On Sat, Sep 27, 2025 at 03:32:38PM -0400, Jon Maloy wrote:
> 
> 
> On 2025-09-26 19:25, Jon Maloy wrote:
> > 
> > On 2025-09-23 23:22, David Gibson wrote:
> > > On Tue, Sep 23, 2025 at 09:13:30PM -0400, Jon Maloy wrote:
> > > > Gratuitious ARP and unsolicitated NA should be handled with caution
> > > > because of the risk of malignant users emitting them to disturb
> > > > network communication.
> > > > 
> > [...]
> > > > +    req.ah.ar_op = htons(ARPOP_REPLY);
> > > > +    req.ah.ar_hrd = htons(ARPHRD_ETHER);
> > > > +    req.ah.ar_pro = htons(ETH_P_IP);
> > > > +    req.ah.ar_hln = ETH_ALEN;
> > > > +    req.ah.ar_pln = 4;
> > > > +
> > > > +    /* ARP message */
> > > > +    memcpy(req.am.sha, mac, sizeof(req.am.sha));
> > > > +    memcpy(req.am.sip, &ip, sizeof(req.am.sip));
> > > > +    memcpy(req.am.tha, MAC_BROADCAST, sizeof(req.am.tha));
> > > > +    memcpy(req.am.tip, &ip, sizeof(req.am.tip));
> > > 
> > > So, I was trying to check if it made sense to use the same IP for both
> > > source and target here, and came across
> > >      https://www.rfc-editor.org/rfc/rfc5227#section-3
> > > 
> > > Which suggests we should (counter intuitively) be using ARP requests,
> > > not ARP replies for announcements.
> > 
> > I have now read through it, and it seems to come to the conclusion
> > that this is not advisable. In principle it should work, if all

What "this" refers to here is not clear to me.

> > implementations stick to standard, but there might be stacks which are
> > not stateless in this regard, i.e., they only accepts ARP replies as a
> > response to a sent request.
> > In short, I think I will stick to my current approach, since it is
> > evidently harmless and is proven to work.
> > 
> > ///jon
> 
> My response above may look confusing.

Yes.. and I'm still confused.  Without knowing what "this" is above,
I'm not clear what "it" or "the other" are below either.

> I had actually experimented with both
> methods, and had in my mind that it was the "ARP Announcement"
> implementation I had posted.
> It is now fixed.
> 
> That said, further investigation indicates that the other method is fully
> legit, and actually widely used (Windows, Cisco), although not
> by Linux.

My understanding of that RFC is that it is advising _against_ sending
unsolicited ARP replies (as your earlier posted versions did).
Instead, it advises sending ARP requests in order to announce a MAC to
the networm.  The history is confusing because "ARP announcements" and
"gratuitous ARP" can and have been used to refer to both variants.

Does that match your current understanding?

-- 
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson