summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/netinet/if_ether.c8
-rw-r--r--usr.sbin/arp/arp.411
2 files changed, 16 insertions, 3 deletions
diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c
index 8e2daeb..52d7db2 100644
--- a/sys/netinet/if_ether.c
+++ b/sys/netinet/if_ether.c
@@ -496,6 +496,7 @@ arpintr(struct mbuf *m)
static int log_arp_wrong_iface = 1;
static int log_arp_movements = 1;
static int log_arp_permanent_modify = 1;
+static int allow_multicast = 0;
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_wrong_iface, CTLFLAG_RW,
&log_arp_wrong_iface, 0,
@@ -506,7 +507,8 @@ SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_movements, CTLFLAG_RW,
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_permanent_modify, CTLFLAG_RW,
&log_arp_permanent_modify, 0,
"log arp replies from MACs different than the one in the permanent arp entry");
-
+SYSCTL_INT(_net_link_ether_inet, OID_AUTO, allow_multicast, CTLFLAG_RW,
+ &allow_multicast, 0, "accept multicast addresses");
static void
in_arpinput(struct mbuf *m)
@@ -551,8 +553,8 @@ in_arpinput(struct mbuf *m)
return;
}
- if (ETHER_IS_MULTICAST(ar_sha(ah))) {
- log(LOG_NOTICE, "in_arp: %*D is multicast\n",
+ if (allow_multicast == 0 && ETHER_IS_MULTICAST(ar_sha(ah))) {
+ log(LOG_NOTICE, "arp: %*D is multicast\n",
ifp->if_addrlen, (u_char *)ar_sha(ah), ":");
return;
}
diff --git a/usr.sbin/arp/arp.4 b/usr.sbin/arp/arp.4
index 980ca71..0ff0f2c 100644
--- a/usr.sbin/arp/arp.4
+++ b/usr.sbin/arp/arp.4
@@ -120,6 +120,12 @@ of the
.Xr sysctl 3
MIB.
.Bl -tag -width "log_arp_permanent_modify"
+.It Va allow_multicast
+Should the kernel install ARP entries with multicast bit set in
+the hardware address.
+Installing such entries is RFC 1812 violation, but some prorietary
+load balancing techniques require routers on network to do so.
+Turned off by default.
.It Va log_arp_movements
Should the kernel log movements of IP addresses from one hardware
address to an other.
@@ -203,6 +209,11 @@ entry in the local ARP table.
This error will only be logged if the sysctl
.Va net.link.ether.inet.log_arp_permanent_modify
is set to 1, which is the system's default behaviour.
+.It "arp: %x:%x:%x:%x:%x:%x is multicast"
+Kernel refused to install an entry with multicast hardware address.
+If you really want such addresses being installed, set the sysctl
+.Va net.link.ether.inet.allow_multicast
+to a positive value.
.El
.Sh SEE ALSO
.Xr inet 4 ,
OpenPOWER on IntegriCloud