zz

Add static ARP entries when network is brought up

How to add or remove a static ARP entry on
Linux

ARP (short for "Address Resolution Protocol") is a network protocol used to map an IP network address to a corresponding hardware MAC address. When host X wants to communicate host Y, X first broadcasts an ARP request on its local network, to obtain Y's
MAC address. Once X receives ARP reply containing Y's MAC address, X uses the information to construct Ethernet frames destined for Y.

The IP/MAC address mapping information so obtained is cached in local ARP table, so that ARP query process can be omitted subsequently.

Problems can arise when for whatever reason, host X does not receive ARP replies for a destination host Y with which it wishes to communicate. In other cases, ARP replies come in, but contain a MAC address associated with an incorrect host Z. Such corrupted
ARP replies will result in traffic hijacking, where traffic that should have been sent to Y ends up arriving at host Z.

When dealing with these kinds of ARP-induced abnormal situations, it's useful to be able to add static ARP entries manually on locally cached ARP table. When a MAC address of a destination host Y is found in local ARP table, there is no need to send out
ARP requests.

To add a static ARP entry to local ARP table:

This commands tells local ARP table that the host with IP address 10.0.0.2 has MAC address 00:0c:29:c0:94:bf. Once you have configured a static ARP entry, you can verify that.

? (192.168.10.47) at e0:db:55:ce:13:f1 [ether] on eth0
? (192.168.10.1) at 00:e0:b1:cb:07:30 [ether] on eth0
? (10.0.0.2) at 00:0c:29:c0:94:bf [ether] PERM on eth1

As you can see above, the statically configured ARP entry correctly shows up, marked as "PERM" in the ARP table.

To delete a static ARP entry from local ARP table:

$ arp -a -n
? (135.112.29.47) at e0:db:55:ce:13:f1 [ether] on eth0
? (135.112.29.1) at 00:e0:b1:cb:07:30 [ether] on eth0
? (10.0.0.2) at <incomplete> on eth1

Note that any ARP entry added by arp command at run time like above does not remain persistently across reboots. In order to
add a static ARP entry permanently, what you can do is to load ARP entries from an external file automatically when a network interface is up. For that, first create a file that contains static ARP entries.

00:0c:29:c0:94:bf 10.0.0.2
00:0c:59:44:f0:a0 10.0.0.5
. . . .

The arp command allows you to load any external file using "-f" option.

Now you need to set the above command to be run automatically when a given network interface (e.g., eth0) is up. There are distribution-specific ways to run a startup command for network interfaces. Following are distribution-specific examples.

Here I assume that you are not using NetworkManager on your Linux system. So if you are using NetworkManager, you will have to disable it first.

On Ubuntu, Debian or Mint, add the following entry in /etc/network/interfaces:

iface wlan0 inet dhcp
. . .
post-up arp -f /etc/ethers

On CentOS, RHEL or Fedora, create the following executable script:

#!/bin/sh
if [[ "$1" == "eth0" ]]
then
arp -f /etc/ethers
else
#DO_NOTHING
fi

========================

arp -i eth2 -s ip.of.the.device mac:of:the:device

 /etc/network/if-up.d/add-my-static-arp

#!/bin/sh

arp -i eth0 -s 192.168.0.4 00:50:cc:44:55:55
arp -i eth0 -s 192.168.0.5 00:50:cc:44:55:56
arp -i eth0 -s 192.168.0.6 00:50:cc:44:55:57

chmod +x /etc/network/if-up.d/add-my-static-arp