On Thu, Jun 6, 2013 at 3:00 PM, Bjørn Mork <bjorn@mork.no> wrote:
William Herrin <bill@herrin.us> writes:
On Wed, Jun 5, 2013 at 6:25 PM, Ricky Beam <jfbeam@gmail.com> wrote:
I won't argue against calling Linux "wrong". However, the linux way of dealing with ARP is well tuned for "host" and not "router" duty.
I love Linux and use it throughout my work but I can't tell you the number of times its ARP behavior has bitten me. If you send a packet to a VIP on a Linux box and it doesn't have an arp entry for the default gateway, the Linux box will send an arp request... with the vip as the source. That is just wrong. Wrong, wrong, wrong. Use the damn interface IP when you arp for something on that interface. If the router doesn't happen to like the bad arp (since the VIP isn't on the router's LAN) the router will ignore it. And your service will merrily pop up and down depending on whether the Linux box has any traffic to originate.
Did you try setting sys.net.ipv4.conf.all.arp_announce=2 ?
Yes, of course I changed the sysctl. Yes of course that worked. Every time I've run in to the problem. On server after server after server.
Yes, the system default may be tuned for host/desktop usage
No, it doesn't default to reasonable desktop settings for ARP... it defaults to a version of wrong that on a desktop with one NIC and one IP doesn't happen to break anything. It'd be nice if it defaulted to RFC compliant instead and let the few folks with wacky needs move it off the standard behavior. -Bill -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004