(E-Mail Removed) wrote:
> I have a process that sends spoofed packets (spoofed src address that
> is) on an interface connected to a switch. Associated with the
> interface is a specific route with the gateway being the IP address of
> the switch interface. The problem is that there is a huge number of
> incomplete arp entries, one for each spoofed src address, whose NUD
> state is incomplete or failed This results in spoofed packets to not
> be transmitted.
>
> However, if I create a default route and use the same interface, there
> are no such incomplete/failed entries in the arp table and packets seem
> to move on the very same interface.
>
> Can someone shed some light into why this is? Ideally, I would like to
> have packets to be transmitted this without needing a default route.
>
> Thanks - Rich L
There are so many variables here I don't think you'll get useful
comments. Give us some examples. What do the ARP entries look like? Are
the spoofed source addresses inside the network block assigned to the
interface that connects to the switch? Are there replies involved from
the switch -- and what does your machine do when it sees a reply that
for an IP address no assigned to it? Show us to packet capures.
DS
Similar Threads
Linear Mode
