[Dnsmasq-discuss] ARP ignores DHCP ACKs !
Nikita N.
nikitan at operamail.com
Wed Dec 25 16:10:26 GMT 2013
Hi Albert :)
> > Still, would like to ask you about ICMP frames, if I can.. ;)
> > because you say client uses ARP, the GW uses ICMP.. right?
>
> Not the gateway, the DHCP server (which may or may not be a gateway).
Yes yes, I run on 1 Linux machine, it does all, gw and dnsmasq
(dns+dhcp).
Then I have another machine which does the client job.
Finish, end of machines :)
> > Well, I cant see that.. the only ICMP I see are from the client to GW,
> > sent after DNS answers from dnsmasq (dnsmasq runs on GW)..
>
> You mean the client pings the IP of the gateway? Well, obviously I don't
> have the same setup as you have, but I have two Windows machines in my
> LAN, and none of them ever emits ICMP echo requests unless someone
> actually runs a ping on them in a DOS window. They do emit ARP requests,
> though, just like any other hosts in my LAN.
... well, dont know what to say.. I see ICMP always, mostly after DNS
resp arrive.. I see them symmetrically the same in both client and GW
machines (wireshark)
> Yes: do a Wireshark / tcpdump on both the DHCP server and client, force
> a DHCP exchange, see what is emitted by one machine and not received by
> the other.
Yes, I see DHCP frames req/ack symmetrically the same in both client and
GW
> ICMPv6: you can't block it if you want routing to happen at all.
Please, explain me better this, if you have time.. what do you mean as
"routing to happen"?
If you think its too much offtopic here, just send mail only to me,
thanks :)
> What's the point of blocking ICMP on the local network? I can understand
> blocking IMCP ECHO REQUESTs coming from the Internet and directed at
> your local network (well, at those machines from your LAN which can be
> addressed from the Internet); but local traffic is not really an issue.
> Or is it?
As I said, I always see those ICMP from clients, which are really
useless as there is no internet, and they always end up as host/port
unreach.. I believe they produce disturbance.. Im not fully sure, but
they could have caused drop of connection (red X) few times..
Now with iptables dropping ICMP on GW, the connections "look" more
stable, I still didnt experience other drop of conn.. im talking clients
XP and Vista of course...
In Win7 is still fog.. :P
But Im sure there is a logical explanation for that, which im trying to
find.. ;)
--
http://www.fastmail.fm - Faster than the air-speed velocity of an
unladen european swallow
More information about the Dnsmasq-discuss
mailing list