1ARP(7) Linux Programmer's Manual ARP(7)
2
3
4
6 arp - Linux ARP kernel module.
7
9 This kernel protocol module implements the Address Resolution Protocol
10 defined in RFC 826. It is used to convert between Layer2 hardware ad‐
11 dresses and IPv4 protocol addresses on directly connected networks.
12 The user normally doesn't interact directly with this module except to
13 configure it; instead it provides a service for other protocols in the
14 kernel.
15
16 A user process can receive ARP packets by using packet(7) sockets.
17 There is also a mechanism for managing the ARP cache in user-space by
18 using netlink(7) sockets. The ARP table can also be controlled via
19 ioctl(2) on any AF_INET socket.
20
21 The ARP module maintains a cache of mappings between hardware addresses
22 and protocol addresses. The cache has a limited size so old and less
23 frequently used entries are garbage-collected. Entries which are
24 marked as permanent are never deleted by the garbage-collector. The
25 cache can be directly manipulated by the use of ioctls and its behavior
26 can be tuned by the /proc interfaces described below.
27
28 When there is no positive feedback for an existing mapping after some
29 time (see the /proc interfaces below), a neighbor cache entry is con‐
30 sidered stale. Positive feedback can be gotten from a higher layer;
31 for example from a successful TCP ACK. Other protocols can signal for‐
32 ward progress using the MSG_CONFIRM flag to sendmsg(2). When there is
33 no forward progress, ARP tries to reprobe. It first tries to ask a lo‐
34 cal arp daemon app_solicit times for an updated MAC address. If that
35 fails and an old MAC address is known, a unicast probe is sent
36 ucast_solicit times. If that fails too, it will broadcast a new ARP
37 request to the network. Requests are sent only when there is data
38 queued for sending.
39
40 Linux will automatically add a nonpermanent proxy arp entry when it re‐
41 ceives a request for an address it forwards to and proxy arp is enabled
42 on the receiving interface. When there is a reject route for the tar‐
43 get, no proxy arp entry is added.
44
45 Ioctls
46 Three ioctls are available on all AF_INET sockets. They take a pointer
47 to a struct arpreq as their argument.
48
49 struct arpreq {
50 struct sockaddr arp_pa; /* protocol address */
51 struct sockaddr arp_ha; /* hardware address */
52 int arp_flags; /* flags */
53 struct sockaddr arp_netmask; /* netmask of protocol address */
54 char arp_dev[16];
55 };
56
57 SIOCSARP, SIOCDARP and SIOCGARP respectively set, delete, and get an
58 ARP mapping. Setting and deleting ARP maps are privileged operations
59 and may be performed only by a process with the CAP_NET_ADMIN capabil‐
60 ity or an effective UID of 0.
61
62 arp_pa must be an AF_INET address and arp_ha must have the same type as
63 the device which is specified in arp_dev. arp_dev is a zero-terminated
64 string which names a device.
65
66 ┌─────────────────────────────────────┐
67 │ arp_flags │
68 ├────────────────┬────────────────────┤
69 │flag │ meaning │
70 ├────────────────┼────────────────────┤
71 │ATF_COM │ Lookup complete │
72 ├────────────────┼────────────────────┤
73 │ATF_PERM │ Permanent entry │
74 ├────────────────┼────────────────────┤
75 │ATF_PUBL │ Publish entry │
76 ├────────────────┼────────────────────┤
77 │ATF_USETRAILERS │ Trailers requested │
78 ├────────────────┼────────────────────┤
79 │ATF_NETMASK │ Use a netmask │
80 ├────────────────┼────────────────────┤
81 │ATF_DONTPUB │ Don't answer │
82 └────────────────┴────────────────────┘
83 If the ATF_NETMASK flag is set, then arp_netmask should be valid.
84 Linux 2.2 does not support proxy network ARP entries, so this should be
85 set to 0xffffffff, or 0 to remove an existing proxy arp entry.
86 ATF_USETRAILERS is obsolete and should not be used.
87
88 /proc interfaces
89 ARP supports a range of /proc interfaces to configure parameters on a
90 global or per-interface basis. The interfaces can be accessed by read‐
91 ing or writing the /proc/sys/net/ipv4/neigh/*/* files. Each interface
92 in the system has its own directory in /proc/sys/net/ipv4/neigh/. The
93 setting in the "default" directory is used for all newly created de‐
94 vices. Unless otherwise specified, time-related interfaces are speci‐
95 fied in seconds.
96
97 anycast_delay (since Linux 2.2)
98 The maximum number of jiffies to delay before replying to a IPv6
99 neighbor solicitation message. Anycast support is not yet im‐
100 plemented. Defaults to 1 second.
101
102 app_solicit (since Linux 2.2)
103 The maximum number of probes to send to the user space ARP dae‐
104 mon via netlink before dropping back to multicast probes (see
105 mcast_solicit). Defaults to 0.
106
107 base_reachable_time (since Linux 2.2)
108 Once a neighbor has been found, the entry is considered to be
109 valid for at least a random value between base_reachable_time/2
110 and 3*base_reachable_time/2. An entry's validity will be ex‐
111 tended if it receives positive feedback from higher level proto‐
112 cols. Defaults to 30 seconds. This file is now obsolete in fa‐
113 vor of base_reachable_time_ms.
114
115 base_reachable_time_ms (since Linux 2.6.12)
116 As for base_reachable_time, but measures time in milliseconds.
117 Defaults to 30000 milliseconds.
118
119 delay_first_probe_time (since Linux 2.2)
120 Delay before first probe after it has been decided that a neigh‐
121 bor is stale. Defaults to 5 seconds.
122
123 gc_interval (since Linux 2.2)
124 How frequently the garbage collector for neighbor entries should
125 attempt to run. Defaults to 30 seconds.
126
127 gc_stale_time (since Linux 2.2)
128 Determines how often to check for stale neighbor entries. When
129 a neighbor entry is considered stale, it is resolved again be‐
130 fore sending data to it. Defaults to 60 seconds.
131
132 gc_thresh1 (since Linux 2.2)
133 The minimum number of entries to keep in the ARP cache. The
134 garbage collector will not run if there are fewer than this num‐
135 ber of entries in the cache. Defaults to 128.
136
137 gc_thresh2 (since Linux 2.2)
138 The soft maximum number of entries to keep in the ARP cache.
139 The garbage collector will allow the number of entries to exceed
140 this for 5 seconds before collection will be performed. De‐
141 faults to 512.
142
143 gc_thresh3 (since Linux 2.2)
144 The hard maximum number of entries to keep in the ARP cache.
145 The garbage collector will always run if there are more than
146 this number of entries in the cache. Defaults to 1024.
147
148 locktime (since Linux 2.2)
149 The minimum number of jiffies to keep an ARP entry in the cache.
150 This prevents ARP cache thrashing if there is more than one po‐
151 tential mapping (generally due to network misconfiguration).
152 Defaults to 1 second.
153
154 mcast_solicit (since Linux 2.2)
155 The maximum number of attempts to resolve an address by multi‐
156 cast/broadcast before marking the entry as unreachable. De‐
157 faults to 3.
158
159 proxy_delay (since Linux 2.2)
160 When an ARP request for a known proxy-ARP address is received,
161 delay up to proxy_delay jiffies before replying. This is used
162 to prevent network flooding in some cases. Defaults to 0.8 sec‐
163 onds.
164
165 proxy_qlen (since Linux 2.2)
166 The maximum number of packets which may be queued to proxy-ARP
167 addresses. Defaults to 64.
168
169 retrans_time (since Linux 2.2)
170 The number of jiffies to delay before retransmitting a request.
171 Defaults to 1 second. This file is now obsolete in favor of re‐
172 trans_time_ms.
173
174 retrans_time_ms (since Linux 2.6.12)
175 The number of milliseconds to delay before retransmitting a re‐
176 quest. Defaults to 1000 milliseconds.
177
178 ucast_solicit (since Linux 2.2)
179 The maximum number of attempts to send unicast probes before
180 asking the ARP daemon (see app_solicit). Defaults to 3.
181
182 unres_qlen (since Linux 2.2)
183 The maximum number of packets which may be queued for each unre‐
184 solved address by other network layers. Defaults to 3.
185
187 The struct arpreq changed in Linux 2.0 to include the arp_dev member
188 and the ioctl numbers changed at the same time. Support for the old
189 ioctls was dropped in Linux 2.2.
190
191 Support for proxy arp entries for networks (netmask not equal
192 0xffffffff) was dropped in Linux 2.2. It is replaced by automatic
193 proxy arp setup by the kernel for all reachable hosts on other inter‐
194 faces (when forwarding and proxy arp is enabled for the interface).
195
196 The neigh/* interfaces did not exist before Linux 2.2.
197
199 Some timer settings are specified in jiffies, which is architecture-
200 and kernel version-dependent; see time(7).
201
202 There is no way to signal positive feedback from user space. This
203 means connection-oriented protocols implemented in user space will gen‐
204 erate excessive ARP traffic, because ndisc will regularly reprobe the
205 MAC address. The same problem applies for some kernel protocols (e.g.,
206 NFS over UDP).
207
208 This man page mashes together functionality that is IPv4-specific with
209 functionality that is shared between IPv4 and IPv6.
210
212 capabilities(7), ip(7), arpd(8)
213
214 RFC 826 for a description of ARP. RFC 2461 for a description of IPv6
215 neighbor discovery and the base algorithms used. Linux 2.2+ IPv4 ARP
216 uses the IPv6 algorithms when applicable.
217
219 This page is part of release 5.12 of the Linux man-pages project. A
220 description of the project, information about reporting bugs, and the
221 latest version of this page, can be found at
222 https://www.kernel.org/doc/man-pages/.
223
224
225
226Linux 2020-08-13 ARP(7)