LinuxCommandLibrary

arp

Display and modify ARP cache entries

TLDR

Show the current ARP table

$ arp
copy

Show [a]lternative BSD style output format with on fixed columns
$ arp -a
copy

[d]elete a specific entry
$ sudo arp -d [address]
copy

[s]et up a new entry in the ARP table
$ sudo arp -s [address] [mac_address]
copy

SYNOPSIS

arp [-vnN] [-H hwtype] [-i if] [-a] [hostname]
arp [-vwnD] [-i if] [-c addr] hostname
arp -d hostname
arp -s hostname hwaddr [temp] [pub]
arp -f filename

PARAMETERS

-a, --display
    Display or dump kernel ARP table (default).

-d, --delete hostname
    Delete ARP entry for hostname (IP or name).

-D, --use-device
    Use hardware address from specified device.

-i if, --device if
    Operate on specific network interface.

-v, --verbose
    Enable verbose output.

-n, --numeric
    Show numeric addresses, skip hostname resolution.

-s hostname hwaddr, --set
    Create permanent (static) ARP entry.

-S hostname hwaddr netmask masklen, --publish
    Create proxy ARP entry with publish flag.

-f filename
    Load ARP entries from file (like /etc/ethers).

-H type, --hwtype type
    Override hardware type (e.g., ether).

-c addr, --create addr
    Create new entry if absent.

-N, --no-nameres
    Suppress name resolution in some modes.

DESCRIPTION

The arp command views and modifies the kernel's Address Resolution Protocol (ARP) cache, which maps IPv4 addresses to MAC hardware addresses on local networks. ARP enables efficient Layer 2 communication by caching resolutions, avoiding broadcasts for each packet.

Default operation (arp or arp -a) lists all entries in the cache, showing IP, MAC, interface, and type (dynamic/static). Users add permanent entries with -s for reliability or security (e.g., preventing ARP spoofing), delete with -d, or manage proxy ARP for routing scenarios. Options filter by interface (-i), suppress DNS resolution (-n), or enable verbose output (-v).

Essential for network diagnostics, verifying connectivity issues, or static configurations in environments without DHCP. Part of net-tools, it works on IPv4 only. Output resembles: 192.168.1.1 (MAC_ADDRESS) at interface [ether] on dev eth0.

CAVEATS

Deprecated; use ip neigh from iproute2. IPv4-only, requires root for modifications. Static entries survive reboots only if in /etc/ethers or systemd-resolved.

EXAMPLES

arp -a
Show all entries.
arp -n -i eth0
Numeric list for eth0.
arp -s 192.168.1.100 00:11:22:33:44:55
Add static mapping.
arp -d 192.168.1.100
Remove entry (needs sudo).

FILE FORMAT

For -f: IP_address hardware_address [type], e.g.,
192.168.1.1 00:11:22:33:44:55

HISTORY

Part of net-tools since early 1990s Linux (BSD heritage). Peaked in 2000s usage; deprecated post-2010 as iproute2 (ip neigh) standardized around Linux 2.6 kernels.

SEE ALSO

ip(8), ping(8), netstat(8), ifconfig(8)

Copied to clipboard