beautypg.com

Amer Networks E5Web GUI User Manual

Page 190

background image

ARP Requests

The ARP specification states that a host should update its ARP Cache with data from ARP
requests received from other hosts. However, as this procedure can facilitate hijacking of local
connections, cOS Core will normally not allow this.

To make the behavior compliant with the RFC 826 specification, the administrator can modify
the setting ARP Requests. Even if this is set to Drop (meaning that the packet is discarded
without being stored), cOS Core will reply to it provided that other rules approve the request.

Changes to the ARP Cache

A received ARP reply or ARP request can possibly alter an existing entry in the ARP cache.
Allowing this to take place may allow hijacking of local connections. However, not allowing this
may cause problems if, for example, a network adapter is replaced since cOS Core will not accept
the new address until the previous ARP cache entry has timed out.

The advanced setting Static ARP Changes can modify this behavior. The default behavior is that
cOS Core will allow changes to take place, but all such changes will be logged.

A similar issue occurs when information in ARP replies or ARP requests could collide with static
entries in the ARP cache. This should not be allowed to happen and changing the setting Static
ARP Changes allows the administrator to specify whether or not such situations are logged.

Sender IP 0.0.0.0

cOS Core can be configured for handling ARP queries that have a sender IP of 0.0.0.0. Such
sender IPs are never valid as responses, but network units that have not yet learned of their IP
address sometimes ask ARP questions with an "unspecified" sender IP. Normally, these ARP
replies are dropped and logged, but the behavior can be changed by modifying the setting ARP
Query No Sender.

Matching Ethernet Addresses

By default, cOS Core will require that the sender address at Ethernet level should comply with the
Ethernet address reported in the ARP data. If this is not the case, the reply will be dropped and
logged. The behavior can be changed by modifying the setting ARP Match Ethernet Sender.

Chapter 3: Fundamentals

190

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: