[Dnsmasq-discuss] ARP ignores DHCP ACKs !

Albert ARIBAUD albert.aribaud at free.fr
Wed Dec 25 13:52:58 GMT 2013 

Le 25/12/2013 12:07, Nikita N. a écrit :
>> The important point for your situation is that it's perfectly normal to
>> see a DHCP client make an ARP request as part of the address-aquisition
>> process, and for that ARP request to go un-answered.
>
> Hi Simon :)
> Yes, that I understood very clearly, such unanswered ARPs are normal,
> everybody told me that.. :))
> As matter of fact, such ARPs appear in XP and Vista too, but 2/3 frames
> at most..
> On Win7 they appear in number of 50/100 frames, multiple times, that
> raised my suspects..
>
> Still, would like to ask you about ICMP frames, if I can.. ;)
> because you say client uses ARP, the GW uses ICMP.. right?

Not the gateway, the DHCP server (which may or may not be a gateway).

> Well, I cant see that.. the only ICMP I see are from the client to GW,
> sent after DNS answers from dnsmasq (dnsmasq runs on GW)..

You mean the client pings the IP of the gateway? Well, obviously I don't 
have the same setup as you have, but I have two Windows machines in my 
LAN, and none of them ever emits ICMP echo requests unless someone 
actually runs a ping on them in a DOS window. They do emit ARP requests, 
though, just like any other hosts in my LAN.

> As I wrote, I set to drop all in/out ICMP frames on GW (iptables), and
> still connection keeps alive allright on Vista, XP and Linux..
> But on Win7 cant see the light.. lots of those unanswered ARPs, few ARP
> req about who has GW, few Netbios, ipv6 frames and other useless
> protocol frames, stop.. Win7 gives up, red X on connection, finish.. any
> hint comes in your mind about that?

Yes: do a Wireshark / tcpdump on both the DHCP server and client, force 
a DHCP exchange, see what is emitted by one machine and not received by 
the other.

> About ICMP in general, since Im serving only local pages to client, is
> it ok in my local network to set drop all ICMP on GW?
> Thanks :)

This is unrelated to dnsmasq, but here is a quick answer:

ICMPv6: you can't block it if you want routing to happen at all.

ICMPv4: you might experience issues between your local machines and the 
Internet.

What's the point of blocking ICMP on the local network? I can understand 
blocking IMCP ECHO REQUESTs coming from the Internet and directed at 
your local network (well, at those machines from your LAN which can be 
addressed from the Internet); but local traffic is not really an issue. 
Or is it?

Amicalement,
-- 
Albert.

More information about the Dnsmasq-discuss mailing list