Shulou(Shulou.com)06/01 Report--

Background:

(1) according to the default TCP/IP stack processing, the source address of the response message is equal to the destination IP of the request message.

(2) about the ARP table: the mapping table of IP, MAC and network interface. The IP in the list belongs to the network segment where the device is located, and the non-local network segment is sent / forwarded through the gateway, so you only need to use the MAC corresponding to the gateway.

(3) conditions for updating ARP entries (as long as any one is satisfied):

1. Received ARP request: the destination MAC is broadcast, and Target IP is the IP; on the local machine (Target IP is said here to distinguish from the destination IP)

2. Received ARP reply: the destination MAC is broadcast or native MAC, and the entry already exists in the ARP table; (such as free ARP message and reply after sending a request by yourself)

With regard to the Target IP mentioned above, it means that the target IP,ARP message requested in the ARP message does not belong to the IP message, as shown in the following figure: (it is not difficult to decide whether the ARP protocol belongs to layer 2 or layer 3 protocol)

Since it is the MAC of the request target IP, the Target MAC is all zero to be populated. It should be noted here that the destination MAC and Target MAC of the ARP message are MAC and Target MAC. Because the message is sent in broadcast form, the destination MAC of layer 2 is all F, while the requested Target MAC belongs to the data of layer 3 and all zeros need to be populated. Target MAC is only the display of Wireshark, and the actual packet connects the four values directly. The APP reply message is unicast with the same structure as ARP request. The destination MAC is changed to the source MAC of ARP request. On the three-tier data, the requested MAC is entered, and all source and destination are exchanged, that is, Sender MAC equals source MAC,Target MAC and destination MAC.

(4) Free ARP: it can be used to detect IP conflicts and update ARP entries, which will be sent every time you set a new IP and start a network service.

Layer 2: source MAC is sender MAC, destination MAC is full F

Layer 3: first, 4 ARP packets with all zero Sender IP will be sent (3 sent by Windows); in the absence of IP conflicts, Linux (CentOS 6.4) will first send a free ARP package of Target MAC=Sender MAC= source MAC and Target IP=Sender IP= sender IP, and then send a free ARP package of Target MAC=F and other packages the same as the previous one; Windows (Win10) will only send a free ARP package of Target MAC=0, Sender MAC= source MAC and Target IP=Sender IP= sender IP.

Main topic:

ARP needs to be suppressed on RealServer when configuring LVS load balancing architecture, specifically arp_ignore=1,arp_announce=2

Arp_ignore: (response to ARP)

0: respond to ARP query requests for any native IP address received on any network port (default)

1: only respond to ARP query requests where Target IP is the IP of the receiving network port

2: only respond to the ARP query request that Target IP is the IP of the receiving network port, and the Sender IP must belong to the same network segment as the network port

4-7: keep unused

8: do not respond to all arp queries

Arp_announce: (select the Sender IP to be used when declaring ARP)

0: use the source IP of the sent (or forwarded) packet as the Sender IP for sending ARP requests (default); (ping-I authentication can be used)

When the destination IP of the 1:IP packet belongs to the network segment of a local interface, the Sender IP uses the IP packet source IP. If it does not belong to it, it is processed as 2.

2: ignore the source IP of the packet, use the best address that can talk to the destination host as the Sender IP that sends the ARP, and give priority to the primary IP; of the external interface (loopback is not the external interface)

Note: when there is no entry for the gateway in the ARP table, arp_announce will be triggered before sending the IP packet

Sender MAC has nothing to do with the system. Sender MAC= source MAC and source MAC are determined by the physical address, except for network * *.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.