Open bahbarnett opened 3 months ago
ThomasHabets
commented
3 months ago I'm failing to reproduce this. With 2.24 and .219 I seem to get the same packets out, and always see timeout.
Now, they're replies, so I don't actually expect any… replies to the replies, so I wonder what it is that you're seeing. What do you see in tcpdump -nlpi NIC:11 arp, and do you see a difference?
bahbarnett
commented
3 months ago In both cases I see absolutely no difference between the two. I see a few arp requests, but none of them are related to the IP in question, along with the generated replies:
10:51:55.439234 ARP, Reply x.x.x.x is-at ff:ff:ff:ff:ff:ff, length 44
10:51:56.439447 ARP, Reply x.x.x.x is-at ff:ff:ff:ff:ff:ff, length 44
10:52:48.739197 ARP, Reply x.x.x.x is-at ff:ff:ff:ff:ff:ff, length 44
10:52:49.739726 ARP, Reply x.x.x.x is-at ff:ff:ff:ff:ff:ff, length 44If you wish, I can post more via private email, I cannot put public IPs and such here. (But really, it's just standard arp requests without x.x.x.x IP in them, eg for other IPs.)
I wondered if the 2.19 difference was a Debianism, but these patch names don't make it seem to be purposeful. Am I about to be compelled to compile from source?
-rw-r--r-- 1 root root 1397 Dec 28 2018 Fall-back-to-gettimeofday-if-clock_gettime-fails.patch -rw-r--r-- 1 root root 2998 Dec 28 2018 Further-improvement-for-cross-compiling.patch -rw-r--r-- 1 root root 1089 Dec 28 2018 Further-simplify-CLOCK_MONOTONIC-check.patch -rw-r--r-- 1 root root 1887 Dec 28 2018 Provide-configure-time-fallback-for-cross-compile-ch.patch -rw-r--r-- 1 root root 962 Dec 28 2018 spelling-error-in-manpage.patch
ThomasHabets
commented
3 months ago I downloaded http://ftp.se.debian.org/debian/pool/main/a/arping/arping_2.19-6_amd64.deb and tried it. For that too I see Timeout.
Same with http://ftp.se.debian.org/debian/pool/main/a/arping/arping_2.24-2_amd64.deb
Are you sure this is a function of which version you're using, and not some unrelated factor? This is on the same machine?
Really, arping should not even be looking for reply-replies when it sends unsolicited replies. I'm going to sort that out.
bahbarnett
commented
3 months ago It's on the same machine, a firewall. I can strace if you want.
ThomasHabets
commented
3 months ago If you could do a strace, and a tcpdump -s0 -nlpi any -w arping.cap arp with 2.19, and send it to thomas@habets.se, that could be helpful.
My suspicion is that there is some background ARP happening that just so happens to be picked up by arping, and that it's not version dependent but just coincidence.
In any case:
I use arping in a variety of scripts, and I have a variety of upstream routers I must hit. Some require unsolicited arps, others not.
In the case of unsolicited, I recently upgraded arping to a newer version. A move from 2.19 to 2.23. With 2.19, even though it was simply an unsolicited packet being sent, arping (I presume) simply posted the time to send, and thus stated success.
However, with 2.23 it now does a 'timeout', even though I don't think the router should be responding to a 'reply'.
In both cases the ARP 'reply' is sent fine, as per tcpdump. In both cases, I see no response from the router.
However, a RC of 1 happens with the timeouts in 2.23, which means my scripts cannot tell the difference between 'borked command' and 'normal arping operation'.
Is it me that's borked, or arping's -P?
Thanks