最後更新: 2015-07-02
用另一個 interface 去 Ping
ping -I eth1 192.168.88.177
P.S.
sub-interface 是用唔到的 ...
Arping
version: 2.09
opts:
-S <IP> # set source IP address (多數與 -p 一起用)
(arping unanswered if the target does not have routing to the IP)
-b # source address (255.255.255.255).
-i interface # use the specified interface
-s MAC # Set source MAC address (多數與 -p 一起用)
-p # Turn on promiscious mode on interface
( use this if you don't "own" the MAC address you are using )
-d # Find duplicate replies. Exit with 1 if there are answers from two different MAC addresses.
Example1: Ping blocked icmp server
arping -S 192.168.88.151 192.168.88.18
ARPING 192.168.88.18 60 bytes from 00:0c:29:e9:7f:8a (192.168.88.18): index=0 time=435.412 usec 60 bytes from 00:0c:29:e9:7f:8a (192.168.88.18): index=1 time=412.679 usec 60 bytes from 00:0c:29:e9:7f:8a (192.168.88.18): index=2 time=360.865 usec
所以 tcpdump -i eth0 icmp 是看不到有 package 的
不過 tcpdump -i eth0 arp 就有以下 result
18:59:02.175781 ARP, Request who-has 192.168.88.18 tell 192.168.88.151, length 46 18:59:02.175807 ARP, Reply 192.168.88.18 is-at 00:0c:29:e9:7f:8a, length 28
Example2: Send ARP REQUEST to a neighbor host
arping -S <IP-B> -s <MAC-B> <IP-C>
arping -S <IP-B> -s <MAC-B> -p <MAC-A>
arping -S 203.xxx.xxx.175 -s 00:0c:29:3b:xx:xx -p 203.xxx.xxx.161
ARP timeout
server:~# cat /proc/sys/net/ipv4/route/gc_timeout
300
server:~# cat /proc/sys/net/ipv4/neigh/*/gc_stale_time
60
server:~# ip -s neighbor list
192.168.88.1 dev vmbr0 lladdr 00:d0:cf:0c:xx:85 ref 5 used 212/212/15 probes 1 STALE 192.168.88.30 dev vmbr0 lladdr 00:d0:cf:0c:xx:85 ref 3 used 20/15/15 probes 1 REACHABLE 192.168.88.172 dev vmbr0 lladdr 00:18:1f:10:xx:7a ref 3 used 4/54/4 probes 1 DELAY 192.168.88.177 dev vmbr0 lladdr 00:07:e9:3e:xx:d3 ref 2 used 31/0/26 probes 1 REACHABLE
* If the entry is in the STALE state, it will also be updated by unsolicited ARP replies
state meaning
stale still usable; needs verification
action if used:
reset use counter; change state to delay-->probe-->incomplete(discovery period)--> failed
DOC:
http://linux-ip.net/html/ether-arp.html