From: Mark Smith <lk-netdev@lk-netdev•nosense.org>
To: ebiederm@xmission•com (Eric W. Biederman)
Cc: Denys Fedoryschenko <denys@visp•net.lb>,
David Miller <davem@davemloft•net>,
netdev@vger•kernel.org
Subject: Re: [RFC] arp announce, arp_proxy and windows ip conflict verification
Date: Sun, 5 Jul 2009 15:46:44 +0930 [thread overview]
Message-ID: <20090705154644.38e41050.lk-netdev@lk-netdev.nosense.org> (raw)
In-Reply-To: <m13a9c2dsg.fsf@fess.ebiederm.org>
On Sat, 04 Jul 2009 17:07:11 -0700
ebiederm@xmission•com (Eric W. Biederman) wrote:
> Mark Smith <lk-netdev@lk-netdev•nosense.org> writes:
>
> > On Sun, 5 Jul 2009 01:00:08 +0300
> > Denys Fedoryschenko <denys@visp•net.lb> wrote:
> >
> >> On Sunday 05 July 2009 00:57:32 Eric W. Biederman wrote:
> >> >
> >> > How can that possibly be a correct network configuration?
> >> >
> >> > Eric
> >> It is a problem to have different networks, who doesn't communicate one with
> >> each other, in same ethernet segment?
> >>
> >> Does it violate anything?
> >
> > I'm pretty sure it doesn't.
> >
> > It's a common enough situation. A second subnet (or more) is assigned
> > to a link because the first isn't large enough, and renumbering the
> > hosts into a larger subnet is not practical at the time. A
> > 'one-armed router' is used up stream to have traffic go between the
> > different subnets, at the cost of traffic double traversing the link.
> > (The worst example I've seen is 25 subnets operating this way!)
> >
> > Fundamentally it is no different to routing traffic to other subnets.
> > IP was designed on the assumption that there'd only be a single subnet
> > per link, so nothing was done to make this scenario more efficent.
> >
> > IPv6 has introduced the ability for hosts to be told by their default
> > router that destinations they think are "offlink", because the address
> > falls outside a locally assigned or learned prefixes, are actually
> > "onlink", preventing this double traversing problem.
>
> Multiple subnets on an ethernet segment sure. Multiple subnets
> subnets that don't communicate? Not telling your router about all of
> the subnets on the ethernet segment?
>
> The combination of not configuring the router to know about all of the
> subnets and enabling proxy arp is what is causing problems for Denys.
>
> That sure seems like a misconfiguration to me.
>
A misconfiguration if you don't intend it, otherwise, isolation between
subnets on a common link can be useful. I've taken advantage of it
in networking test labs.
It can also be useful for basic traffic engineering. You set up two
routers attached to the same link, but both with different configured
prefixes. Nodes are assigned adresses out of one or the other prefix,
to influence which outbound (and inbound) path their traffic takes.
Leaving it like that would be a bit unusual, however it could be as
part of a gradual transition to splitting the link to reduce the
broadcast domain size.
Regards,
Mark.
next prev parent reply other threads:[~2009-07-05 6:16 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-01 11:44 [RFC] arp announce, arp_proxy and windows ip conflict verification Denys Fedoryschenko
2009-03-13 23:02 ` David Miller
2009-06-30 22:55 ` Eric W. Biederman
2009-06-30 22:54 ` Denys Fedoryschenko
[not found] ` <m1iqicyjmr.fsf@fess.ebiederm.org>
2009-07-01 9:00 ` Denys Fedoryschenko
2009-07-01 9:42 ` Denys Fedoryschenko
2009-07-01 17:40 ` Eric W. Biederman
2009-07-01 18:12 ` Denys Fedoryschenko
2009-07-01 19:01 ` Denys Fedoryschenko
2009-07-02 20:36 ` Eric W. Biederman
2009-07-02 20:51 ` Eric W. Biederman
2009-07-02 21:22 ` Denys Fedoryschenko
2009-07-02 22:18 ` Eric W. Biederman
2009-07-02 23:03 ` Denys Fedoryschenko
2009-07-02 23:23 ` Eric W. Biederman
2009-07-02 23:46 ` Denys Fedoryschenko
2009-07-03 1:38 ` David Miller
2009-07-03 3:14 ` Eric W. Biederman
2009-07-03 11:02 ` Denys Fedoryschenko
2009-07-03 20:20 ` David Miller
2009-07-03 20:37 ` Denys Fedoryschenko
2009-07-04 0:46 ` Eric W. Biederman
2009-07-04 7:55 ` Denys Fedoryschenko
2009-07-04 15:00 ` Eric W. Biederman
2009-07-04 15:03 ` Denys Fedoryschenko
2009-07-04 21:57 ` Eric W. Biederman
2009-07-04 22:00 ` Denys Fedoryschenko
2009-07-04 23:22 ` Mark Smith
2009-07-05 0:07 ` Eric W. Biederman
2009-07-05 0:28 ` Denys Fedoryschenko
2009-07-05 6:16 ` Mark Smith [this message]
2009-07-04 23:47 ` Eric W. Biederman
2009-07-03 1:34 ` David Miller
2009-07-02 23:13 ` Denys Fedoryschenko
2009-07-01 2:27 ` [PATCH] Revert "ipv4: arp announce, arp_proxy and windows ip conflict verification" Eric W. Biederman
2009-07-01 3:10 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090705154644.38e41050.lk-netdev@lk-netdev.nosense.org \
--to=lk-netdev@lk-netdev$(echo .)nosense.org \
--cc=davem@davemloft$(echo .)net \
--cc=denys@visp$(echo .)net.lb \
--cc=ebiederm@xmission$(echo .)com \
--cc=netdev@vger$(echo .)kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox