Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!WSL.DEC.COM!mogul From: mogul@WSL.DEC.COM (Jeffrey Mogul) Newsgroups: comp.protocols.tcp-ip Subject: Re: NFS Performance through Routers Message-ID: <8903222359.AA14350@lakers.pa.dec.com> Date: 22 Mar 89 23:59:16 GMT References: Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 27 Rob Austein writes: Something we've occasionally done when experiencing ARP storms is to set up a PC or similar expendable machine ANSWERING the ARP requests for the incorrect broadcast address (and throwing the resultant forwarded packets on the floor). Besides providing a sink for the traffic and thus calming the storm, this provides us with a good way to monitor exactly which hosts are using the wrong address, so that we can go in with the debuggers and service calls and icepicks with some assurance that we know who the culprits are. Tasteless, but it works.... NOVICES, BEWARE: under no circumstances should the answer to an ARP for a broadcast IP address return the broadcast Ethernet address. This is clearly not what Rob is doing, and of course "nobody would ever do this" ... but I have heard of people doing it. Chernobyl was nothing compared to this. If I were supporting an ARP implementation, I would have it check to make sure it wasn't inserting a broadcast/multicast address in any of the hardware address fields of an ARP message ... and if it detects such an attempt, it should start the "host self-destruct" sequence to make sure that a person who makes this mistake is properly chastised. -Jeff