Red Hat Bugzilla – Bug 3389
No notification of duplicate IP
Last modified: 2008-05-01 11:37:50 EDT
Yesterday someone setup a Red Hat 6.0 box on our network
and unfortunately assigned the same IP as our Red Hat 5.2
server. Needless to say both interfaces completely shut
down, without out logging any errors or any notification.
After much frustration we finally figured out what
happened. If Windows 95 can tell you there is a duplicate
IP out there I think Linux should as well.
I'm changing the component to kernel because that's where
unices usually detect this problem.
You might also consider running arpwatch on a 3rd machine and
monitoring the output. Arpwatch mails a message to root
every time a new IP/MAC pair is detected. That might be
sufficient for you to detect duplicated IP addr's but would
require a 3rd machine and some sys admin work ...
Be very careful how you handle this. The Windows 95 "feature" is used
regularly as a denial of service attack on windows networks by
slamming the lan with faked addresses. It is possible to put it in the
kernel but non trivial to do it right.
If we need a patch for it I can knock one up
Resolved as "WONTFIX" because we aren't likely to fix this in
the near future; there are no plans to fix it for the next
release or next beta release or anything like that.