farpd
replies to any ARP request for an IP address matching the specified
destination
net
with the hardware MAC address of the specified
interface
but only after determining if another host already claims it.
Any IP address claimed by
farpd
is eventually forgotten after a period of inactivity or after a
hard timeout, and is relinquished if the real owner shows up.
This enables a single host to claim all unassigned addresses on a
LAN for network monitoring or simulation.
farpd
exits on an interrupt or termination signal.
Note: The program name
farpd
has been changed in Debian GNU/Linux from the original name
(arpd) to avoid name clash with other ARP daemons.
The options are as follows:
-d
Do not daemonize, and enable verbose debugging messages.
-i interface
Listen on
interface
If unspecified,
farpd
searches the system interface list for the lowest numbered, configured
``up'' interface (excluding loopback).
net
The IP address or network (specified in CIDR notation) or IP address
ranges to claim
(e.g. ``10.0.0.3'', ``10.0.0.0/16'' or ``10.0.0.5-10.0.0.15''). If unspecified,
farpd
will attempt to claim any IP address it sees an ARP request for.
Mutiple addresses may be specified.
farpd
will respond too slowly to ARP requests for some applications. In
order to ensure that it does not claim existing IP addresses it will send two
ARP request and wait for a reply. This slowness affects the nmap network
scanning tool, and possibly others, which uses by default ARP when scanning
local networks. The answers from
farpd
will come after the tool has timeout waiting for the ARP replies and,
consequently, IP addresses claimed by
farpd
will not be discovered.
Additionally,
farpd
sends the ARP replies to the broadcast address of the network and not to the
host that send the ARP request. Some systems and applications (notably
nmap) will not handled these requests and expect directed ARP replies
(i.e. targeted specifically to the host that sent the request and not to the
network)