)) {
+ ARP_STATINC(ARP_STAT_RCVZEROSPA);
+ goto reply;
+ }
+
if (in_hosteq(isaddr, myaddr)) {
ARP_STATINC(ARP_STAT_RCVLOCALSPA);
log(LOG_ERR,
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de