PDA

View Full Version : Martian packets from link-local address



jayvi
25-Nov-2013, 15:14
I am seeing reports of martian packets in /var/log/messages:


Nov 25 08:20:51 unknown kernel: [12489.121833] martian source 169.254.2.3 from 169.254.2.1, on dev eth7
Nov 25 08:20:51 unknown kernel: [12489.564128] martian source 169.254.2.3 from 169.254.2.1, on dev eth7
Nov 25 08:20:52 unknown kernel: [12490.136838] martian source 169.254.2.3 from 169.254.2.1, on dev eth7


Here is my NIC configuration:


# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet 127.0.0.2/8 brd 127.255.255.255 scope host secondary lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:25:90:89:9c:f8 brd ff:ff:ff:ff:ff:ff
3: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:25:90:c8:a9:f0 brd ff:ff:ff:ff:ff:ff
4: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:25:90:89:9c:fa brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:25:90:c8:a9:f1 brd ff:ff:ff:ff:ff:ff
6: eth4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:25:90:c8:a9:f2 brd ff:ff:ff:ff:ff:ff
7: eth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:25:90:c8:a9:f3 brd ff:ff:ff:ff:ff:ff
8: eth6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000
link/ether 00:25:90:4c:12:28 brd ff:ff:ff:ff:ff:ff
inet 169.254.2.1/30 brd 169.254.2.3 scope global eth6
9: eth7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:25:90:4c:12:29 brd ff:ff:ff:ff:ff:ff
inet 10.10.26.9/24 brd 10.10.26.255 scope global eth7
inet 169.254.3.1/30 brd 169.254.3.3 scope global eth7
inet6 fe80::225:90ff:fe4c:1229/64 scope link
valid_lft forever preferred_lft forever


And my routing table:


# ip route
default via 10.10.26.1 dev eth7
10.10.26.0/24 via 10.10.26.1 dev eth7
127.0.0.0/8 dev lo scope link
169.254.2.0/30 dev eth6 proto kernel scope link src 169.254.2.1

The log messages indicate that the packets are broadcast packets originating from eth7 which has a 169.254.3.0/30 subnet but not a 169.254.2.0/30 subnet.

Is there anything I can do besides disabling martian logging:
echo 0 > /proc/sys/net/ipv4/conf/all/log_martians