Michael.Paoli at cal.berkeley.edu
Sat Nov 24 12:14:37 PST 2007
And there's another thing that can typically greatly speed and ease
the switchover: gratuitous ARP reply
Quoting Michael Paoli:
> Quoting John de la Garza:
> > I have a webserver that is say ip addr: 1. I make change it to be 2,
> > then make a new box (different nic) to be ip addr of 1. Now things
> > behave odd... I just learned that things like this get cached.
> > Is there a way I can erase the entire arp cache and let it get
> > rebuilt? or must I do it case by case with arp -d?
> One can generally check/alter the arp cache data via the arp command.
> Typically arp data will effectively fix itself (older data timing out)
> within several minutes. If the problem(s)/issue(s) are lasting longer
> than that, you likely have something else going on. /etc/ethers can be
> used for persistent Ethernet MAC <--> IP mapping (and thwarting arp cache
> poisoning) ... but that's typically not used in most environments. If
> you've still got persistent issues, you may want to poke around with
> tcpdump or the like, a bit more, to see what's actually going on on the
> network. With suitable options to tcpdump, one will get to see the arp
> request and reply packets (or note the lack thereof) and the
> Ethernet MAC addresses (link level headers). That should be enough to
> relatively quickly isolate if one has a Ethernet MAC address and/or arp
> or related issue/problem.
More information about the buug