Bug 87691 - NIC catches packets after "ifconfig eth1 down"
Summary: NIC catches packets after "ifconfig eth1 down"
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: net-tools
Version: 7.3
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Phil Knirsch
QA Contact: Ben Levenson
Depends On:
TreeView+ depends on / blocked
Reported: 2003-04-01 12:20 UTC by Michael Muenz
Modified: 2015-03-05 01:12 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2003-06-27 12:09:09 UTC

Attachments (Terms of Use)

Description Michael Muenz 2003-04-01 12:20:09 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 

Description of problem:
I've got a test machine in my network and the following situation:

Firewall Internal IP:
Gateway IP to is

Test machine has IP (eth0).
I give Test machine (eth1) with ifconfig and then
type "ifconfig eth1 down".
Normal ifconfig output then shows only eth0. With
"ifconfig -a" I can see the IP from eth1 further.

Now, when I want to ping from to, 
the test machine got the packet (find out with tcpdump)
but doesn't send a reply. It sends the answer to eth1.

When I give eth1 a completly different IP again, the reply
will arrive the Firewall. 

Perhaps it's a problem of the kernel, I'm not a developer.

Is it a known bug ? 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
described above

Additional info:

Comment 1 Phil Knirsch 2003-06-27 12:09:09 UTC
From what i understand of your description this is expected behaviour:

You have only shut down the interface but not 'completely' disabled it (via
module unloading, route deletetion etc), so without any iptables or ipchains
rules the interface will still receive packages, but the kernel obviously won't
route them anymore.

And as soon as you give your interface another IP address it automatically
becomes up again and therefore starts to operate again.

I hope i have understood your problem correctly.

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.