[Tech] Re: NIC replying to wrong address (fwd)

Leonardo Boselli leo@dicea.unifi.it
Mer 14 Feb 2007 09:26:17 CET


Vi mando una domanda e la conseguente risposta, poco
"collaborativa" ricevuta sulla lista specifica,. e chiedos e qualcuno di
voi possa essere di maggiore aiuto:
Io ho risposto: 1: non sembra ci siano virus seulle macchine
win; 2: separare le due sottoreti a livello fisico č scomodo, dálltra
parte con una sola scheda e 2 indirizzi aveva funzionato been, finora
 
---------- Forwarded message ---------- 
On 2/14/07, Leonardo Boselli <leo@dicea.unifi.it> wrote:
> It worked fine, until i decided to improve bandwidth, adding a second NIC
> to serve just the public address, and leaving the first one for the
> private, of course since the hosts are mixed on the physical network the
> two nics are connected to two posrts of the same switch.

First of all mixing the two networks by plugging it into a single
switch is a very bad idea.

> After a few days someone told me that some HP and brother printers (having
> a public address) stopped working (while canons continude to work).
> The log from the printer show an outrageous ly hig number of incoming
> packets. Sniffing on the network i fount that there were two (and only
> two) windows XP hosts having a public address that sent an arp who_has
> 172.25.9.3.

Check the windows hosts for any kind of virus infection.

> This was odd either because only that two hosts did, and because since
> these are on x.y.x.0 subnet these shound have asked for x.y.z.t and nopt
> for the private address they knew nothing about it !
> but the problem was that my host replied with two replies, giving as the
> address for 172.25.9.3 both NIC. The requiring host were confused and sent
> again the request, my hsot replied again with two addresses, they were
> unhappy and sent agin the request, about 3000 times per second ...
> Net result was:
>   1. the request being broadcast were sent to every host in the subnet,
> be3ing unnoticed by someone, but hogging the printers;
>   2. even 172.25.9.3 was unappy, and at sometimes was actually slower than
> when it had only one nic.
>
> What could be the solution ?

Seperating the public/private networks should improve your network
performance many fold.

-M





Maggiori informazioni sulla lista flug-tech