[PLUG] Network Security issue => ARP table cache
Russell Senior
russell at personaltelco.net
Tue Dec 5 13:36:42 UTC 2023
As long as we are talking about ARP, I want to mention that IPv6 does not
use ARP. Instead, it uses NDP (neighbor discovery protocol) with some
ICMPv6 multicast messages, and the "modern" iproute2 tool which works
across ipv4 and ipv6 is "ip n", where n stands for "neighbour".
>From the manpage for ip:
neighbour
- manage ARP or NDISC cache entries.
Obviously, much additional reading is available, almost certainly more
accurate than my cartoon version here.
--
Russell Senior
russell at personaltelco.net
On Tue, Dec 5, 2023 at 4:31 AM MC_Sequoia <mcsequoia at protonmail.com> wrote:
> For future reference for anyone playing along at home, if you discover an
> dup ip addr listing in the arp table cache, you can just manually delete it
> from the command line. A quick & easy Google search will get you the
> command.
>
> Also, dup ip addrs are very bad because a broadcast loop storm can arise
> and crash an entire network or segment of a network.
>
>
>
More information about the PLUG
mailing list