# Some problems with arp in 8.x



## A-Sphinx (Dec 7, 2010)

Hello to community!

I have a box with a small home network behind it. There are different people and a couple of young c00lhatzkers. So we decided to hard-link MACs to IPs. While we haven't enough manageable switches I collected client MACs and made a file that is loaded via "arp -f". But there's a troubles began. We have a few routers like D-Link DIR-300. When I do "arp -[Ss] MAC IP pub" they're work fine. And when I load data via "arp -f" ethers, they are become unaccessible from server. It cannot be reached via neither www, nor ping during some time (some about a minute). At the same time the routers are alive and replies (to client) normally, but I cannot access them from (via) FreeBSD-server. After some about a minute they become accessible again but not stable. Sometimes (in 15-30 minutes) pings losts or grown up to hundreds ms. I can't see anything criminal via tcpdump ether host. MACs are identical either in file or manually inserted (I take it from the file via clipboard and paste it into the command line). The system is: 

```
FreeBSD rotor 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #0: Wed Aug  4 17:06:07 EEST 2010     root@rotor:/usr/src/sys/i386/compile/ROTOR  i386
```
and now I'm building the crisp one (from yesterday)
The system is:

```
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Pentium(R) Dual-Core  CPU      E6600  @ 3.06GHz (3066.79-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0x1067a  Family = 6  Model = 17  Stepping = 10
  Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
  Features2=0x400e3bd<SSE3,DTES64,MON,DS_CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,XSAVE>
  AMD Features=0x20100000<NX,LM>
  AMD Features2=0x1<LAHF>
  TSC: P-state invariant
real memory  = 2147483648 (2048 MB)
avail memory = 2015825920 (1922 MB)
ACPI APIC Table: <INTEL  DB43LD  >
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s)
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
ACPI Warning: 32/64X FACS address mismatch in FADT - 0x7B95CF40/0x       07B961F40, using 32 (20100331/tbfadt-586)
```

Ethernet card are:

```
em0: <Intel(R) PRO/1000 Network Connection 7.0.5> port 0xe0e0-0xe0ff mem 0xd0600000-0xd061ffff,0xd0624000-0xd0624fff irq 20 at device 25.0 on pci0
em0: Using MSI interrupt
em0: [FILTER]
em0: Ethernet address: 00:27:0e:02:8b:86
em1: <Intel(R) PRO/1000 Legacy Network Connection 1.0.1> port 0xd000-0xd03f mem 0xd0540000-0xd055ffff,0xd0520000-0xd053ffff irq 21 at device 0.0 on pci3
em1: [FILTER]
em1: Ethernet address: 00:1b:21:62:3b:3d
```


```
wc -l ethers
773 ethers
```
(it contains many fake records like 192.168.0.1 00.11.22.33.44.55 pub).

Who can explain what happens when I loads arp table from file, why FreeBSD server cannot exchange packets with some clients after loading MACs from file?


----------



## SirDice (Dec 7, 2010)

A-Sphinx said:
			
		

> There are different people and a couple of young c00lhatzkers. So we decided to hard-link MACs to IPs.


Why? What are you hoping to achieve?

You need to realize that MAC addresses are layer2. Any router in your network will change the source/destination MAC address of packets. That's just how TCP/IP works.


----------



## A-Sphinx (Dec 8, 2010)

SirDice said:
			
		

> Why? What are you hoping to achieve?
> 
> You need to realize that MAC addresses are layer2. Any router in your network will change the source/destination MAC address of packets. That's just how TCP/IP works.


We want that nobody could change his IP on his demand. We discovered, that at least one c00lhaztker tryied to set his IP in smb's else. We aren't know who is that c00lhatzker now, but we want that situation will maximally exclude in future.


----------



## Alt (Dec 8, 2010)

A-Sphinx said:
			
		

> Who can explain what happens when I loads arp table from file, why FreeBSD server cannot exchange packets with some clients after loading MACs from file?


Strange, this `arp -f` should work(at least it worked on my work in isp)..
Show ifconfig pls


----------



## SirDice (Dec 8, 2010)

A-Sphinx said:
			
		

> We want that nobody could change his IP on his demand. We discovered, that at least one c00lhaztker tryied to set his IP in smb's else. We aren't know who is that c00lhatzker now, but we want that situation will maximally exclude in future.



Use a LART. Your problem really isn't technical by nature.


----------



## A-Sphinx (Dec 8, 2010)

Alt said:
			
		

> Strange, this `arp -f` should work(at least it worked on my work in isp)..
> Show ifconfig pls


Well, I also have a positive experience in using arp -f on my FreeBSD servers, but here is some strange happens. I don't know whether I have been mistake somewhere or it's some glitch in my box... I hope, it's my hand's fault, but I can't find where...


----------



## A-Sphinx (Dec 8, 2010)

Alt said:
			
		

> Strange, this `arp -f` should work(at least it worked on my work in isp)..
> Show ifconfig pls


Well, I also have a positive experience in using arp -f on my FreeBSD servers, but here is some strange happens. I don't know whether I have been mistake somewhere or it's some glitch in my box... I hope, it's my hand's fault, but I can't find where...

ifconfig em1

```
em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
        ether 00:1b:21:62:3b:3d
        inet 10.5.0.5 netmask 0xffffff00 broadcast 10.5.0.255
        inet 10.5.1.5 netmask 0xffffff00 broadcast 10.5.1.255
        inet 10.5.2.5 netmask 0xffffff00 broadcast 10.5.2.255
        inet 10.5.5.5 netmask 0xffffff00 broadcast 10.5.5.255
        inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
```


----------



## Alt (Dec 9, 2010)

Did you have some config with vlans? How vlans are divided?
What if you del 1 address (make arp dynamic) ? If its works, is new address is same with one from file?


----------



## SirDice (Dec 9, 2010)

Is there a router between those clients and the server?


----------

