0

I'm trying to reach a host on an internal network whose configuration has gotten screwed up, and isn't pulling a DHCP lease as would be expected. I have a host on that network that l'm trying to use as a bridge to the unreachable host so that I don't have to go in and muck around with a reboot/rewiring. My attempt is to run

# arp -s 192.168.0.14 bc:a5:11:00:23:ae
# arp 
...
192.168.0.14          ether   bc:a5:11:00:23:ae   CM                    eth0

So the arp table has the entry, but if I do a tcpdump while running

$ curl --interface eth0 http://192.168.0.14

There are no entries in the pcap file for that address (I'm also not seeing any arp requests from this host).

Checking the ip configuration I see

$ ip addr show  eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:50:56:c0:30:24 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.12/24 brd 192.168.0.255 scope global dmz
       valid_lft forever preferred_lft forever

$ ip route
default via 192.168.0.1 eth0 proto static 
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.12 


$ ip route get 192.168.0.14
192.168.0.14 dev eth0 src 192.168.0.12 uid 500 
    cache

How do I get a debian host to target the MAC address I want it to target? Is there something in ARP that I'm missing?

Elliot
  • 113
  • 5
  • Add the outputs of `ip a`, `ip r`, and `ip route get ` to your question. – Hauke Laging Apr 22 '20 at 16:19
  • included, hopefully the don't obfuscate the issue too much – Elliot Apr 22 '20 at 17:22
  • In general, replacing the first two or three octets of your IPs should be enough. This is no fun to read, and you want people to read it. And who cares about your MAC addresses... However: Does the `curl` call work for any other target in that subnet? Why the `--interface`? – Hauke Laging Apr 23 '20 at 18:38
  • swapped in dummy values fwiw. `curl` works for other targets on the subnet, but they have the advantage of being properly routed on the router itself. `--interface` is _probably_ a bit of overspecification on my part (l usually use it when l need to bypass a vpn's routing tables for some reason). – Elliot Apr 24 '20 at 18:16
  • though, the particular problem has been solved by sending in a person, who didn't need to take public transportation to reach the office, to lay hands upon the host. (l'm still curious if this kind of hand routing of packets is possible though) – Elliot Apr 24 '20 at 18:19
  • There is no ("real") routing involved at all. The target is link-local to the system. – Hauke Laging Apr 27 '20 at 21:40

0 Answers0