Home | History | Annotate | Download | only in doc 
      1 <!doctype linuxdoc system>
      2 
      3 <article>
      4 
      5 <title>ARPD Daemon
      6 <author>Alexey Kuznetsov, <tt/kuznet@ms2.inr.ac.ru/
      7 <date>some_negative_number, 20 Sep 2001
      8 <abstract>
      9 <tt/arpd/ is daemon collecting gratuitous ARP information, saving
     10 it on local disk and feeding it to kernel on demand to avoid
     11 redundant broadcasting due to limited size of kernel ARP cache. 
     12 </abstract>
     13 
     14 
     15 <p><bf/Description/
     16 
     17 <p>The format of the command is:
     18 
     19 <tscreen><verb>
     20        arpd OPTIONS [ INTERFACE [ INTERFACE ... ] ]
     21 </verb></tscreen>
     22 
     23 <p> <tt/OPTIONS/ are:
     24 
     25 <itemize>
     26 
     27 <item><tt/-l/ - dump <tt/arpd/ database to stdout and exit. Output consists
     28 of three columns: interface index, IP address and MAC address.
     29 Negative entries for dead hosts are also shown, in this case MAC address
     30 is replaced by word <tt/FAILED/ followed by colon and time when the fact
     31 that host is dead was proven the last time.
     32 
     33 <item><tt/-f FILE/  - read and load <tt/arpd/ database from <tt/FILE/
     34 in text format similar dumped by option <tt/-l/. Exit after load,
     35 probably listing resulting database, if option <tt/-l/ is also given.
     36 If <tt/FILE/ is <tt/-/, <tt/stdin/ is read to get ARP table.
     37  
     38 <item><tt/-b DATABASE/  - location of database file. Default location is
     39 <tt>/var/lib/arpd/arpd.db</tt>.
     40 
     41 <item><tt/-a NUMBER/ - <tt/arpd/ not only passively listens ARP on wire, but
     42 also send brodcast queries itself. <tt/NUMBER/ is number of such queries
     43 to make before destination is considered as dead. When <tt/arpd/ is started
     44 as kernel helper (i.e. with <tt/app_solicit/ enabled in <tt/sysctl/
     45 or even with option <tt/-k/) without this option and still did not learn enough
     46 information, you can observe 1 second gaps in service. Not fatal, but
     47 not good.
     48 
     49 <item><tt/-k/ - suppress sending broadcast queries by kernel. It takes
     50 sense together with option <tt/-a/.
     51 
     52 <item><tt/-n TIME/ - timeout of negative cache. When resolution fails <tt/arpd/
     53 suppresses further attempts to resolve for this period. It makes sense
     54 only together with option <tt/-k/. This timeout should not be too much
     55 longer than boot time of a typical host not supporting gratuitous ARP.
     56 Default value is 60 seconds.
     57 
     58 <item><tt/-R RATE/ - maximal steady rate of broadcasts sent by <tt/arpd/
     59 in packets per second. Default value is 1.
     60 
     61 <item><tt/-B NUMBER/ - number of broadcasts sent by <tt/arpd/ back to back.
     62 Default value is 3. Together with option <tt/-R/ this option allows
     63 to police broadcasting not to exceed <tt/B+R*T/ over any interval
     64 of time <tt/T/.
     65 
     66 </itemize>
     67 
     68 <p><tt/INTERFACE/ is name of networking inteface to watch.
     69 If no interfaces given, <tt/arpd/ monitors all the interfaces.
     70 In this case <tt/arpd/ does not adjust <tt/sysctl/ parameters,
     71 it is supposed user does this himself after <tt/arpd/ is started.
     72 
     73 
     74 <p> Signals
     75 
     76 <p> <tt/arpd/ exits gracefully syncing database and restoring adjusted
     77 <tt/sysctl/ parameters, when receives <tt/SIGINT/ or <tt/SIGTERM/.
     78 <tt/SIGHUP/ syncs database to disk. <tt/SIGUSR1/ sends some statistics
     79 to <tt/syslog/. Effect of another signals is undefined, they may corrupt
     80 database and leave <tt/sysctl/ parameters in an unpredictable state.
     81 
     82 <p> Note
     83 
     84 <p> In order to <tt/arpd/ be able to serve as ARP resolver, kernel must be
     85 compiled with the option <tt/CONFIG_ARPD/ and, in the case when interface list
     86 is not given on command line, variable <tt/app_solicit/
     87 on interfaces of interest should be set in <tt>/proc/sys/net/ipv4/neigh/*</tt>.
     88 If this is not made <tt/arpd/ still collects gratuitous ARP information
     89 in its database.
     90 
     91 <p> Examples
     92 
     93 <enum>
     94 <item> Start <tt/arpd/ to collect gratuitous ARP, but not messing
     95 with kernel functionality:
     96 
     97 <tscreen><verb>
     98    arpd -b /var/tmp/arpd.db
     99 </verb></tscreen>
    100 
    101 <item> Look at result after some time:
    102 
    103 <tscreen><verb>
    104    killall arpd
    105    arpd -l -b /var/tmp/arpd.db
    106 </verb></tscreen>
    107 
    108 <item> To enable kernel helper, leaving leading role to kernel:
    109 
    110 <tscreen><verb>
    111    arpd -b /var/tmp/arpd.db -a 1 eth0 eth1
    112 </verb></tscreen>
    113 
    114 <item> Completely replace kernel resolution on interfaces <tt/eth0/
    115 and <tt/eth1/. In this case kernel still does unicast probing to
    116 validate entries, but all the broadcast activity is suppressed
    117 and made under authority of <tt/arpd/: 
    118 
    119 <tscreen><verb>
    120    arpd -b /var/tmp/arpd.db -a 3 -k eth0 eth1
    121 </verb></tscreen>
    122 
    123 This is mode which <tt/arpd/ is supposed to work normally.
    124 It is not default just to prevent occasional enabling of too aggressive
    125 mode occasionally.
    126 
    127 </enum>
    128 
    129 </article>
    130 
    131