How to clear ARP cache on Linux or Unix
Depending on Whether you have a Linux system or a Unix System, you might come across “arp” errors. The problem often occurs when you start receiving email notifications that warn you about “Neighbor Table Overflow”. We will show the two quickest ways to completely clear your cache so that no system messages will appear anymore. If you want to see all the entries that arp has currently recorded you can use this command:
root@server:~# arp -n
root@server:~# arp -a
For those that want to hone their linux skills and become a master at their craft, we were able to get all readers 90% off of a course for linux beginners taught by a professional in the industry.
Once you enter this within your command prompt (upon login into your server root user), you should see a table/ list of all the ip’s and entries. It should look something like this:
root@ubuntu:~# arp -n Address HWtype HWaddress Flags Mask Iface 188.8.131.52 (incomplete) eth0 184.108.40.206 ether 00:09:2s:a2:t5:y2 C eth0 220.127.116.11 ether 00:01:7b:d6:a3:u8 C eth0
After you see the whole table, its pretty easy to identify which entries or ip’s you want to clear the cache on. You should be cautious at this step because if you have valuable information that are within these entries you don’t want to be deleting them and not have a way to retrieve or back it up again. Enter the following command to delete the first entry (like in my example):
root@server:~# arp -d 18.104.22.168
It will take a little time (give it a few minutes) for the DNS to properly propagate the change, but if you want to enter the view arp command, you should see that it is removed:
root@server:~#arp -n Address HWtype HWaddress Flags Mask Iface 22.214.171.124 ether 00:09:2s:a2:t5:y2 C eth0 126.96.36.199 ether 00:01:7b:d6:a3:u8 C eth0
If you want to remove ALL of the entries and clear the cache for arp (Linux or Unix), use the universal clear cache command:
root@server:~# sudo ip -s -s neigh flush all *** Round 1, deleting 1 entry *** 188.8.131.52 dev enp0s1 lladdr 01:08:3d:w4:u8:e1 ref 1 used 0/0/1 probes 4 REACHABLE *** Round 2, deleting 1 entry *** 184.108.40.206 dev enp0s1 lladdr 00:09:2s:a2:t5:y2 ref 1 used 0/0/1 probes 4 REACHABLE *** Round 3, deleting 1 entry *** 220.127.116.11 dev enp0s1 lladdr 00:01:7b:d6:a3:u8 ref 1 used 0/0/1 probes 4 REACHABLE
The first S within the command give the verbose .the second S within the command defines the neighborhood ip table and in turn together outputs the ARP cache. This is a normal output if your Linux (or Unix) version is up to date. If your version doesn’t support the universal cache removal command, go up to the top of this post and delete on a per ip basis. To conclude if you only have a few entries (1-4), then it is probably work it to use the manual arp tool to identify them on a per line basis and individually. However, if you are sure you want to do a full ARP cache flush, your best bet is to go with the ip utility “neigh” flush command.