arp命令

回到手册索引

命令用途

arp 命令用于管理系统的 ARP（地址解析协议）缓存。通过该命令，用户可以查看、添加或删除 ARP 表中的条目。ARP 协议用于解析本地网络中 IPv4 地址对应的 MAC 地址。

常用用法示例

查看 ARP 缓存

arp -a

执行该命令后，系统会显示当前ARP缓存的所有条目，包括每个条目的IP地址、MAC地址以及接口信息。示例如下：

? (192.168.0.1) at 00:14:22:01:23:45 [ether] on eth0

该条目表示IP地址为192.168.0.1的设备，MAC地址为00:14:22:01:23:45，通过eth0接口与系统通信。

删除ARP缓存中的条目

arp -d 192.168.0.1

执行后，系统会删除与192.168.0.1对应的ARP缓存条目。删除ARP表中的条目通常需要root或网络管理员权限。

添加一个新的ARP条目

arp -s 192.168.0.100 00:14:22:01:23:45

这条命令将为IP地址192.168.0.100添加一个对应的MAC地址为00:14:22:01:23:45的ARP条目。条目会永久存储在ARP缓存中，直到系统重启。

使用代理ARP

arp -i eth0 -Ds 192.168.0.2 eth1 pub

该命令将使eth0接口响应对192.168.0.2的ARP请求，并使用eth1接口的MAC地址。这是设置代理ARP的常用方法，pub表示该条目是公开的。

从文件导入ARP条目

arp -f /etc/ethers

该命令从指定的文件/etc/ethers中加载ARP条目。文件内容通常为IP地址和MAC地址的对应关系，每行一条。

常用参数选项

-v, –verbose
以详细模式输出命令执行的过程和信息。

-n, –numeric
显示数值形式的地址，而非尝试解析为主机名、端口号或用户名。

-H type, –hw-type type, -t type
指定硬件类型（如以太网或 ARCnet）。默认值为 ether，即以太网。

-a
使用 BSD 风格的输出格式，输出不固定列。

-e
使用 Linux 风格的输出格式，输出具有固定列的表格。

-D, –use-device
使用指定的网络接口（如 eth0）的 MAC 地址创建 ARP 表项。

-i If, –device If
指定网络接口，命令仅显示该接口对应的 ARP 缓存条目。

-f filename, –file filename
从指定的文件读取 ARP 条目，文件通常包含主机名与 MAC 地址的映射。

原厂文档

NAME

   arp - manipulate the system ARP cache

SYNOPSIS

   arp [-vn] [-H type] [-i if] [-ae] [hostname]

   arp [-v] [-i if] -d hostname [pub]

   arp [-v] [-H type] [-i if] -s hostname hw_addr [temp]

   arp [-v] [-H type] [-i if] -s hostname hw_addr [netmask nm] pub

   arp [-v] [-H type] [-i if] -Ds hostname ifname [netmask nm] pub

   arp [-vnD] [-H type] [-i if] -f [filename]

DESCRIPTION

   Arp manipulates or displays the kernel's IPv4 network neighbour
   cache. It can add entries to the table, delete one or display the
   current content.

   ARP stands for Address Resolution Protocol, which is used to find
   the media access control address of a network neighbour for a
   given IPv4 Address.

MODES

   arp with no mode specifier will print the current content of the
   table. It is possible to limit the number of entries printed, by
   specifying an hardware address type, interface name or host
   address.

   arp -d address will delete a ARP table entry. Root or netadmin
   privilege is required to do this. The entry is found by IP
   address. If a hostname is given, it will be resolved before
   looking up the entry in the ARP table.

   arp -s address hw_addr is used to set up a new table entry. The
   format of the hw_addr parameter is dependent on the hardware
   class, but for most classes one can assume that the usual
   presentation can be used.  For the Ethernet class, this is 6 bytes
   in hexadecimal, separated by colons. When adding proxy arp entries
   (that is those with the publish flag set) a netmask may be
   specified to proxy arp for entire subnets. This is not good
   practice, but is supported by older kernels because it can be
   useful. If the temp flag is not supplied entries will be permanent
   stored into the ARP cache. To simplify setting up entries for one
   of your own network interfaces, you can use the arp -Ds address
   ifname form. In that case the hardware address is taken from the
   interface with the specified name.

OPTIONS

   -v, --verbose
          Tell the user what is going on by being verbose.

   -n, --numeric
          shows numerical addresses instead of trying to determine
          symbolic host, port or user names.

   -H type, --hw-type type, -t type
          When setting or reading the ARP cache, this optional
          parameter tells arp which class of entries it should check
          for.  The default value of this parameter is ether (i.e.
          hardware code 0x01 for IEEE 802.3 10Mbps Ethernet).  Other
          values might include network technologies such as ARCnet
          (arcnet) , PROnet (pronet) , AX.25 (ax25) and NET/ROM
          (netrom).

   -a     Use alternate BSD style output format (with no fixed
          columns).

   -e     Use default Linux style output format (with fixed columns).

   -D, --use-device
          Instead of a hw_addr, the given argument is the name of an
          interface.  arp will use the MAC address of that interface
          for the table entry. This is usually the best option to set
          up a proxy ARP entry to yourself.

   -i If, --device If
          Select an interface. When dumping the ARP cache only
          entries matching the specified interface will be printed.
          When setting a permanent or temp ARP entry this interface
          will be associated with the entry; if this option is not
          used, the kernel will guess based on the routing table. For
          pub entries the specified interface is the interface on
          which ARP requests will be answered.
          NOTE: This has to be different from the interface to which
          the IP datagrams will be routed.  NOTE: As of kernel 2.2.0
          it is no longer possible to set an ARP entry for an entire
          subnet. Linux instead does automagic proxy arp when a route
          exists and it is forwarding. See arp(7) for details. Also
          the dontpub option which is available for delete and set
          operations cannot be used with 2.4 and newer kernels.

   -f filename, --file filename
          Similar to the -s option, only this time the address info
          is taken from file filename.  This can be used if ARP
          entries for a lot of hosts have to be set up.  The name of
          the data file is very often /etc/ethers, but this is not
          official. If no filename is specified /etc/ethers is used
          as default.

          The format of the file is simple; it only contains ASCII
          text lines with a hostname, and a hardware address
          separated by whitespace. Additionally the pub, temp and
          netmask flags can be used.

   In all places where a hostname is expected, one can also enter an
   IP address in dotted-decimal notation.

   As a special case for compatibility the order of the hostname and
   the hardware address can be exchanged.

   Each complete entry in the ARP cache will be marked with the C
   flag. Permanent entries are marked with M and published entries
   have the P flag.

EXAMPLES

   /usr/sbin/arp -i eth0 -Ds 10.0.0.2 eth1 pub

   This will answer ARP requests for 10.0.0.2 on eth0 with the MAC
   address for eth1.

   /usr/sbin/arp -i eth1 -d 10.0.0.1

   Delete the ARP table entry for 10.0.0.1 on interface eth1. This
   will match published proxy ARP entries and permanent entries.

FILES

   /proc/net/arp
   /etc/networks
   /etc/hosts
   /etc/ethers

SEE ALSO

   ethers(5), rarp(8), route(8), ifconfig(8), netstat(8)

AUTHORS

   Fred N. van Kempen <waltje@uwalt.nl.mugnet.org>, Bernd Eckenfels
   <net-tools@lina.inka.de>.

COLOPHON

   This page is part of the net-tools (networking utilities) project.
   Information about the project can be found at 
   ⟨http://net-tools.sourceforge.net/⟩.  If you have a bug report for
   this manual page, see ⟨http://net-tools.sourceforge.net/⟩.  This
   page was obtained from the project's upstream Git repository
   ⟨git://git.code.sf.net/p/net-tools/code⟩ on 2024-02-02.  (At that
   time, the date of the most recent commit that was found in the
   repository was 2024-08-29.)  If you discover any rendering
   problems in this HTML version of the page, or you believe there is
   a better or more up-to-date source for the page, or you have
   corrections or improvements to the information in this COLOPHON
   (which is not part of the original manual page), send a mail to
   man-pages@man7.org