[Bridge] Static arp entries in showmacs?
Stephen Hemminger
shemminger at osdl.org
Fri May 14 09:43:30 PDT 2004
As you deduced, the way the MS load balancer works is to have a single
IP address mapped to a multicast address. Then when a TCP connection starts
it responds with an ARP packet to redirect traffic from that host.
> When packets are dnatted to the internal ip, the kernel modifies the
> destination ip and ethernet address of the packet to send to 03:bf; it's
> then passed to the bridge, the bridge can't correlate the 03:bf hardware
> address with any particular interface, fails 'open' and sends the frame
> out of all the interfaces on the bridge (to the 03:bf ether address).
Since it is a multicast address, it isn't bound to any particular interface.
The simplest fix would be to just add filtering rule to block that address
leaking back out other interfaces.
More information about the Bridge
mailing list