LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/LDP/nag2/x-087-2-iface.verify.arp.html

442 lines
7.8 KiB
HTML
Raw Permalink Blame History

<HTML
><HEAD
><TITLE
>Checking the ARP Tables</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.57"><LINK
REL="HOME"
TITLE="Linux Network Administrators Guide"
HREF="index.html"><LINK
REL="UP"
TITLE="Configuring TCP/IP Networking"
HREF="x-087-2-iface.html"><LINK
REL="PREVIOUS"
TITLE="The netstat Command"
HREF="x-087-2-iface.netstat.html"><LINK
REL="NEXT"
TITLE="Name Service and Resolver Configuration"
HREF="x-087-2-resolv.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Linux Network Administrators Guide</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="x-087-2-iface.netstat.html"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 5. Configuring TCP/IP Networking</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="x-087-2-resolv.html"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="X-087-2-IFACE.VERIFY.ARP"
>5.10. Checking the ARP Tables</A
></H1
><P
>On some occasions, it is useful to view or alter the contents of the
kernel's ARP tables, for example when you suspect a duplicate Internet
address is the cause for some intermittent network problem. The
<B
CLASS="COMMAND"
>arp</B
> tool was made for situations like this. Its
command-line options are:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><PRE
CLASS="SCREEN"
>arp [-v] [-t <TT
CLASS="REPLACEABLE"
><I
>hwtype</I
></TT
>] -a [<TT
CLASS="REPLACEABLE"
><I
>hostname</I
></TT
>]
arp [-v] [-t <TT
CLASS="REPLACEABLE"
><I
>hwtype</I
></TT
>] -s <TT
CLASS="REPLACEABLE"
><I
>hostname</I
></TT
> <TT
CLASS="REPLACEABLE"
><I
>hwaddr</I
></TT
>
arp [-v] -d <TT
CLASS="REPLACEABLE"
><I
>hostname</I
></TT
> [<TT
CLASS="REPLACEABLE"
><I
>hostname</I
></TT
>&#8230;]</PRE
></TD
></TR
></TABLE
></P
><P
>All <TT
CLASS="REPLACEABLE"
><I
>hostname</I
></TT
> arguments may be either symbolic
hostnames or IP addresses in dotted quad notation.</P
><P
>The first invocation displays the ARP entry for the IP address or host
specified, or all hosts known if no <TT
CLASS="REPLACEABLE"
><I
>hostname</I
></TT
> is
given. For example, invoking <B
CLASS="COMMAND"
>arp</B
> on
<SPAN
CLASS="SYSTEMITEM"
>vlager</SPAN
> may yield:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><PRE
CLASS="SCREEN"
># <TT
CLASS="USERINPUT"
><B
>arp -a</B
></TT
>
IP address HW type HW address
172.16.1.3 10Mbps Ethernet 00:00:C0:5A:42:C1
172.16.1.2 10Mbps Ethernet 00:00:C0:90:B3:42
172.16.2.4 10Mbps Ethernet 00:00:C0:04:69:AA</PRE
></TD
></TR
></TABLE
></P
><P
>which shows the Ethernet addresses of
<SPAN
CLASS="SYSTEMITEM"
>vlager</SPAN
>,
<SPAN
CLASS="SYSTEMITEM"
>vstout</SPAN
> and
<SPAN
CLASS="SYSTEMITEM"
>vale</SPAN
>.</P
><P
>You can limit the display to the hardware type specified using the
<TT
CLASS="OPTION"
>&#8211;t</TT
> option. This may be <SPAN
CLASS="SYSTEMITEM"
>ether</SPAN
>, <SPAN
CLASS="SYSTEMITEM"
>ax25</SPAN
>, or <SPAN
CLASS="SYSTEMITEM"
>pronet</SPAN
>, standing for 10 Mbps Ethernet;
AMPR AX.25, and IEEE 802.5 token ring equipment, respectively.</P
><P
>The <TT
CLASS="OPTION"
>&#8211;s</TT
> option is used to permanently add
<TT
CLASS="REPLACEABLE"
><I
>hostname</I
></TT
>'s Ethernet address to the ARP
tables. The <TT
CLASS="REPLACEABLE"
><I
>hwaddr</I
></TT
> argument specifies the
hardware address, which is by default expected to be an Ethernet
address specified as six hexadecimal bytes separated by colons. You
may also set the hardware address for other types of hardware, using
the <TT
CLASS="OPTION"
>&#8211;t</TT
> option.</P
><P
>For some reason, ARP queries for the remote host sometimes fail, for
instance when its ARP driver is buggy or there is another host in the
network that erroneously identifies itself with that host's IP
address; this problem requires you to manually add an IP address to
the ARP table. Hard-wiring IP addresses in the ARP table is also a
(very drastic) measure to protect yourself from hosts on your Ethernet
that pose as someone else.</P
><P
>Invoking <B
CLASS="COMMAND"
>arp</B
> using the <TT
CLASS="OPTION"
>&#8211;d</TT
>
switch deletes all ARP entries relating to the given host. This switch
may be used to force the interface to re-attempt obtaining the
Ethernet address for the IP address in question. This is useful when a
misconfigured system has broadcasted wrong ARP information (of course,
you have to reconfigure the broken host first).</P
><P
>&#13;
The <TT
CLASS="OPTION"
>&#8211;s</TT
> option may also be used to implement
<I
CLASS="EMPHASIS"
>proxy</I
> ARP. This is a special technique through
which a host, say <SPAN
CLASS="SYSTEMITEM"
>gate</SPAN
>, acts
as a gateway to another host named <SPAN
CLASS="SYSTEMITEM"
>fnord</SPAN
> by pretending that both addresses
refer to the same host, namely <SPAN
CLASS="SYSTEMITEM"
>gate</SPAN
>. It does so by publishing an ARP
entry for <SPAN
CLASS="SYSTEMITEM"
>fnord</SPAN
> that points
to its own Ethernet interface. Now when a host sends out an ARP query
for <SPAN
CLASS="SYSTEMITEM"
>fnord</SPAN
>, <SPAN
CLASS="SYSTEMITEM"
>gate</SPAN
> will return a reply containing its
own Ethernet address. The querying host will then send all datagrams
to <SPAN
CLASS="SYSTEMITEM"
>gate</SPAN
>, which dutifully
forwards them to <SPAN
CLASS="SYSTEMITEM"
>fnord</SPAN
>.</P
><P
>These contortions may be necessary when you want to access <SPAN
CLASS="SYSTEMITEM"
>fnord</SPAN
> from a DOS machine with a broken
TCP implementation that doesn't understand routing too well. When you
use proxy ARP, it will appear to the DOS machine as if <SPAN
CLASS="SYSTEMITEM"
>fnord</SPAN
> was on the local subnet, so it
doesn't have to know about how to route through a gateway.</P
><P
>Another useful application of proxy ARP is when one of your hosts acts
as a gateway to some other host only temporarily, for instance,
through a dial-up link. In a previous example, we encountered the
laptop <SPAN
CLASS="SYSTEMITEM"
>vlite</SPAN
>, which was
connected to <SPAN
CLASS="SYSTEMITEM"
>vlager</SPAN
> through a
PLIP link from time to time. Of course, this application will work
only if the address of the host you want to provide proxy ARP for is
on the same IP subnet as your gateway. <SPAN
CLASS="SYSTEMITEM"
>vstout</SPAN
> could proxy ARP for any host on
the Brewery subnet (<SPAN
CLASS="SYSTEMITEM"
>172.16.1.0</SPAN
>), but never for a host on the
Winery subnet (<SPAN
CLASS="SYSTEMITEM"
>172.16.2.0</SPAN
>).</P
><P
>The proper invocation to provide proxy ARP for <SPAN
CLASS="SYSTEMITEM"
>fnord</SPAN
> is given below; of course, the
given Ethernet address must be that of <SPAN
CLASS="SYSTEMITEM"
>gate</SPAN
>:</P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><PRE
CLASS="SCREEN"
># arp -s fnord 00:00:c0:a1:42:e0 pub</PRE
></TD
></TR
></TABLE
></P
><P
>The proxy ARP entry may be removed again by invoking:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><PRE
CLASS="SCREEN"
># arp -d fnord</PRE
></TD
></TR
></TABLE
></P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="x-087-2-iface.netstat.html"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="x-087-2-resolv.html"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>The netstat Command</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="x-087-2-iface.html"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Name Service and Resolver Configuration</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink