osdl.org!shemminger | aba5acd | 2004-04-15 20:56:59 +0000 | [diff] [blame] | 1 | <!doctype linuxdoc system> |
| 2 | |
| 3 | <article> |
| 4 | |
| 5 | <title>ARPD Daemon |
| 6 | <author>Alexey Kuznetsov, <tt/kuznet@ms2.inr.ac.ru/ |
| 7 | <date>some_negative_number, 20 Sep 2001 |
| 8 | <abstract> |
| 9 | <tt/arpd/ is daemon collecting gratuitous ARP information, saving |
| 10 | it on local disk and feeding it to kernel on demand to avoid |
| 11 | redundant broadcasting due to limited size of kernel ARP cache. |
| 12 | </abstract> |
| 13 | |
| 14 | |
| 15 | <p><bf/Description/ |
| 16 | |
| 17 | <p>The format of the command is: |
| 18 | |
| 19 | <tscreen><verb> |
| 20 | arpd OPTIONS [ INTERFACE [ INTERFACE ... ] ] |
| 21 | </verb></tscreen> |
| 22 | |
| 23 | <p> <tt/OPTIONS/ are: |
| 24 | |
| 25 | <itemize> |
| 26 | |
| 27 | <item><tt/-l/ - dump <tt/arpd/ database to stdout and exit. Output consists |
| 28 | of three columns: interface index, IP address and MAC address. |
| 29 | Negative entries for dead hosts are also shown, in this case MAC address |
| 30 | is replaced by word <tt/FAILED/ followed by colon and time when the fact |
| 31 | that host is dead was proven the last time. |
| 32 | |
| 33 | <item><tt/-f FILE/ - read and load <tt/arpd/ database from <tt/FILE/ |
| 34 | in text format similar dumped by option <tt/-l/. Exit after load, |
| 35 | probably listing resulting database, if option <tt/-l/ is also given. |
| 36 | If <tt/FILE/ is <tt/-/, <tt/stdin/ is read to get ARP table. |
| 37 | |
| 38 | <item><tt/-b DATABASE/ - location of database file. Default location is |
| 39 | <tt>/var/lib/arpd/arpd.db</tt>. |
| 40 | |
| 41 | <item><tt/-a NUMBER/ - <tt/arpd/ not only passively listens ARP on wire, but |
| 42 | also send brodcast queries itself. <tt/NUMBER/ is number of such queries |
| 43 | to make before destination is considered as dead. When <tt/arpd/ is started |
| 44 | as kernel helper (i.e. with <tt/app_solicit/ enabled in <tt/sysctl/ |
| 45 | or even with option <tt/-k/) without this option and still did not learn enough |
| 46 | information, you can observe 1 second gaps in service. Not fatal, but |
| 47 | not good. |
| 48 | |
| 49 | <item><tt/-k/ - suppress sending broadcast queries by kernel. It takes |
| 50 | sense together with option <tt/-a/. |
| 51 | |
| 52 | <item><tt/-n TIME/ - timeout of negative cache. When resolution fails <tt/arpd/ |
| 53 | suppresses further attempts to resolve for this period. It makes sense |
| 54 | only together with option <tt/-k/. This timeout should not be too much |
| 55 | longer than boot time of a typical host not supporting gratuitous ARP. |
| 56 | Default value is 60 seconds. |
| 57 | |
| 58 | <item><tt/-R RATE/ - maximal steady rate of broadcasts sent by <tt/arpd/ |
| 59 | in packets per second. Default value is 1. |
| 60 | |
| 61 | <item><tt/-B NUMBER/ - number of broadcasts sent by <tt/arpd/ back to back. |
| 62 | Default value is 3. Together with option <tt/-R/ this option allows |
| 63 | to police broadcasting not to exceed <tt/B+R*T/ over any interval |
| 64 | of time <tt/T/. |
| 65 | |
| 66 | </itemize> |
| 67 | |
| 68 | <p><tt/INTERFACE/ is name of networking inteface to watch. |
| 69 | If no interfaces given, <tt/arpd/ monitors all the interfaces. |
| 70 | In this case <tt/arpd/ does not adjust <tt/sysctl/ parameters, |
| 71 | it is supposed user does this himself after <tt/arpd/ is started. |
| 72 | |
| 73 | |
| 74 | <p> Signals |
| 75 | |
| 76 | <p> <tt/arpd/ exits gracefully syncing database and restoring adjusted |
| 77 | <tt/sysctl/ parameters, when receives <tt/SIGINT/ or <tt/SIGTERM/. |
| 78 | <tt/SIGHUP/ syncs database to disk. <tt/SIGUSR1/ sends some statistics |
| 79 | to <tt/syslog/. Effect of another signals is undefined, they may corrupt |
| 80 | database and leave <tt/sysctl/ parameters in an unpredictable state. |
| 81 | |
| 82 | <p> Note |
| 83 | |
| 84 | <p> In order to <tt/arpd/ be able to serve as ARP resolver, kernel must be |
| 85 | compiled with the option <tt/CONFIG_ARPD/ and, in the case when interface list |
| 86 | is not given on command line, variable <tt/app_solicit/ |
| 87 | on interfaces of interest should be set in <tt>/proc/sys/net/ipv4/neigh/*</tt>. |
| 88 | If this is not made <tt/arpd/ still collects gratuitous ARP information |
| 89 | in its database. |
| 90 | |
| 91 | <p> Examples |
| 92 | |
| 93 | <enum> |
| 94 | <item> Start <tt/arpd/ to collect gratuitous ARP, but not messing |
| 95 | with kernel functionality: |
| 96 | |
| 97 | <tscreen><verb> |
| 98 | arpd -b /var/tmp/arpd.db |
| 99 | </verb></tscreen> |
| 100 | |
| 101 | <item> Look at result after some time: |
| 102 | |
| 103 | <tscreen><verb> |
| 104 | killall arpd |
| 105 | arpd -l -b /var/tmp/arpd.db |
| 106 | </verb></tscreen> |
| 107 | |
| 108 | <item> To enable kernel helper, leaving leading role to kernel: |
| 109 | |
| 110 | <tscreen><verb> |
| 111 | arpd -b /var/tmp/arpd.db -a 1 eth0 eth1 |
| 112 | </verb></tscreen> |
| 113 | |
| 114 | <item> Completely replace kernel resolution on interfaces <tt/eth0/ |
| 115 | and <tt/eth1/. In this case kernel still does unicast probing to |
| 116 | validate entries, but all the broadcast activity is suppressed |
| 117 | and made under authority of <tt/arpd/: |
| 118 | |
| 119 | <tscreen><verb> |
| 120 | arpd -b /var/tmp/arpd.db -a 3 -k eth0 eth1 |
| 121 | </verb></tscreen> |
| 122 | |
| 123 | This is mode which <tt/arpd/ is supposed to work normally. |
| 124 | It is not default just to prevent occasional enabling of too aggressive |
| 125 | mode occasionally. |
| 126 | |
| 127 | </enum> |
| 128 | |
| 129 | </article> |
| 130 | |