veth

ARP proxy going rogue, part 1: the incident

Intro This is a story of “Proxy ARP” going rogue. Writing down that story took more than I expected so it’s split in two different posts. In this first part we explain what proxy ARP is and how it’s used in GRNET Ganeti clusters to provide public IPv4 to guest vms. I’m going to investigate a particular incident where certain hosts caused DOS by hijacking all IPv4 addresses within a VLAN.
Read more