I have a problem involing arp table entries that I''m hoping someone can help with. I''m working on a mail system that utilises multiple Linux servers in a redundant configuration. The configuration has pairs of Linux servers running as MTAs. Each pair of real servers hides behind a virtual server name. The virtual server name and load balancing of real servers is handled by an Alteon AD3 switch. Each of the Linux servers has two ethernet interfaces with the second interface also connected to a (second) Alteon. The two Alteons are configured in an active-standby arrangement using VRRP. The IP addresses of each linux servers'' ethernet interfaces are on the same subnet (172.16.180.0/128), The configuration of the Alteon causes each of the Alteon IP addresses to appear on each interface of the Linux box, with the same MAC address i.e. alteon1 (172.16.180.2) at 00:00:E8:D7:4F:5D [ether] on eth0 alteon2 (172.16.180.3) at 00:50:BA:CB:DD:D8 [ether] on eth0 alteon1 (172.16.180.2) at 00:00:E8:D7:4F:5D [ether] on eth1 alteon2 (172.16.180.3) at 00:50:BA:CB:DD:D8 [ether] on eth1 What I''m looking to do is to not have the second entry for any host appear in the arp table if it''s already there for another interface. i.e. if alteon1 has an arp entry pointing to eth0, don''t add one for eth1 - which I guess means, don''t issue arp requests/responses on the other interface for an Alteon if we have an arp table entry. The solution doesn''t need to be tailored to the Alteon IP addresses, just a general rule of not issuing arp requests/responses on a second interface if we already have a similiar entry pointing to the first interface. Regards Geoff Steer _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Geoff, Frankly, I''m not sure if this is the answer to your question, but Julian Anastasov has written a very handy utility called "ip arp". You may find that this is just the trick. Check out Julian''s work here: http://www.linuxvirtualserver.org/~julian/ http://www.linuxvirtualserver.org/~julian/iparp.txt Hopefully, there is somebody else on this list who has specific experience with the problem you are trying to solve. Anyway, best of luck, -Martin On Mon, 2 Sep 2002, Geoff Steer wrote: : I have a problem involing arp table entries that I''m hoping someone can : help with. : : I''m working on a mail system that utilises multiple Linux servers in a : redundant configuration. : The configuration has pairs of Linux servers running as MTAs. Each pair : of real servers hides behind a virtual server name. The virtual server : name and load balancing of real servers is handled by an Alteon AD3 switch. : Each of the Linux servers has two ethernet interfaces with the second : interface also connected to a (second) Alteon. The two Alteons are : configured in an active-standby arrangement using VRRP. : The IP addresses of each linux servers'' ethernet interfaces are on the : same subnet (172.16.180.0/128), : : The configuration of the Alteon causes each of the Alteon IP : addresses to appear on each interface of the Linux box, with the same : MAC address i.e. : : alteon1 (172.16.180.2) at 00:00:E8:D7:4F:5D [ether] on eth0 : alteon2 (172.16.180.3) at 00:50:BA:CB:DD:D8 [ether] on eth0 : alteon1 (172.16.180.2) at 00:00:E8:D7:4F:5D [ether] on eth1 : alteon2 (172.16.180.3) at 00:50:BA:CB:DD:D8 [ether] on eth1 : : What I''m looking to do is to not have the second entry for any host : appear in the arp table if it''s already there for another interface. : i.e. if alteon1 has an arp entry pointing to eth0, don''t add one for : eth1 - which I guess means, don''t issue arp requests/responses on the : other interface for an Alteon if we have an arp table entry. : The solution doesn''t need to be tailored to the Alteon IP : addresses, just a general rule of not issuing arp requests/responses : on a second interface if we already have a similiar entry pointing to : the first interface. : : Regards : Geoff Steer : : : : : _______________________________________________ : LARTC mailing list / LARTC@mailman.ds9a.nl : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ : -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hello, you can use ebtables (http://users.pandora.be/bart.de.schuymer/ebtables/). On Mon, 2 Sep 2002, Geoff Steer wrote:> I have a problem involing arp table entries that I''m hoping someone can > help with. > > I''m working on a mail system that utilises multiple Linux servers in a > redundant configuration. > The configuration has pairs of Linux servers running as MTAs. Each pair > of real servers hides behind a virtual server name. The virtual server > name and load balancing of real servers is handled by an Alteon AD3 switch. > Each of the Linux servers has two ethernet interfaces with the second > interface also connected to a (second) Alteon. The two Alteons are > configured in an active-standby arrangement using VRRP. > The IP addresses of each linux servers'' ethernet interfaces are on the > same subnet (172.16.180.0/128), > > The configuration of the Alteon causes each of the Alteon IP > addresses to appear on each interface of the Linux box, with the same > MAC address i.e. > > alteon1 (172.16.180.2) at 00:00:E8:D7:4F:5D [ether] on eth0 > alteon2 (172.16.180.3) at 00:50:BA:CB:DD:D8 [ether] on eth0 > alteon1 (172.16.180.2) at 00:00:E8:D7:4F:5D [ether] on eth1 > alteon2 (172.16.180.3) at 00:50:BA:CB:DD:D8 [ether] on eth1 > > What I''m looking to do is to not have the second entry for any host > appear in the arp table if it''s already there for another interface. > i.e. if alteon1 has an arp entry pointing to eth0, don''t add one for > eth1 - which I guess means, don''t issue arp requests/responses on the > other interface for an Alteon if we have an arp table entry. > The solution doesn''t need to be tailored to the Alteon IP > addresses, just a general rule of not issuing arp requests/responses > on a second interface if we already have a similiar entry pointing to > the first interface. > > Regards > Geoff Steer-- `)_|_('' PSIkappa I k psi _at_ atlantis.sk _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/