From this doc: https://www.kernel.org/doc/Documentation/networking/bonding.txt
I learned that:
A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed.
But after trying by myself, I found that the ARP Replies to all the peers was sending twice from tcpdump.
For exmaple, a linux server with bond6 connect to many other hosts via a switch, like this:
docker-ubuntu-1 (with bond mode 6) ping docker-ubuntu-2, I tcpdump on docker-ubuntu-3, it looks like this:
# tcpdump -Q in -i eth0 -n -e
10:59:28.459682 ce:ec:f8:48:ec:ae > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.1.15 tell 192.168.1.10, length 28
10:59:30.583316 d6:b9:73:9a:ff:78 > de:b9:f8:4d:14:69, ethertype ARP (0x0806), length 42: Reply 192.168.1.10 is-at d6:b9:73:9a:ff:78, length 28
10:59:30.583773 d6:b9:73:9a:ff:78 > de:b9:f8:4d:14:69, ethertype ARP (0x0806), length 42: Reply 192.168.1.10 is-at d6:b9:73:9a:ff:78, length 28
3 packets captured:
- 1 broadcasing ARP questions
- and 2 and 3 for "This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. "
But why need twice?
(Not the lab environment problem, cause I tried a different version of Linux and tcpdump from the slave NIC of the docker-ubuntu-1, same result, it's indeed the Linux send out 2 gratuitous ARP replies)
