Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] arp traffic percolating upstream when it shouldn't
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
ccosse
Apprentice
Apprentice


Joined: 10 Mar 2004
Posts: 168
Location: Las Cruces, New Mexico, U.S.A.

PostPosted: Mon Nov 18, 2013 5:24 pm    Post subject: [SOLVED] arp traffic percolating upstream when it shouldn't Reply with quote

Hi, I have a Gentoo Home Router that is sending arp requests upstream when it shouldn't, and I need help to understand why. The router obtains it's upstream ip via dhcp on eth0. The router is a wifi hotspot, essentially, serving a LAN out of wlan0 as well as running a web server on wlan0. From a laptop connected via wifi to the router, if I browse to the router's webpages the traffic stops at the router and is not percolated upstream ... EXCEPT if I make a call to an AJAX function on the router, and then the router sends ARP requests upstream, which come back "Refused 0/0/0" ... and I think this is causing me timeout problems in certain situations. Also, the ARP requests get transmitted upstream from the router if I ssh from wifi laptop to router (ssh root@192.168.66.1, in my case).

Here is my route cmd output:
Code:

rcrouter ~ # route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.1.1     0.0.0.0         UG    3      0        0 eth0
loopback        rcrouter        255.0.0.0       UG    0      0        0 lo
192.168.1.0     *               255.255.255.0   U     3      0        0 eth0
192.168.66.0    *               255.255.255.0   U     0      0        0 wlan0


Here is tcpdump output showing ARP requests about wlan0 (192.168.66.1) being sent upstream and coming back "Refused". What cuased this one, in particular, was plugging-in the following url: http://192.168.66.1/monitor/?what=get_data&fname=en0 (i.e. nothing harmless ... i think ... it's handled by a django urls.py file and does still get handled correctly ... but these refused ARP requests are some result of my configuration, i think, and I'm having bad performance issues in general behind my Gentoo Home Router and think this is closely related to the cause ... hence why I'm asking):
Code:

11:08:19.690978 arp who-has 192.168.1.1 tell 192.168.1.246
11:08:19.691216 arp reply 192.168.1.1 is-at 54:42:49:e0:a9:28
11:08:19.691245 IP 192.168.1.246.42815 > 192.168.1.1.53: 32398+ PTR? 1.66.168.192.in-addr.arpa. (43)
11:08:20.159077 IP 192.168.1.1.53 > 192.168.1.246.42815: 32398 Refused 0/0/0 (43)
11:08:20.159741 IP 192.168.1.246.43560 > 192.168.1.1.53: 32398+ PTR? 1.66.168.192.in-addr.arpa. (43)
11:08:20.234608 IP 192.168.1.1.53 > 192.168.1.246.43560: 32398 Refused 0/0/0 (43)


Thank you for reading and helping me understand what's going on!

-Charles


Last edited by ccosse on Tue Nov 19, 2013 8:06 am; edited 1 time in total
Back to top
View user's profile Send private message
eyoung100
Veteran
Veteran


Joined: 23 Jan 2004
Posts: 1428

PostPosted: Mon Nov 18, 2013 5:48 pm    Post subject: Reply with quote

The easiest way to fix this is to turn off the AJAX Remote Call, and upload the code that performs the AJAX functions to your webserver directly. In your webpages that need the calls, update the link to refer to your local copy of the scripts.

Example:
  1. Download the minified copy of JQuery from JQuery Downloads.
  2. Install the scripts at /var/www/jquery
  3. Use Relative Pathing in all your sites, or:

  1. Download the minified copy of JQuery from JQuery Downloads.
  2. Install the scripts at /var/www/<site 1>/jquery - This keeps the Calls limited to particular sites only, and increases security. It's a PITA if you maintain many sites, as each site requiring jquery would need it's own copy.
  3. Use Relative Pathing in all your sites.

_________________
The Birth and Growth of Science is the Death and Atrophy of Art -- Unknown
Registerd Linux User #363735
Adopt a Post | Strip Comments| Emerge Wrapper
Back to top
View user's profile Send private message
ccosse
Apprentice
Apprentice


Joined: 10 Mar 2004
Posts: 168
Location: Las Cruces, New Mexico, U.S.A.

PostPosted: Mon Nov 18, 2013 5:57 pm    Post subject: Reply with quote

Well thanks for your reply eyoung100, but the ajax stuff kinda has to stay ... the python (django) backend then communicates to an RPC server to exchange data. Also I don't use JQuery (unless unknowingly via django, which probably yes) ... my xmlhttp requests are all done manually.

This also happens when I ssh to the router (from behind router), so it's not just web-traffic specific ... is there a way to fix it via my network configuration?

Thank you!
Back to top
View user's profile Send private message
ccosse
Apprentice
Apprentice


Joined: 10 Mar 2004
Posts: 168
Location: Las Cruces, New Mexico, U.S.A.

PostPosted: Mon Nov 18, 2013 6:11 pm    Post subject: Reply with quote

eyoung100 wrote:
The easiest way to fix this is to turn off the AJAX Remote Call, and upload the code that performs the AJAX functions to your webserver directly.


Wow, sorry I missed your point here ... but to answer this: there is no remote call happening ... well, actually it does induce an RPC call to itself on port 8005, but no calls to beyond the router. Am I getting you correctly? Thanks!
Back to top
View user's profile Send private message
eyoung100
Veteran
Veteran


Joined: 23 Jan 2004
Posts: 1428

PostPosted: Mon Nov 18, 2013 6:14 pm    Post subject: Reply with quote

ccosse wrote:
Well thanks for your reply eyoung100, but the ajax stuff kinda has to stay ... the python (django) backend then communicates to an RPC server to exchange data. Also I don't use JQuery (unless unknowingly via django, which probably yes) ... my xmlhttp requests are all done manually.

This also happens when I ssh to the router (from behind router), so it's not just web-traffic specific ... is there a way to fix it via my network configuration?

Thank you!


It all Works the same, except you have your own copy. See Django Download, then follow my example, and integrate the local copy you download into your sites, and disable the CDN calls. In short, your allowing your webserver to do the AJAX calls locally.
_________________
The Birth and Growth of Science is the Death and Atrophy of Art -- Unknown
Registerd Linux User #363735
Adopt a Post | Strip Comments| Emerge Wrapper


Last edited by eyoung100 on Mon Nov 18, 2013 6:23 pm; edited 1 time in total
Back to top
View user's profile Send private message
ccosse
Apprentice
Apprentice


Joined: 10 Mar 2004
Posts: 168
Location: Las Cruces, New Mexico, U.S.A.

PostPosted: Mon Nov 18, 2013 6:19 pm    Post subject: Reply with quote

eyoung100 wrote:
It all Works the same, except you have your own copy.


This is not a django issue if it's happening for ssh traffic as well ... or am i missing something of what you are saying?
Back to top
View user's profile Send private message
papahuhn
l33t
l33t


Joined: 06 Sep 2004
Posts: 623

PostPosted: Tue Nov 19, 2013 7:54 am    Post subject: Reply with quote

That is not a refused ARP request but a refused DNS request. For some reason (security policy?) the router's nameserver does not allow an external request for an internal IP.
_________________
Death by snoo-snoo!
Back to top
View user's profile Send private message
ccosse
Apprentice
Apprentice


Joined: 10 Mar 2004
Posts: 168
Location: Las Cruces, New Mexico, U.S.A.

PostPosted: Tue Nov 19, 2013 8:05 am    Post subject: Reply with quote

papahuhn wrote:
That is not a refused ARP request but a refused DNS request. For some reason (security policy?) the router's nameserver does not allow an external request for an internal IP.


I think it is all due to my configuration here in my garage. I tested the router today from a university network and no problems at all. Here, however, I'm going through my droid phone's hotspot for service and that's who's refusing the dns request from the router. So my theory here is that it's all Verizon's fault, one way or another.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum