I’ve got a VPS. That VPS talks to the world via some VRRP enabled router. The virtual address is .254 and its legs are on .252 and .253.
When I ask .252 or .253 its mac-address via arp, I get an answer. If I ask .254 for its mac address it doesn’t respond at all (yet I can ping it?!).
“just route via 252 or 253” one would say; only that doesn’t seem to work (have not figured out that yet)
I verified the arp-requesting-stuff using arping:
arping 188.8.131.52 -S 184.108.40.206
example network trace
Is The .254 in Your ARP table?
The router certainly sent out a gratuitous ARP packet.
Wait, let me redo my tests.
On the vps I run in one window:
while true ; do arp -i enp8s0 -d 220.127.116.11 ; arp -i enp1s0 -d 18.104.22.168 ; arp -an | grep 254 ; ping -q -c 1 22.214.171.124 ; arp -an | grep 254 ; sleep 1 ; done
in the other I run tcpdump.
tcpdump -i enp1s0 -n -w /root/test.pcap \! port 655
(port 655 is the vpn, I filter it to reduce the noise).
If I then examine the dump, then I see no arp responses at all, only the requests?! (tcpdump -r /root/test.pcap -n arp)
How on earth does the linux system then get to know the mac-address of the gw?