Friday, September 30, 2011

what to do when your ipv4 forwarder has a scrambled arp cache

I have various network segments doing all kinds of things. As opposed to routing all of them, I place them being boxes that shape traffic and the like. ipv4 forwarding is my friend, mostly. Except when its cascading switches go weird.

So, to figure out where a specific host is connected, I issue:

arp -a | grep ethX

That's nice. If I see incomplete entries, that means that the MAC address of said machine is in a weird state. If I know that the system is sitting on a specific interface and not the reported one, it does me good to flush the entire arp cache. But! There's no command in Linux to flush the cache itself. You have to do it quick and dirty via a script or the command line using the -d switch. Plop this in or on either on your boxes that use /proc/net/arp:

for i in `awk -F ' ' '{ if ( $1 ~ /[0-9{1,3}].[0-9{1,3}].[0-9{1,3}].[0-9{1,3}]/ ) \
 print $1 }' /proc/net/arp` ; do arp -d $i ; done

And now the cache is clear and life goes on.