NAME¶
farpd —
ARP reply daemon
SYNOPSIS¶
farpd |
[-d]
[-i
interface]
[net ...] |
DESCRIPTION¶
farpd replies to any ARP request for an IP address matching
the specified destination
net with the hardware MAC
address of the specified
interface, but only after
determining if another host already claims it.
Any IP address claimed by
farpd is eventually forgotten after
a period of inactivity or after a hard timeout, and is relinquished if the
real owner shows up.
This enables a single host to claim all unassigned addresses on a LAN for
network monitoring or simulation.
farpd exits on an interrupt or termination signal.
Note: The program name
farpd has been changed in Debian
GNU/Linux from the original name (
arpd) to avoid name clash with other
ARP daemons.
The options are as follows:
- -d
- Do not daemonize, and enable verbose debugging
messages.
- -i
interface
- Listen on interface. If unspecified,
farpd searches the system interface list for the lowest
numbered, configured ``up'' interface (excluding loopback).
- net
- The IP address or network (specified in CIDR notation) or
IP address ranges to claim (e.g. ``10.0.0.3'', ``10.0.0.0/16'' or
``10.0.0.5-10.0.0.15''). If unspecified, farpd will
attempt to claim any IP address it sees an ARP request for. Mutiple
addresses may be specified.
FILES¶
- /var/run/farpd.pid
-
SEE ALSO¶
pcapd(8),
synackd(8)
BUGS¶
farpd will respond too slowly to ARP requests for some
applications. In order to ensure that it does not claim existing IP addresses
it will send two ARP request and wait for a reply. This slowness affects the
nmap network scanning tool, and possibly others, which uses by default
ARP when scanning local networks. The answers from
farpd
will come after the tool has timeout waiting for the ARP replies and,
consequently, IP addresses claimed by
farpd will not be
discovered.
Additionally,
farpd sends the ARP replies to the broadcast
address of the network and not to the host that send the ARP request. Some
systems and applications (notably
nmap) will not handled these requests
and expect directed ARP replies (i.e. targeted specifically to the host that
sent the request and not to the network)
AUTHORS¶
Dug Song ⟨dugsong@monkey.org⟩, Niels Provos
⟨provos@citi.umich.edu⟩