Gratuitous ARP increasing mbufs

Gregor Dreijer gd at bluecubesystems.com
Mon Jun 10 15:29:16 UTC 2013 

Hi,

I am running a system on FreeBSD 9.1-RELEASE.

I have a device on the network which is sending gratuitous ARP messages 
(used by a wireless mesh network for a "bridge-loop avoidance" protocol) 
every 10 seconds. This causes the mbuf clusters to slowly increase on 
FreeBSD, until the maximum is reached, which disables the networking. I 
am running netstat -m to keep track of the mbuf run away / leak.

My understanding is that mbufs are allocated to hold these messages, but 
since they are "replys" they are never used.

I am now using ipfw, to drop all ARP messages with the following rule: 
ipfw add 999 deny layer2 mac-type arp MAC ff:ff:ff:ff:ff:ff 
ac:86:74:02:8a:ff via vte0
It solves the problem. Luckily there are only offending gratuitous ARP 
messages from this MAC address, so I don't loose any ARP messages that I 
would need.

I believe this might be a bug in FreeBSD. Shouldn't these gratuitous ARP 
packets be handled in a more elegant way? The increasing mbufs doesn't 
seem right. A timeout on these mbufs or a maximum number of mbufs that 
can be allocated for this type of packet might solve this problem.

I just wanted to bring this to the developers attention.

Thanks very much,
Greg

The details of the ARP message are as follows (from Wireshark):

No.     Time           Source                Destination Protocol Length 
Info
    2450 4642.007546000 OpenMesh_02:8a:ff     Broadcast ARP      60     
Gratuitous ARP for 0.0.0.0 (Reply)

Frame 2450: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on 
interface 0
Ethernet II, Src: OpenMesh_02:8a:ff (ac:86:74:02:8a:ff), Dst: Broadcast 
(ff:ff:ff:ff:ff:ff)
     Destination: Broadcast (ff:ff:ff:ff:ff:ff)
         Address: Broadcast (ff:ff:ff:ff:ff:ff)
         .... ..1. .... .... .... .... = LG bit: Locally administered 
address (this is NOT the factory default)
         .... ...1 .... .... .... .... = IG bit: Group address 
(multicast/broadcast)
     Source: OpenMesh_02:8a:ff (ac:86:74:02:8a:ff)
         Address: OpenMesh_02:8a:ff (ac:86:74:02:8a:ff)
         .... ..0. .... .... .... .... = LG bit: Globally unique address 
(factory default)
         .... ...0 .... .... .... .... = IG bit: Individual address 
(unicast)
     Type: ARP (0x0806)
     Padding: 000000000000000000000000000000000000
Address Resolution Protocol (reply/gratuitous ARP)
     Hardware type: Ethernet (1)
     Protocol type: IP (0x0800)
     Hardware size: 6
     Protocol size: 4
     Opcode: reply (2)
     [Is gratuitous: True]
     Sender MAC address: 43:05:43:05:00:00 (43:05:43:05:00:00)
     Sender IP address: 0.0.0.0 (0.0.0.0)
     Target MAC address: ff:43:05:02:a2:0c (ff:43:05:02:a2:0c)
     Target IP address: 0.0.0.0 (0.0.0.0)

More information about the freebsd-net mailing list