Web lists-archives.com

Re: Get the external IP address from a Linux box




On Tue 29 May 2018 at 14:57:22 (+0200), Pascal Hambourg wrote:
> Le 28/05/2018 à 23:14, Pascal Hambourg a écrit :
> >Le 28/05/2018 à 13:54, Alan Greenberger a écrit :
> >>
> >>You are mostly correct.  However, I have one machine on which the
> >>response to
> >>/usr/sbin/arp -n
> >>shows two lines with the HWaddress of the router, one with the internal
> >>address as you said and the other with the external address.  I have no
> >>idea what made arp see the external address.
> >
> >Thinking of it, a router following the "weak host" model (like
> >Linux does) can advertise any local address on any interface. It
> >can be tested with arping. However I am failing to imagine any
> >plausible scenario which could lead a host on the internal LAN to
> >have the router's external IP address in its ARP cache. It means
> >that either :
> >- the host sends an ARP query for the router's external IP address
> 
> I guess this could happen if the host has a direct default route (no
> gateway) and the router acts as an ARP proxy. Quite an unusual
> setup.
> 
> >- the router sends an ARP query to the host from its external IP address
> 
> I checked that the latter can happen when the router must send a
> packet to the host with its external address as source and must
> resolve the host's address. Then the ARP query source IP address is
> the external address, and the destination host stores it in its ARP
> cache.
> 
> Any idea why the router would send packets to this host from its
> external address ?

I think your analysis starts from an assumption that everything is,
and always was, set up correctly from the start, and is working with
a sane and correct configuration, which might not be completely true.

Cheers,
David.