Score:0

Linux MAC learning outside network

cn flag

How can I forbid create ARP records in Debian for IP outside network assigned for device? For example:

ip route

10.10.0.0/20 dev ens4f1.10 proto kernel scope link src 10.10.0.1
10.11.0.0/22 dev ens4f1.1 proto kernel scope link src 10.11.0.1
10.16.72.0/21 dev ens4f1.138 proto kernel scope link src 10.16.72.1

arp -n -i ehs4f1.1

10.11.0.106              ether   e8:65:d4:c3:f8:a8   C                     ens4f1.1
10.11.2.129              ether   5c:92:5e:86:88:f9   C                     ens4f1.1
10.11.1.107              ether   78:44:76:c9:a9:cb   C                     ens4f1.1
10.16.72.24              ether   40:ee:15:0a:2f:c5   C                     ens4f1.1

Why did the server create an ARP record 10.16.72.24, that is not in the subnet 10.11.0.0/22?

anx avatar
fr flag
anx
What is the problem you are trying to solve? Sounds like a network segmentation question with possible implications well beyond just ARP.
Nikita Kipriyanov avatar
za flag
This looks like someone created "via interface" route over non-p2p interface. Please, show a complete raw `ip route` output. You can mask public addresses, but only in a way that doesn't change the overall figure.
Zedder avatar
cn flag
Edited my question. Look, please.
vidarlo avatar
ar flag
What is the problem you're trying to solve?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.