131 ARP Address Resolution Protocol Surasak Sanguanpong nguanku
- Slides: 13
13/1 ARP: Address Resolution Protocol Surasak Sanguanpong nguan@ku. ac. th http: //www. cpe. ku. ac. th/~nguan Last updated: May 24, 1999 Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/2 Agenda l l Why need ARP? ARP functionality Proxy ARP RARP Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/3 IP and MAC address l l Stations need to know MAC address to communicate Hardware MAC address l l Ethernet 6 bytes Token ring 2 or 6 bytes FDDI 2 or 6 bytes HOW DOES IP ADDRESS GET MAPPED TO MAC ADDRESS ? l manual configuration by hand is tedious l automatic process by ARP Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/4 ARP protocol l RFC 826 - Address Resolution Protocol l ARP maps any network level address (such as IP) to its corresponding data link address (such as Ethernet( l supported protocol in datalink layers, not data link layer protocol Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/5 ARP in operation l Host X want to resolve MAC address of Z l l X sends broadcast ARP request X gets unicast ARP reply from Z 158. 108. 2. 2 X who has IP ? 158. 108. 2. 4 Applied Network Research Group 158. 108. 2. 3 Y 158. 108. 2. 4 Z no, not me! with 0: 0: e 8: 15: c 0: 1 Department of Computer Engineering, Kasetsart University
13/6 ARP as a command line entry in ARP table %arp -a www. cpe. ku. ac. th (158. 108. 33. 5) at 0: 0: e 8: 15: cc: c %telnet cc : more entries added %arp -a router. cpe. ku. ac. th (158. 108. 33. 1) at 0: 0: c: 6: 13: 4 a cc. cpe. ku. ac. th (158. 108. 33. 2) at 2: 60: 8 c: 2 e: b 5: 8 b www. cpe. ku. ac. th (158. 108. 33. 5) at 0: 0: e 8: 15: cc: c Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/7 ARP datagrams frame hdr ARP/RARP message 31 datalink frame 16 15 Hardware type: 16 hlen: 8 0 Protocol type: 16 plen: 8 ARP Operation: 16 Sender MAC addr (bytes 0 -3( sender MAC addr (bytes 4 -5) sender IP addr (bytes 0 -1( sender IP addr (bytes 2 -3) dest MAC addr (bytes 0 -1( dest MAC addr (bytes 2 -5( dest IP addr (bytes 0 -3( Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/8 Header details l l l hardware type : Ethernet=1 ARCNET=7, localtalk=11 protocol type : IP=0 x 800 hlen : length of hardware address, Ethernet=6 bytes plen : length of protocol address, IP=4 bytes ARP operation : ARP request = 1, ARP reply = 2 RARP request = 3, RARP reply = 4 Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/9 ARP request packet IP: 158. 108. 33. 2 MAC: 02: 60: 8 c: 2 e: b 5: 8 b IP: 158. 108. 33. 5 MAC? ? : Sample ARP request Ethernet packet FF: FF: FF 02: 60: 8 c: 2 e: b 5: 8 b 0 x 0806 0 x 01 0 x 06 0 x 001 02: 60: 8 c: 2 e: b 5: 8 b 158. 108. 33. 2 00: 00: 00: 00 158. 108. 33. 5 checksum Applied Network Research Group source MAC ARP frame type Ethernet / IP 0 x 800 0 x 04 dest MAC (broadcast( MAC=6/ IP=4 /request source MAC source IP dest MAC (unknown( dest IP Ethernet checksum Department of Computer Engineering, Kasetsart University
13/10 ARP reply packet IP: 158. 108. 33. 2 MAC: 02: 60: 8 c: 2 e: b 5: 8 b IP: 158. 108. 33. 5 MAC: 00: e 8: 15: cc: 0 c Sample ARP reply Ethernet packet 02: 60: 8 c: 2 e: b 5: 8 b dest MAC (unicast( : 00 e 8: 15: cc: 0 c source MAC 0 x 0806 ARP frame type 0 x 01 0 x 06 0 x 800 Ethernet / IP 0 x 002 0 x 04 : 00 e 8: 15: cc: 0 c 158. 108. 33. 5 02: 60: 8 c: 2 e: b 5: 8 b 158. 108. 33. 2 checksum Applied Network Research Group MAC=6/ IP=4 /reply source MAC source IP dest MAC dest IP Ethernet checksum Department of Computer Engineering, Kasetsart University
13/11 ARP mechanisms l Each node maintains the ARP cache l l it first looks in the cache to find entry first if the entry is not used for a period (~15 minutes), it is deleted. Receive node can adds an MAC addr entry for source station in its own cache. ARP traffic load l l hosts quickly add cache entries. If all hosts on a subnet are booted at the same time? => flurry of ARP requests and reply. Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/12 Proxy ARP One node answers ARP request for another: Router R answers for Y l IP: 158. 108. 33. 2 MAC: 02: 60: 8 c: 2 e: b 5: 8 b X X to Y request IP: 158. 108. 33. 1 MAC: 00: 0 c: 06: 13: 4 a IP: 158. 108. 40. 1 MAC: 00: e 8: 15: cb: 0 c R Y R send 158. 108. 40. 1 with 00: 0 c: 06: 13: 4 a l Useful when some nodes on a network cannot support subnet l l X do not understand subnet, so it thinks that Y is on the same subnet Router must be configured to be a proxy ARP Applied Network Research Group Department of Computer Engineering, Kasetsart University
13/13 RARP l l Reverse ARP : map MAC addr to IP addr For device that can not store IP, usually diskless workstations Need to setup server wit RARP table Use the same frame format l l l 0 x 0835 for Ethernet RARP request operation 0 x 003 = RARP request 0 x 004 = RARP reply RARP can not operate across router, BOOTP is more spread Applied Network Research Group Department of Computer Engineering, Kasetsart University