NAME¶
arpd - userspace arp daemon.
SYNOPSIS¶
Usage: arpd [ -lkh? ] [ -a N ] [ -b dbase ] [ -B number ] [ -f file ] [-p
interval ] [ -n time ] [ -R rate ] [ <INTERFACES> ]
DESCRIPTION¶
The
arpd daemon collects gratuitous ARP information, saving it on local
disk and feeding it to the kernel on demand to avoid redundant broadcasting
due to limited size of the kernel ARP cache.
OPTIONS¶
- -h -?
- Print help
- -l
- Dump the arpd database to stdout and exit. The output consists of three
columns: the interface index, the IP address of the interface, and the MAC
address of the interface. Negative entries for dead hosts are also shown,
in this case the MAC address is replaced by the word FAILED followed by a
colon and the most recent time when the fact that the host is dead was
proven.
- -f <FILE>
- Read and load an arpd database from FILE in a text format similar to that
dumped by option -l. Exit after load, possibly listing resulting database,
if option -l is also given. If FILE is -, stdin is read to get the ARP
table.
- -b <DATABASE>
- the location of the database file. The default location is
/var/lib/arpd/arpd.db
- -a <NUMBER>
- With this option, arpd not only passively listens for ARP packets on the
interface, but also sends broadcast queries itself. NUMBER is the number
of such queries to make before a destination is considered dead. When arpd
is started as kernel helper (i.e. with app_solicit enabled in sysctl or
even with option -k) without this option and still did not learn enough
information, you can observe 1 second gaps in service. Not fatal, but not
good.
- -k
- Suppress sending broadcast queries by the kernel. This option only makes
sense together with option -a.
- -n <TIME>
- Specifies the timeout of the negative cache. When resolution fails, arpd
suppresses further attempts to resolve for this period. This option only
makes sense together with option '-k'. This timeout should not be too much
longer than the boot time of a typical host not supporting gratuitous ARP.
Default value is 60 seconds.
- -p <TIME>
- The time to wait in seconds between polling attempts to the kernel ARP
table. TIME may be a floating point number. The default value is 30.
- -R <RATE>
- Maximal steady rate of broadcasts sent by arpd in packets per second.
Default value is 1.
- -B <NUMBER>
- The number of broadcasts sent by arpd back to back. Default value is 3.
Together with the -R option, this option ensures that the number of ARP
queries that are broadcast does not exceed B+R*T over any interval of time
T.
<INTERFACES> is a list of names of networking interfaces to watch. If no
interfaces are given, arpd monitors all the interfaces. In this case arpd does
not adjust sysctl parameters, it is assumed that the user does this himself
after arpd is started.
SIGNALS¶
- When arpd receives a SIGINT or SIGTERM signal, it exits gracefully,
syncing the database and restoring adjusted sysctl parameters. On a SIGHUP
it syncs the database to disk. With SIGUSR1 it sends some statistics to
syslog. The effect of any other signals is undefined. In particular, they
may corrupt the database and leave the sysctl parameters in an unpredictable
state.
NOTE¶
- In order for arpd to be able to serve as ARP resolver, the kernel must be
compiled with the option CONFIG_ARPD and, in the case when interface list in
not given on command line, variable app_solicit on interfaces of interest
should be in /proc/sys/net/ipv4/neigh/*. If this is not made arpd still
collects gratuitous ARP information in its database.
EXAMPLES¶
- arpd -b /var/tmp/arpd.db
- Start arpd to collect gratuitous ARP, but not messing with kernel
functionality.
- killall arpd ; arpd -l -b /var/tmp/arpd.db
- Look at result after some time.
- arpd -b /var/tmp/arpd.db -a 1 eth0 eth1
- Enable kernel helper, leaving leading role to kernel.
- arpd -b /var/tmp/arpd.db -a 3 -k eth0 eth1
- Completely replace kernel resolution on interfaces eth0 and eth1. In this
case the kernel still does unicast probing to validate entries, but all
the broadcast activity is suppressed and made under authority of
arpd.
This is the mode in which arpd normally is supposed to work. It is not the
default to prevent occasional enabling of too aggressive a mode.