Why is eth0 responding to ip-address assigned to ethernet gadget usb0?












1















We configure networking on an embedded Linux system by setting one static IP-Address(169.254.0.1/16=LLA) on an Ethernet-Gadget/usb0 while using DHCP on Ethernet/eth0(192.168./16).



To our surprise the embedded system responds on eth0 to the static ip-address. ifconfig on the embedded linux device shows:



eth0      Link encap:Ethernet  HWaddr <snip>
inet addr:192.168.51.156 Bcast:192.168.55.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
<snip>
usb0 Link encap:Ethernet HWaddr <snip>
inet addr:169.254.0.1 Bcast:169.254.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
<snip>


The routing table on the embedded linux device :



root@my_embedded_system01:~# ip route
default via 192.168.50.30 dev eth0 proto dhcp src 192.168.51.156 metric 1024
169.254.0.0/16 dev usb0 proto kernel scope link src 169.254.0.1 linkdown
192.168.48.0/21 dev eth0 proto kernel scope link src 192.168.51.156
192.168.50.30 dev eth0 proto dhcp scope link src 192.168.51.156 metric 1024


Is there a setting on the embedded device which can change that?










share|improve this question

























  • It responded to which static address? How did you check which way the response was handled?

    – Seth
    Jan 4 at 10:09











  • Multiple of these embedded systems are connected via eth0 in our local network. I connect with ssh 169.254.0.1 to one of these systems. None is connected via USB.

    – ARi
    Jan 4 at 10:13













  • So neither is that particular one connected by USB? Maybe your embedded devices to have routing enabled and for some reason your local workstation has a route for them?

    – Seth
    Jan 4 at 10:27











  • Yes, I dont know how the routing table above would allow that. The ip-address assigned to the Ethernet Gadget is even a local-link address. To my understanding that should not be routed at all.

    – ARi
    Jan 4 at 11:16











  • And a problem only occurs when we connect one embedded system to USB and then try to connect with ssh. On a computer which is also connected to more of our systems via Ethernet the ssh 169.254.0.1 will get arbitrarily the response of any of the connected systems, not necessarily the one connected to USB.

    – ARi
    Jan 4 at 11:18
















1















We configure networking on an embedded Linux system by setting one static IP-Address(169.254.0.1/16=LLA) on an Ethernet-Gadget/usb0 while using DHCP on Ethernet/eth0(192.168./16).



To our surprise the embedded system responds on eth0 to the static ip-address. ifconfig on the embedded linux device shows:



eth0      Link encap:Ethernet  HWaddr <snip>
inet addr:192.168.51.156 Bcast:192.168.55.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
<snip>
usb0 Link encap:Ethernet HWaddr <snip>
inet addr:169.254.0.1 Bcast:169.254.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
<snip>


The routing table on the embedded linux device :



root@my_embedded_system01:~# ip route
default via 192.168.50.30 dev eth0 proto dhcp src 192.168.51.156 metric 1024
169.254.0.0/16 dev usb0 proto kernel scope link src 169.254.0.1 linkdown
192.168.48.0/21 dev eth0 proto kernel scope link src 192.168.51.156
192.168.50.30 dev eth0 proto dhcp scope link src 192.168.51.156 metric 1024


Is there a setting on the embedded device which can change that?










share|improve this question

























  • It responded to which static address? How did you check which way the response was handled?

    – Seth
    Jan 4 at 10:09











  • Multiple of these embedded systems are connected via eth0 in our local network. I connect with ssh 169.254.0.1 to one of these systems. None is connected via USB.

    – ARi
    Jan 4 at 10:13













  • So neither is that particular one connected by USB? Maybe your embedded devices to have routing enabled and for some reason your local workstation has a route for them?

    – Seth
    Jan 4 at 10:27











  • Yes, I dont know how the routing table above would allow that. The ip-address assigned to the Ethernet Gadget is even a local-link address. To my understanding that should not be routed at all.

    – ARi
    Jan 4 at 11:16











  • And a problem only occurs when we connect one embedded system to USB and then try to connect with ssh. On a computer which is also connected to more of our systems via Ethernet the ssh 169.254.0.1 will get arbitrarily the response of any of the connected systems, not necessarily the one connected to USB.

    – ARi
    Jan 4 at 11:18














1












1








1


1






We configure networking on an embedded Linux system by setting one static IP-Address(169.254.0.1/16=LLA) on an Ethernet-Gadget/usb0 while using DHCP on Ethernet/eth0(192.168./16).



To our surprise the embedded system responds on eth0 to the static ip-address. ifconfig on the embedded linux device shows:



eth0      Link encap:Ethernet  HWaddr <snip>
inet addr:192.168.51.156 Bcast:192.168.55.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
<snip>
usb0 Link encap:Ethernet HWaddr <snip>
inet addr:169.254.0.1 Bcast:169.254.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
<snip>


The routing table on the embedded linux device :



root@my_embedded_system01:~# ip route
default via 192.168.50.30 dev eth0 proto dhcp src 192.168.51.156 metric 1024
169.254.0.0/16 dev usb0 proto kernel scope link src 169.254.0.1 linkdown
192.168.48.0/21 dev eth0 proto kernel scope link src 192.168.51.156
192.168.50.30 dev eth0 proto dhcp scope link src 192.168.51.156 metric 1024


Is there a setting on the embedded device which can change that?










share|improve this question
















We configure networking on an embedded Linux system by setting one static IP-Address(169.254.0.1/16=LLA) on an Ethernet-Gadget/usb0 while using DHCP on Ethernet/eth0(192.168./16).



To our surprise the embedded system responds on eth0 to the static ip-address. ifconfig on the embedded linux device shows:



eth0      Link encap:Ethernet  HWaddr <snip>
inet addr:192.168.51.156 Bcast:192.168.55.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
<snip>
usb0 Link encap:Ethernet HWaddr <snip>
inet addr:169.254.0.1 Bcast:169.254.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
<snip>


The routing table on the embedded linux device :



root@my_embedded_system01:~# ip route
default via 192.168.50.30 dev eth0 proto dhcp src 192.168.51.156 metric 1024
169.254.0.0/16 dev usb0 proto kernel scope link src 169.254.0.1 linkdown
192.168.48.0/21 dev eth0 proto kernel scope link src 192.168.51.156
192.168.50.30 dev eth0 proto dhcp scope link src 192.168.51.156 metric 1024


Is there a setting on the embedded device which can change that?







linux networking routing ip-address routing-table






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 4 at 10:07









Seth

6,08811128




6,08811128










asked Jan 3 at 15:57









ARiARi

62




62













  • It responded to which static address? How did you check which way the response was handled?

    – Seth
    Jan 4 at 10:09











  • Multiple of these embedded systems are connected via eth0 in our local network. I connect with ssh 169.254.0.1 to one of these systems. None is connected via USB.

    – ARi
    Jan 4 at 10:13













  • So neither is that particular one connected by USB? Maybe your embedded devices to have routing enabled and for some reason your local workstation has a route for them?

    – Seth
    Jan 4 at 10:27











  • Yes, I dont know how the routing table above would allow that. The ip-address assigned to the Ethernet Gadget is even a local-link address. To my understanding that should not be routed at all.

    – ARi
    Jan 4 at 11:16











  • And a problem only occurs when we connect one embedded system to USB and then try to connect with ssh. On a computer which is also connected to more of our systems via Ethernet the ssh 169.254.0.1 will get arbitrarily the response of any of the connected systems, not necessarily the one connected to USB.

    – ARi
    Jan 4 at 11:18



















  • It responded to which static address? How did you check which way the response was handled?

    – Seth
    Jan 4 at 10:09











  • Multiple of these embedded systems are connected via eth0 in our local network. I connect with ssh 169.254.0.1 to one of these systems. None is connected via USB.

    – ARi
    Jan 4 at 10:13













  • So neither is that particular one connected by USB? Maybe your embedded devices to have routing enabled and for some reason your local workstation has a route for them?

    – Seth
    Jan 4 at 10:27











  • Yes, I dont know how the routing table above would allow that. The ip-address assigned to the Ethernet Gadget is even a local-link address. To my understanding that should not be routed at all.

    – ARi
    Jan 4 at 11:16











  • And a problem only occurs when we connect one embedded system to USB and then try to connect with ssh. On a computer which is also connected to more of our systems via Ethernet the ssh 169.254.0.1 will get arbitrarily the response of any of the connected systems, not necessarily the one connected to USB.

    – ARi
    Jan 4 at 11:18

















It responded to which static address? How did you check which way the response was handled?

– Seth
Jan 4 at 10:09





It responded to which static address? How did you check which way the response was handled?

– Seth
Jan 4 at 10:09













Multiple of these embedded systems are connected via eth0 in our local network. I connect with ssh 169.254.0.1 to one of these systems. None is connected via USB.

– ARi
Jan 4 at 10:13







Multiple of these embedded systems are connected via eth0 in our local network. I connect with ssh 169.254.0.1 to one of these systems. None is connected via USB.

– ARi
Jan 4 at 10:13















So neither is that particular one connected by USB? Maybe your embedded devices to have routing enabled and for some reason your local workstation has a route for them?

– Seth
Jan 4 at 10:27





So neither is that particular one connected by USB? Maybe your embedded devices to have routing enabled and for some reason your local workstation has a route for them?

– Seth
Jan 4 at 10:27













Yes, I dont know how the routing table above would allow that. The ip-address assigned to the Ethernet Gadget is even a local-link address. To my understanding that should not be routed at all.

– ARi
Jan 4 at 11:16





Yes, I dont know how the routing table above would allow that. The ip-address assigned to the Ethernet Gadget is even a local-link address. To my understanding that should not be routed at all.

– ARi
Jan 4 at 11:16













And a problem only occurs when we connect one embedded system to USB and then try to connect with ssh. On a computer which is also connected to more of our systems via Ethernet the ssh 169.254.0.1 will get arbitrarily the response of any of the connected systems, not necessarily the one connected to USB.

– ARi
Jan 4 at 11:18





And a problem only occurs when we connect one embedded system to USB and then try to connect with ssh. On a computer which is also connected to more of our systems via Ethernet the ssh 169.254.0.1 will get arbitrarily the response of any of the connected systems, not necessarily the one connected to USB.

– ARi
Jan 4 at 11:18










1 Answer
1






active

oldest

votes


















0














Use a firewall. One simple iptables rule will block all packets to usb0 address unless they actually enter through usb0:



-d 169.254.0.0/16 ! -i usb0 -j REJECT




Generally, tere are two separate issues here:




  1. Responding to ARP queries for an IP address that belongs to another interface.

  2. Accepting IP packets meant for IP addresses that belong to another interface.


The first part can be avoided easily by changing the net.ipv4.conf.all.arp_ignore sysctl to 1. Afaik, it defaults to 0 because on some operating systems, in IPv4, the addresses are considered to belong to the entire host instead of specific interfaces (weak host model), though it's a bit strange.



The second part (accepting IP packets through any interface) is normal for multi-network (multihomed) hosts. To prevent it, use firewall rules. Both iptables and nft support checking the inbound interface.






share|improve this answer
























  • 1. is no problem. For 2.: The embedded system has no iptables2 installed yet. Is there a way to have the tables set-up with "ip route" or "route"?

    – ARi
    Jan 7 at 13:43













Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1390224%2fwhy-is-eth0-responding-to-ip-address-assigned-to-ethernet-gadget-usb0%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














Use a firewall. One simple iptables rule will block all packets to usb0 address unless they actually enter through usb0:



-d 169.254.0.0/16 ! -i usb0 -j REJECT




Generally, tere are two separate issues here:




  1. Responding to ARP queries for an IP address that belongs to another interface.

  2. Accepting IP packets meant for IP addresses that belong to another interface.


The first part can be avoided easily by changing the net.ipv4.conf.all.arp_ignore sysctl to 1. Afaik, it defaults to 0 because on some operating systems, in IPv4, the addresses are considered to belong to the entire host instead of specific interfaces (weak host model), though it's a bit strange.



The second part (accepting IP packets through any interface) is normal for multi-network (multihomed) hosts. To prevent it, use firewall rules. Both iptables and nft support checking the inbound interface.






share|improve this answer
























  • 1. is no problem. For 2.: The embedded system has no iptables2 installed yet. Is there a way to have the tables set-up with "ip route" or "route"?

    – ARi
    Jan 7 at 13:43


















0














Use a firewall. One simple iptables rule will block all packets to usb0 address unless they actually enter through usb0:



-d 169.254.0.0/16 ! -i usb0 -j REJECT




Generally, tere are two separate issues here:




  1. Responding to ARP queries for an IP address that belongs to another interface.

  2. Accepting IP packets meant for IP addresses that belong to another interface.


The first part can be avoided easily by changing the net.ipv4.conf.all.arp_ignore sysctl to 1. Afaik, it defaults to 0 because on some operating systems, in IPv4, the addresses are considered to belong to the entire host instead of specific interfaces (weak host model), though it's a bit strange.



The second part (accepting IP packets through any interface) is normal for multi-network (multihomed) hosts. To prevent it, use firewall rules. Both iptables and nft support checking the inbound interface.






share|improve this answer
























  • 1. is no problem. For 2.: The embedded system has no iptables2 installed yet. Is there a way to have the tables set-up with "ip route" or "route"?

    – ARi
    Jan 7 at 13:43
















0












0








0







Use a firewall. One simple iptables rule will block all packets to usb0 address unless they actually enter through usb0:



-d 169.254.0.0/16 ! -i usb0 -j REJECT




Generally, tere are two separate issues here:




  1. Responding to ARP queries for an IP address that belongs to another interface.

  2. Accepting IP packets meant for IP addresses that belong to another interface.


The first part can be avoided easily by changing the net.ipv4.conf.all.arp_ignore sysctl to 1. Afaik, it defaults to 0 because on some operating systems, in IPv4, the addresses are considered to belong to the entire host instead of specific interfaces (weak host model), though it's a bit strange.



The second part (accepting IP packets through any interface) is normal for multi-network (multihomed) hosts. To prevent it, use firewall rules. Both iptables and nft support checking the inbound interface.






share|improve this answer













Use a firewall. One simple iptables rule will block all packets to usb0 address unless they actually enter through usb0:



-d 169.254.0.0/16 ! -i usb0 -j REJECT




Generally, tere are two separate issues here:




  1. Responding to ARP queries for an IP address that belongs to another interface.

  2. Accepting IP packets meant for IP addresses that belong to another interface.


The first part can be avoided easily by changing the net.ipv4.conf.all.arp_ignore sysctl to 1. Afaik, it defaults to 0 because on some operating systems, in IPv4, the addresses are considered to belong to the entire host instead of specific interfaces (weak host model), though it's a bit strange.



The second part (accepting IP packets through any interface) is normal for multi-network (multihomed) hosts. To prevent it, use firewall rules. Both iptables and nft support checking the inbound interface.







share|improve this answer












share|improve this answer



share|improve this answer










answered Jan 4 at 21:10









grawitygrawity

234k36495551




234k36495551













  • 1. is no problem. For 2.: The embedded system has no iptables2 installed yet. Is there a way to have the tables set-up with "ip route" or "route"?

    – ARi
    Jan 7 at 13:43





















  • 1. is no problem. For 2.: The embedded system has no iptables2 installed yet. Is there a way to have the tables set-up with "ip route" or "route"?

    – ARi
    Jan 7 at 13:43



















1. is no problem. For 2.: The embedded system has no iptables2 installed yet. Is there a way to have the tables set-up with "ip route" or "route"?

– ARi
Jan 7 at 13:43







1. is no problem. For 2.: The embedded system has no iptables2 installed yet. Is there a way to have the tables set-up with "ip route" or "route"?

– ARi
Jan 7 at 13:43




















draft saved

draft discarded




















































Thanks for contributing an answer to Super User!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1390224%2fwhy-is-eth0-responding-to-ip-address-assigned-to-ethernet-gadget-usb0%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

flock() on closed filehandle LOCK_FILE at /usr/bin/apt-mirror

Mangá

Eduardo VII do Reino Unido