suzanne.soy/man-pages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gh-pages
man-pages/man7/arp.7.html
Suzanne Soy 4c89183f2b Added man pages from my system
2021-03-31 01:06:50 +01:00

426 lines
12 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of ARP</TITLE>
</HEAD><BODY>
<H1>ARP</H1>
Section: Linux Programmer's Manual (7)<BR>Updated: 2017-09-15<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
arp - Linux ARP kernel module.
<A NAME="lbAC">&nbsp;</A>
<H2>DESCRIPTION</H2>
This kernel protocol module implements the Address Resolution
Protocol defined in RFC&nbsp;826.
It is used to convert between Layer2 hardware addresses
and IPv4 protocol addresses on directly connected networks.
The user normally doesn't interact directly with this module except to
configure it;
instead it provides a service for other protocols in the kernel.
<P>
A user process can receive ARP packets by using
<B><A HREF="/cgi-bin/man/man2html?7+packet">packet</A></B>(7)
sockets.
There is also a mechanism for managing the ARP cache
in user-space by using
<B><A HREF="/cgi-bin/man/man2html?7+netlink">netlink</A></B>(7)
sockets.
The ARP table can also be controlled via
<B><A HREF="/cgi-bin/man/man2html?2+ioctl">ioctl</A></B>(2)
on any
<B>AF_INET</B>
socket.
<P>
The ARP module maintains a cache of mappings between hardware addresses
and protocol addresses.
The cache has a limited size so old and less
frequently used entries are garbage-collected.
Entries which are marked
as permanent are never deleted by the garbage-collector.
The cache can
be directly manipulated by the use of ioctls and its behavior can be
tuned by the
<I>/proc</I>
interfaces described below.
<P>
When there is no positive feedback for an existing mapping after some
time (see the
<I>/proc</I>
interfaces below), a neighbor cache entry is considered stale.
Positive feedback can be gotten from a higher layer; for example from
a successful TCP ACK.
Other protocols can signal forward progress
using the
<B>MSG_CONFIRM</B>
flag to
<B><A HREF="/cgi-bin/man/man2html?2+sendmsg">sendmsg</A></B>(2).
When there is no forward progress, ARP tries to reprobe.
It first tries to ask a local arp daemon
<B>app_solicit</B>
times for an updated MAC address.
If that fails and an old MAC address is known, a unicast probe is sent
<B>ucast_solicit</B>
times.
If that fails too, it will broadcast a new ARP
request to the network.
Requests are sent only when there is data queued
for sending.
<P>
Linux will automatically add a nonpermanent proxy arp entry when it
receives a request for an address it forwards to and proxy arp is
enabled on the receiving interface.
When there is a reject route for the target, no proxy arp entry is added.
<A NAME="lbAD">&nbsp;</A>
<H3>Ioctls</H3>
Three ioctls are available on all
<B>AF_INET</B>
sockets.
They take a pointer to a
<I>struct arpreq</I>
as their argument.
<P>
struct arpreq {
<BR>&nbsp;&nbsp;&nbsp;&nbsp;struct&nbsp;sockaddr&nbsp;arp_pa;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/*&nbsp;protocol&nbsp;address&nbsp;*/
<BR>&nbsp;&nbsp;&nbsp;&nbsp;struct&nbsp;sockaddr&nbsp;arp_ha;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/*&nbsp;hardware&nbsp;address&nbsp;*/
<BR>&nbsp;&nbsp;&nbsp;&nbsp;int&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;arp_flags;&nbsp;&nbsp;&nbsp;/*&nbsp;flags&nbsp;*/
<BR>&nbsp;&nbsp;&nbsp;&nbsp;struct&nbsp;sockaddr&nbsp;arp_netmask;&nbsp;/*&nbsp;netmask&nbsp;of&nbsp;protocol&nbsp;address&nbsp;*/
<BR>&nbsp;&nbsp;&nbsp;&nbsp;char&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;arp_dev[16];
};
<P>
<B>SIOCSARP</B>, <B>SIOCDARP</B> and <B>SIOCGARP</B>
respectively set, delete and get an ARP mapping.
Setting and deleting ARP maps are privileged operations and may
be performed only by a process with the
<B>CAP_NET_ADMIN</B>
capability or an effective UID of 0.
<P>
<I>arp_pa</I>
must be an
<B>AF_INET</B>
address and
<I>arp_ha</I>
must have the same type as the device which is specified in
<I>arp_dev</I>.
<I>arp_dev</I>
is a zero-terminated string which names a device.
<DL COMPACT><DT id="1"><DD>
<TABLE BORDER>
<TR VALIGN=top><TD ALIGN=center COLSPAN=2><I>arp_flags</I><BR></TD></TR>
<TR VALIGN=top><TD>flag</TD><TD>meaning<BR></TD></TR>
<TR VALIGN=top><TD>ATF_COM</TD><TD>Lookup complete<BR></TD></TR>
<TR VALIGN=top><TD>ATF_PERM</TD><TD>Permanent entry<BR></TD></TR>
<TR VALIGN=top><TD>ATF_PUBL</TD><TD>Publish entry<BR></TD></TR>
<TR VALIGN=top><TD>ATF_USETRAILERS</TD><TD>Trailers requested<BR></TD></TR>
<TR VALIGN=top><TD>ATF_NETMASK</TD><TD>Use a netmask<BR></TD></TR>
<TR VALIGN=top><TD>ATF_DONTPUB</TD><TD>Don't answer<BR></TD></TR>
</TABLE>
</DL>
<P>
If the
<B>ATF_NETMASK</B>
flag is set, then
<I>arp_netmask</I>
should be valid.
Linux 2.2 does not support proxy network ARP entries, so this
should be set to 0xffffffff, or 0 to remove an existing proxy arp entry.
<B>ATF_USETRAILERS</B>
is obsolete and should not be used.
<A NAME="lbAE">&nbsp;</A>
<H3>/proc interfaces</H3>
ARP supports a range of
<I>/proc</I>
interfaces to configure parameters on a global or per-interface basis.
The interfaces can be accessed by reading or writing the
<I>/proc/sys/net/ipv4/neigh/*/*</I>
files.
Each interface in the system has its own directory in
<I>/proc/sys/net/ipv4/neigh/</I>.
The setting in the &quot;default&quot; directory is used for all newly created
devices.
Unless otherwise specified, time-related interfaces are specified
in seconds.
<DL COMPACT>
<DT id="2"><I>anycast_delay</I> (since Linux 2.2)
<DD>
The maximum number of jiffies to delay before replying to a
IPv6 neighbor solicitation message.
Anycast support is not yet implemented.
Defaults to 1 second.
<DT id="3"><I>app_solicit</I> (since Linux 2.2)
<DD>
The maximum number of probes to send to the user space ARP daemon via
netlink before dropping back to multicast probes (see
<I>mcast_solicit</I>).
Defaults to 0.
<DT id="4"><I>base_reachable_time</I> (since Linux 2.2)
<DD>
Once a neighbor has been found, the entry is considered to be valid
for at least a random value between
<I>base_reachable_time</I>/2 and 3*<I>base_reachable_time</I>/2.
An entry's validity will be extended if it receives positive feedback
from higher level protocols.
Defaults to 30 seconds.
This file is now obsolete in favor of
<I>base_reachable_time_ms</I>.
<DT id="5"><I>base_reachable_time_ms</I> (since Linux 2.6.12)
<DD>
As for
<I>base_reachable_time</I>,
but measures time in milliseconds.
Defaults to 30000 milliseconds.
<DT id="6"><I>delay_first_probe_time</I> (since Linux 2.2)
<DD>
Delay before first probe after it has been decided that a neighbor
is stale.
Defaults to 5 seconds.
<DT id="7"><I>gc_interval</I> (since Linux 2.2)
<DD>
How frequently the garbage collector for neighbor entries
should attempt to run.
Defaults to 30 seconds.
<DT id="8"><I>gc_stale_time</I> (since Linux 2.2)
<DD>
Determines how often to check for stale neighbor entries.
When a neighbor entry is considered stale, it is resolved again before
sending data to it.
Defaults to 60 seconds.
<DT id="9"><I>gc_thresh1</I> (since Linux 2.2)
<DD>
The minimum number of entries to keep in the ARP cache.
The garbage collector will not run if there are fewer than
this number of entries in the cache.
Defaults to 128.
<DT id="10"><I>gc_thresh2</I> (since Linux 2.2)
<DD>
The soft maximum number of entries to keep in the ARP cache.
The garbage collector will allow the number of entries to exceed
this for 5 seconds before collection will be performed.
Defaults to 512.
<DT id="11"><I>gc_thresh3</I> (since Linux 2.2)
<DD>
The hard maximum number of entries to keep in the ARP cache.
The garbage collector will always run if there are more than
this number of entries in the cache.
Defaults to 1024.
<DT id="12"><I>locktime</I> (since Linux 2.2)
<DD>
The minimum number of jiffies to keep an ARP entry in the cache.
This prevents ARP cache thrashing if there is more than one potential
mapping (generally due to network misconfiguration).
Defaults to 1 second.
<DT id="13"><I>mcast_solicit</I> (since Linux 2.2)
<DD>
The maximum number of attempts to resolve an address by
multicast/broadcast before marking the entry as unreachable.
Defaults to 3.
<DT id="14"><I>proxy_delay</I> (since Linux 2.2)
<DD>
When an ARP request for a known proxy-ARP address is received, delay up to
<I>proxy_delay</I>
jiffies before replying.
This is used to prevent network flooding in some cases.
Defaults to 0.8 seconds.
<DT id="15"><I>proxy_qlen</I> (since Linux 2.2)
<DD>
The maximum number of packets which may be queued to proxy-ARP addresses.
Defaults to 64.
<DT id="16"><I>retrans_time</I> (since Linux 2.2)
<DD>
The number of jiffies to delay before retransmitting a request.
Defaults to 1 second.
This file is now obsolete in favor of
<I>retrans_time_ms</I>.
<DT id="17"><I>retrans_time_ms</I> (since Linux 2.6.12)
<DD>
The number of milliseconds to delay before retransmitting a request.
Defaults to 1000 milliseconds.
<DT id="18"><I>ucast_solicit</I> (since Linux 2.2)
<DD>
The maximum number of attempts to send unicast probes before asking
the ARP daemon (see
<I>app_solicit</I>).
Defaults to 3.
<DT id="19"><I>unres_qlen</I> (since Linux 2.2)
<DD>
The maximum number of packets which may be queued for each unresolved
address by other network layers.
Defaults to 3.
</DL>
<A NAME="lbAF">&nbsp;</A>
<H2>VERSIONS</H2>
The
<I>struct arpreq</I>
changed in Linux 2.0 to include the
<I>arp_dev</I>
member and the ioctl numbers changed at the same time.
Support for the old ioctls was dropped in Linux 2.2.
<P>
Support for proxy arp entries for networks (netmask not equal 0xffffffff)
was dropped in Linux 2.2.
It is replaced by automatic proxy arp setup by
the kernel for all reachable hosts on other interfaces (when
forwarding and proxy arp is enabled for the interface).
<P>
The
<I>neigh/*</I>
interfaces did not exist before Linux 2.2.
<A NAME="lbAG">&nbsp;</A>
<H2>BUGS</H2>
Some timer settings are specified in jiffies, which is architecture-
and kernel version-dependent; see
<B><A HREF="/cgi-bin/man/man2html?7+time">time</A></B>(7).
<P>
There is no way to signal positive feedback from user space.
This means connection-oriented protocols implemented in user space
will generate excessive ARP traffic, because ndisc will regularly
reprobe the MAC address.
The same problem applies for some kernel protocols (e.g., NFS over UDP).
<P>
This man page mashes together functionality that is IPv4-specific
with functionality that is shared between IPv4 and IPv6.
<A NAME="lbAH">&nbsp;</A>
<H2>SEE ALSO</H2>
<B><A HREF="/cgi-bin/man/man2html?7+capabilities">capabilities</A></B>(7),
<B><A HREF="/cgi-bin/man/man2html?7+ip">ip</A></B>(7),
<B><A HREF="/cgi-bin/man/man2html?8+arpd">arpd</A></B>(8)
<P>
RFC&nbsp;826 for a description of ARP.
RFC&nbsp;2461 for a description of IPv6 neighbor discovery and the base
algorithms used.
Linux 2.2+ IPv4 ARP uses the IPv6 algorithms when applicable.
<A NAME="lbAI">&nbsp;</A>
<H2>COLOPHON</H2>
This page is part of release 5.05 of the Linux
<I>man-pages</I>
project.
A description of the project,
information about reporting bugs,
and the latest version of this page,
can be found at
<A HREF="https://www.kernel.org/doc/man-pages/.">https://www.kernel.org/doc/man-pages/.</A>
<P>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="20"><A HREF="#lbAB">NAME</A><DD>
<DT id="21"><A HREF="#lbAC">DESCRIPTION</A><DD>
<DL>
<DT id="22"><A HREF="#lbAD">Ioctls</A><DD>
<DT id="23"><A HREF="#lbAE">/proc interfaces</A><DD>
</DL>
<DT id="24"><A HREF="#lbAF">VERSIONS</A><DD>
<DT id="25"><A HREF="#lbAG">BUGS</A><DD>
<DT id="26"><A HREF="#lbAH">SEE ALSO</A><DD>
<DT id="27"><A HREF="#lbAI">COLOPHON</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:06:07 GMT, March 31, 2021
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink