ARP Cache

earlysame55 · June 29, 2007, 9:02pm

Dear all,

We are testing two of our servers for mq series connectivity. The scenario is, when one machine is shutting down it's services there are some scripts that do a dns update, which removes the ip address and relates it to the ip address of the other node on our dns server, and the update happens properly, now comes the real issue:
Solaris 8 node does not clear the ipaddress from the arp cache
Solaris 10 node does not seem to check the cache; it directly looks up from the dns

We are really puzzled. Can you put in some thought?

TIA

porter · June 29, 2007, 9:33pm

You are talking apples and oranges.

The ARP cache translates IP address to MAC addresses (eg ethernet node addresses) and only refers to the same subnet/network segment.

DNS does name resolving, translating a name to an IP address.

DNS knows nothing about MAC addresses.

earlysame55 · June 30, 2007, 12:24pm

Hi porter,

Thanks for the reply. When a name lookup has been done and initial connectivity is established dosn't it be there in the cache ?

Neo · June 30, 2007, 1:15pm

No, not necessarily.

DNS mappings happen when a name is queried againt the DNS system and an IP address is returned (or the reverse, and established in the DNS cache).

An ARP cache entry occurs when a IP packet is in a router LAN segment after a broadcast to determine the IEEE 802 MAC address.

As porter says, DNS and ARP are totally different systems. DNS maps names to IP address. ARP maps IP addresses to MAC address. These mapping are used very differently.

earlysame55 · June 30, 2007, 4:28pm

Thanks Neo,
So when i lookup the dns, get the ip. Meaning when the application runs a gethostbyname(), it updates the dns cache. How and when is the server's arp cache get updated. I thought it's after the ipaddress is returned and when a transmission happens to that ip, it's stored in the arp cache(after the llokup procedure for the mac address). Correct me if i'm wrong.

TIA

porter · June 30, 2007, 6:43pm

That is indeed correct, however

deregistering a DNS name does not cause arp caches to get flushed.
deregistering a DNS name at a server does not affect client caches where the name is still considered valid for the timeout that the DNS server previously reported.
arp caches can be added to and deleted manually and dynamic entries typically have a relatively short timeout.

Neo · June 30, 2007, 10:30pm

No, that is not actually correct.

If the IP address of the destination is on the same LAN segment as the origin, then when you send the first packet to that designation, the ARP tables on that LAN segment will update.

However, if your destination is 2 hops away, then there will be no ARP entry for the destination address.

ARP is for mapping IP address to MAC addresses for LAN traffic, not for IP routing.

Just doing a DNS lookup will not update an ARP table.

For example, right now you sit down and you want to visit www.unix.com .
There is no ARP entry on your server for www.unix.com because your computer is not on the same LAN segment as www.unix.com.

Is this clear now?

earlysame55 · June 30, 2007, 10:35pm

Yes, thanks to both of you.