manipulates or displays the kernel's IPv4 network neighbour cache. It can add
entries to the table, delete one or display the current content.
stands for Address Resolution Protocol, which is used to find the media
access control address of a network neighbour for a given IPv4 Address.
with no mode specifier will print the current content of the table. It is
possible to limit the number of entries printed, by specifying an hardware
address type, interface name or host address.
will delete a ARP table entry. Root or netadmin priveledge is required to do
this. The entry is found by IP address. If a hostname is given, it will be
resolved before looking up the entry in the ARP table.
arp -saddress hw_addr
is used to set up a new table entry. The format of the
parameter is dependent on the hardware class, but for most classes one can
assume that the usual presentation can be used. For the Ethernet class,
this is 6 bytes in hexadecimal, separated by colons. When adding proxy arp
entries (that is those with the
flag set a
may be specified to proxy arp for entire subnets. This is not good
practice, but is supported by older kernels because it can be
useful. If the
flag is not supplied entries will be permanent stored into the ARP
cache. To simplyfy setting up entries for one of your own network interfaces, you can use the
arp -Dsaddress ifname
form. In that case the hardware address is taken from the interface with the
Tell the user what is going on by being verbose.
shows numerical addresses instead of trying to determine symbolic host, port
or user names.
-H type, --hw-type type
When setting or reading the ARP cache, this optional parameter tells
which class of entries it should check for. The default value of
this parameter is
(i.e. hardware code 0x01 for IEEE 802.3 10Mbps Ethernet).
Other values might include network technologies such as
Use alternate BSD style output format (with no fixed columns).
Instead of a hw_addr, the given argument is the name of an interface.
will use the MAC address of that interface for the table entry. This is usually the best option to set up a proxy ARP entry to yourself.
-i If, --device If
Select an interface. When dumping the ARP cache only entries matching
the specified interface will be printed. When setting a permanent or
ARP entry this interface will be associated with the entry; if this
option is not used, the kernel will guess based on the routing
entries the specified interface is the interface on which ARP requests will
This has to be different from the interface to which the IP
datagrams will be routed.
As of kernel 2.2.0 it is no longer possible to set an ARP entry for an
entire subnet. Linux instead does automagic proxy arp when a route
exists and it is forwarding. See
for details. Also the
option which is available for delete and set operations cannot be
used with 2.4 and newer kernels.
-f filename, --file filename
Similar to the
option, only this time the address info is taken from file
This can be used if ARP entries for a lot of hosts have to be
set up. The name of the data file is very often
but this is not official. If no filename is specified /etc/ethers
is used as default.
The format of the file is simple; it
only contains ASCII text lines with a hostname, and a hardware
address separated by whitespace. Additionally the
pub, temp and netmask
flags can be used.
In all places where a
is expected, one can also enter an
in dotted-decimal notation.
As a special case for compatibility the order of the hostname and
the hardware address can be exchanged.
Each complete entry in the ARP cache will be marked with the
flag. Permanent entries are marked with
and published entries have the
/usr/sbin/arp -i eth0 -Ds 10.0.0.2 eth1 pub
This will answer ARP requests for 10.0.0.2 on eth0 with the MAC address for
/usr/sbin/arp -i eth1 -d 10.0.0.1
Delete the ARP table entry for 10.0.0.1 on interface eth1. This will match
published proxy ARP entries and permanent entries.