Method One: the temporary closure of ARP protocol
echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
Method Two: ARP protocol permanently closed
net.ipv4.conf.ens33.arp_ignore = 1
net.ipv4.conf.ens33.arp_announce = 2
or:
net.ipv4.conf.ens33.arp_ignore = 1
net.ipv4.conf.ens33.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
Parameter Description:
arp_ignore are: # 1 - Answer only the destination IP address is accessing the network interface (ens33) of ARP queries.
In setting the parameters when the arp_ignore set to 1, meaning that when people come to the arp request, without receiving the above ip network card device, do not respond, the default is 0, as long as the machine on top of any card the above apparatus has the IP, arp response to the request, and transmits the mac address.
arp_announce # 2 - Use the most appropriate local address the query target. For example, if a receive VIP over an interface ens33 arp request packet. Kernel judge this VIP is an IP address on the interface is not as ens33. If the same, then return the package. If not, do not respond discarded.