1ARP(7) Linux Programmer's Manual ARP(7)
2
6 arp - Linux ARP kernel module.
7
9 This kernel protocol module implements the Address Resolution Protocol
10 defined in RFC 826. It is used to convert between Layer2 hardware
11 addresses and IPv4 protocol addresses on directly connected networks.
12 The user normally doesn't interact directly with this module except to
13 configure it; instead it provides a service for other protocols in the
14 kernel.
15 A user process can receive ARP packets by using packet(7) sockets.
17 There is also a mechanism for managing the ARP cache in user-space by
18 using netlink(7) sockets. The ARP table can also be controlled via
19 ioctl(2) on any AF_INET socket.
20 The ARP module maintains a cache of mappings between hardware addresses
22 and protocol addresses. The cache has a limited size so old and less
23 frequently used entries are garbage-collected. Entries which are
24 marked as permanent are never deleted by the garbage-collector. The
25 cache can be directly manipulated by the use of ioctls and its behavior
26 can be tuned by the /proc interfaces described below.
27 When there is no positive feedback for an existing mapping after some
29 time (see the /proc interfaces below), a neighbor cache entry is con‐
30 sidered stale. Positive feedback can be gotten from a higher layer;
31 for example from a successful TCP ACK. Other protocols can signal for‐
32 ward progress using the MSG_CONFIRM flag to sendmsg(2). When there is
33 no forward progress, ARP tries to reprobe. It first tries to ask a
34 local arp daemon app_solicit times for an updated MAC address. If that
35 fails and an old MAC address is known, a unicast probe is sent
36 ucast_solicit times. If that fails too, it will broadcast a new ARP
37 request to the network. Requests are only sent when there is data
38 queued for sending.
39 Linux will automatically add a nonpermanent proxy arp entry when it
41 receives a request for an address it forwards to and proxy arp is
42 enabled on the receiving interface. When there is a reject route for
43 the target, no proxy arp entry is added.
44 Ioctls
46 Three ioctls are available on all AF_INET sockets. They take a pointer
47 to a struct arpreq as their argument.
48 struct arpreq {
50 struct sockaddr arp_pa; /* protocol address */
51 struct sockaddr arp_ha; /* hardware address */
52 int arp_flags; /* flags */
53 struct sockaddr arp_netmask; /* netmask of protocol address */
54 char arp_dev[16];
55 };
56 SIOCSARP, SIOCDARP and SIOCGARP respectively set, delete and get an ARP
58 mapping. Setting and deleting ARP maps are privileged operations and
59 may only be performed by a process with the CAP_NET_ADMIN capability or
60 an effective UID of 0.
61 arp_pa must be an AF_INET socket and arp_ha must have the same type as
63 the device which is specified in arp_dev. arp_dev is a zero-terminated
64 string which names a device.
65 ┌─────────────────────────────────────┐
67 │ arp_flags │
68 ├────────────────┬────────────────────┤
69 │flag │ meaning │
70 ├────────────────┼────────────────────┤
71 │ATF_COM │ Lookup complete │
72 ├────────────────┼────────────────────┤
73 │ATF_PERM │ Permanent entry │
74 ├────────────────┼────────────────────┤
75 │ATF_PUBL │ Publish entry │
76 ├────────────────┼────────────────────┤
77 │ATF_USETRAILERS │ Trailers requested │
78 ├────────────────┼────────────────────┤
79 │ATF_NETMASK │ Use a netmask │
80 ├────────────────┼────────────────────┤
81 │ATF_DONTPUB │ Don't answer │
82 └────────────────┴────────────────────┘
83 If the ATF_NETMASK flag is set, then arp_netmask should be valid.
85 Linux 2.2 does not support proxy network ARP entries, so this should be
86 set to 0xffffffff, or 0 to remove an existing proxy arp entry.
87 ATF_USETRAILERS is obsolete and should not be used.
88 /proc interfaces
90 ARP supports a range of /proc interfaces to configure parameters on a
91 global or per-interface basis. The interfaces can be accessed by read‐
92 ing or writing the /proc/sys/net/ipv4/neigh/*/* files. Each interface
93 in the system has its own directory in /proc/sys/net/ipv4/neigh/. The
94 setting in the "default" directory is used for all newly created
95 devices. Unless otherwise specified, time-related interfaces are spec‐
96 ified in seconds.
97 anycast_delay (since Linux 2.2)
99 The maximum number of jiffies to delay before replying to a IPv6
100 neighbor solicitation message. Anycast support is not yet
101 implemented. Defaults to 1 second.
102 app_solicit (since Linux 2.2)
104 The maximum number of probes to send to the user space ARP dae‐
105 mon via netlink before dropping back to multicast probes (see
106 mcast_solicit). Defaults to 0.
107 base_reachable_time (since Linux 2.2)
109 Once a neighbor has been found, the entry is considered to be
110 valid for at least a random value between base_reachable_time/2
111 and 3*base_reachable_time/2. An entry's validity will be
112 extended if it receives positive feedback from higher level pro‐
113 tocols. Defaults to 30 seconds. This file is now obsolete in
114 favor of base_reachable_time_ms.
115 base_reachable_time_ms (since Linux 2.6.12)
117 As for base_reachable_time, but measures time in milliseconds.
118 Defaults to 30000 milliseconds.
119 delay_first_probe_time (since Linux 2.2)
121 Delay before first probe after it has been decided that a neigh‐
122 bor is stale. Defaults to 5 seconds.
123 gc_interval (since Linux 2.2)
125 How frequently the garbage collector for neighbor entries should
126 attempt to run. Defaults to 30 seconds.
127 gc_stale_time (since Linux 2.2)
129 Determines how often to check for stale neighbor entries. When
130 a neighbor entry is considered stale, it is resolved again
131 before sending data to it. Defaults to 60 seconds.
132 gc_thresh1 (since Linux 2.2)
134 The minimum number of entries to keep in the ARP cache. The
135 garbage collector will not run if there are fewer than this num‐
136 ber of entries in the cache. Defaults to 128.
137 gc_thresh2 (since Linux 2.2)
139 The soft maximum number of entries to keep in the ARP cache.
140 The garbage collector will allow the number of entries to exceed
141 this for 5 seconds before collection will be performed.
142 Defaults to 512.
143 gc_thresh3 (since Linux 2.2)
145 The hard maximum number of entries to keep in the ARP cache.
146 The garbage collector will always run if there are more than
147 this number of entries in the cache. Defaults to 1024.
148 locktime (since Linux 2.2)
150 The minimum number of jiffies to keep an ARP entry in the cache.
151 This prevents ARP cache thrashing if there is more than one
152 potential mapping (generally due to network misconfiguration).
153 Defaults to 1 second.
154 mcast_solicit (since Linux 2.2)
156 The maximum number of attempts to resolve an address by multi‐
157 cast/broadcast before marking the entry as unreachable.
158 Defaults to 3.
159 proxy_delay (since Linux 2.2)
161 When an ARP request for a known proxy-ARP address is received,
162 delay up to proxy_delay jiffies before replying. This is used
163 to prevent network flooding in some cases. Defaults to 0.8 sec‐
164 onds.
165 proxy_qlen (since Linux 2.2)
167 The maximum number of packets which may be queued to proxy-ARP
168 addresses. Defaults to 64.
169 retrans_time (since Linux 2.2)
171 The number of jiffies to delay before retransmitting a request.
172 Defaults to 1 second. This file is now obsolete in favor of
173 retrans_time_ms.
174 retrans_time_ms (since Linux 2.6.12)
176 The number of milliseconds to delay before retransmitting a
177 request. Defaults to 1000 milliseconds.
178 ucast_solicit (since Linux 2.2)
180 The maximum number of attempts to send unicast probes before
181 asking the ARP daemon (see app_solicit). Defaults to 3.
182 unres_qlen (since Linux 2.2)
184 The maximum number of packets which may be queued for each unre‐
185 solved address by other network layers. Defaults to 3.
186
188 The struct arpreq changed in Linux 2.0 to include the arp_dev member
189 and the ioctl numbers changed at the same time. Support for the old
190 ioctls was dropped in Linux 2.2.
191 Support for proxy arp entries for networks (netmask not equal
193 0xffffffff) was dropped in Linux 2.2. It is replaced by automatic
194 proxy arp setup by the kernel for all reachable hosts on other inter‐
195 faces (when forwarding and proxy arp is enabled for the interface).
196 The neigh/* interfaces did not exist before Linux 2.2.
198
200 Some timer settings are specified in jiffies, which is architecture-
201 and kernel version-dependent; see time(7).
202 There is no way to signal positive feedback from user space. This
204 means connection-oriented protocols implemented in user space will gen‐
205 erate excessive ARP traffic, because ndisc will regularly reprobe the
206 MAC address. The same problem applies for some kernel protocols (e.g.,
207 NFS over UDP).
208 This man page mashes IPv4 specific and shared between IPv4 and IPv6
210 functionality together.
211
213 capabilities(7), ip(7)
214 RFC 826 for a description of ARP.
216 RFC 2461 for a description of IPv6 neighbor discovery and the base
217 algorithms used.
218 Linux 2.2+ IPv4 ARP uses the IPv6 algorithms when applicable.
220
222 This page is part of release 3.25 of the Linux man-pages project. A
223 description of the project, and information about reporting bugs, can
224 be found at http://www.kernel.org/doc/man-pages/.
225Linux 2008-11-25 ARP(7)