Using the noarp module to disable ARP

Jump to: navigation, search


MasarLabs noarp from Maurizio Sartori is a Linux kernel module that filters and drops unwanted ARP requests. It is useful when you need to add an alias to the loopback interface to use a load balancer.

The noarp module is available for both kernel 2.4 and kernel 2.6.

The advantages of using noarp is that it is to hide IP address, not interface, and there is no need to rebuild the kernel image. The disadvantage is that noarp module needs rebuilding every time that kernel image is upgraded.

Disable ARP for VIP

noarpctl is used to disable ARP for VIP. The basic syntax of 'noarpctl' is:

  noarpctl add VIP RIP

That means hide the VIP address and use RIP in outgoing ARP requests that would use VIP.