0

How can I forbid create ARP records in Debian for IP outside network assigned for device? For example:

ip route

10.10.0.0/20 dev ens4f1.10 proto kernel scope link src 10.10.0.1
10.11.0.0/22 dev ens4f1.1 proto kernel scope link src 10.11.0.1
10.16.72.0/21 dev ens4f1.138 proto kernel scope link src 10.16.72.1

arp -n -i ehs4f1.1

10.11.0.106              ether   e8:65:d4:c3:f8:a8   C                     ens4f1.1
10.11.2.129              ether   5c:92:5e:86:88:f9   C                     ens4f1.1
10.11.1.107              ether   78:44:76:c9:a9:cb   C                     ens4f1.1
10.16.72.24              ether   40:ee:15:0a:2f:c5   C                     ens4f1.1

Why did the server create an ARP record 10.16.72.24, that is not in the subnet 10.11.0.0/22?

Zedder
  • 1
  • 1
  • What is the problem you are trying to solve? Sounds like a network segmentation question with possible implications well beyond just ARP. – anx Apr 14 '22 at 13:31
  • This looks like someone created "via interface" route over non-p2p interface. Please, show a complete raw `ip route` output. You can mask public addresses, but only in a way that doesn't change the overall figure. – Nikita Kipriyanov Apr 14 '22 at 14:03
  • Edited my question. Look, please. – Zedder Apr 15 '22 at 20:59
  • What is the problem you're trying to solve? – vidarlo Apr 15 '22 at 21:21

0 Answers0