Chapter 8 ARPAddress Resolution Protocol Kyung Hee University

Chapter 8 ARP(Address Resolution Protocol) Kyung Hee University 1

8. 1 Address Mapping q. Logical address The hosts and routers are recognized at the network level by their logical address Logical address is unique universal IP addresses are logical address in TCP/IP and 32 bits long q. Physical address Local address Should be unique locally, but not necessarily universally Implemented in hardware Imprinted on the NIC installed in the host or router Kyung Hee University 2

Address Mapping q. Static mapping Create a table that associates a logical address with a physical address This table is stored in each machine on the network The machine that know the IP address of another machine but not its physical address can look it up in table When physical addresses are changed, a static mapping table must be updated periodically. § This overhead could affect network performance Kyung Hee University 3

Address Mapping q. Dynamic mapping The machine could know the logical address or physical address of another machine using following protocols § ARP (Address Resolution Protocol) – § Mapping a logical address to a physical address RARP (Reverse Address Resolution Protocol) – Mapping a physical address to a logical address Since RARP is replaced with another protocol, we discuss only ARP protocol Kyung Hee University 4

8. 2 ARP Protocol q. A host or a router has an IP datagram to send to another host or router, it has the logical (IP) address of the receiver IP datagram must be encapsulated in a frame to be able to pass through the physical network This means that the sender needs the physical address of the receiver q. ARP accepts a logical address from the IP protocol, maps the address to the corresponding physical address and pass it to the data link layer. Kyung Hee University 5

Position of ARP in TCP/IP Protocol Suite Kyung Hee University 6

ARP Operation Kyung Hee University TCP/IP Protocol Suite 7

ARP Packet Kyung Hee University 8

ARP Packet q Hardware type : define the type of the network (Ethernet : 1) q Protocol type : define the protocol (IPv 4 : 080016) q Hardware length : define the length of the physical address in bytes q Protocol length : define the length of logical address in byte q Operation : define the type of packet ARP request (1), ARP reply (2) q Sender hardware address : define the physical address of the sender q Sender protocol address : define the logical address of the sender q Target hardware address : define the physical address of the target q Target protocol address : define the logical address of the target Kyung Hee University 9

Encapsulation of ARP Packet Kyung Hee University 10

ARP Operation q Encapsulation operation of ARP process ① The sender knows the IP address of target ② IP asks ARP to create an ARP request message ③ The message is passed to the link layer where it is encapsulated in an frame using the physical address of the sender as the source address and the physical broadcast address as the destination address ④ Every host or router receives the frame and passes it to ARP ⑤ The target machine replies with an ARP reply message that contains tis physical address ⑥ The sender receives the reply message and knows the physical address of the target machine ⑦ The IP datagram, which carries data for the target machine, is now encapsulated in a frame and is unicast to the destination Kyung Hee University 11

Four Different Cases q. The sender is a host and wants to send a packet to another host on the same network q. The sender is a host and wants to send a packet to another host on another network q. The sender is a router that has received a datagram designed for a host in the same network Kyung Hee University 12

Four Cases Using ARP Kyung Hee University 13

Example 8. 1 A host with IP address 130. 23. 43. 20 and physical address B 2: 34: 55: 10: 22: 10 has a packet to send to another host with IP address 130. 23. 43. 25 and physical address A 4: 6 E: F 4: 59: 83: AB (which is unknown to the first host). The two hosts are on the same Ethernet network. Show the ARP request and reply packets encapsulated in Ethernet frames. Solution Figure 8. 6 shows the ARP request and reply packet. Note that the ARP data field in this case is 28 bytes, and that the individual addresses do not fit in the 4 -byte boundaries for these addresses. Also note that the IP addresses are shown in hexadecimal. Kyung Hee University 14

Figure 8. 6 Kyung Hee University 15

Proxy ARP q. Used to create a subnetting effect Kyung Hee University 16

8. 4 ARP Package q. ARP package involves five components Cache table Queue Output module Input module Cache-control module Kyung Hee University 17

ARP Components Kyung Hee University 18

ARP Package q. Cache table Inefficient to use the ARP protocol for each datagram destined for the same host or router When a host or router receives the corresponding physical address for an IP datagram, the address can be saved in the cache table This address can be used for the datagram destined for the same receiver within the next few miniute As space in the cache table is very limited, mappings in the cache are not retained for an unlimited time Kyung Hee University 19

ARP Package q Entry of cache table State : state of entry, FREE, PENDING, RESOLVED Hardware type : same as the field in ARP packet Hardware length : same as the field in ARP packet Protocol length : same as the field in ARP packet Interface number : a router can be connected to different networks, each with a different interface number Queue number : ARP uses numbered queue to enqueue the packets waiting for address resolution Attempts : number of times an ARP request is sent out for this entry Time-out : the lifetime of an entry in seconds Hardware address : destination hardware address Protocol address : the destination IP address Kyung Hee University 20

ARP Package – Five Components q. Output module Kyung Hee University 21

ARP Package – Five Components q. Input module Kyung Hee University 22

ARP Package – Five Components q. Cache control module Kyung Hee University 23

ARP Package – Five Components q. Cache control module Kyung Hee University 24

Original Cache Table Used for Example Kyung Hee University 25

Example 8. 2 q. The ARP output module receives an IP datagram (from the IP layer) with the destination address 114. 5. 7. 89. It checks the cache table and finds that an entry exists for this destination with the RESOLVED state (R in the table). It extracts the hardware address, which is 457342 ACAE 32, and sends the packet and the address to the data link layer for transmission. The cache table remains the same. Kyung Hee University 26

Example 8. 3 q. Twenty seconds later, the ARP output module receives an IP datagram (from the IP layer) with the destination address 116. 1. 7. 22. It checks the cache table and does not find this destination in the table. The module adds an entry to the table with the state PENDING and the Attempt value 1. It creates a new queue for this destination and enqueues the packets. It then sends an ARP request to the data link layer for this destination. The new cache table is shown in Table 8. 6 Kyung Hee University 27

Table 8. 6 Updated Cache Table for Example 8. 3 Kyung Hee University 28

Example 8. 4 q. Fifteen seconds later, the ARP input module receives an ARP packet with target protocol (IP) address 188. 11. 8. 71. The module checks the table and finds this address. It changes the state of the entry to RESOLVED and sets the time-out value to 900. The module then adds the target hardware address (E 34573242 ACA) to the entry. Now it accesses queue 18 and sends all the packets in this queue, one by one, to the data link layer. The new cache table is shown in Table 8. 7 Kyung Hee University 29

Updated Cache Table for Example 8. 4 Kyung Hee University 30

Example 8. 5 q. Twenty-five seconds later, the cache-control module updates every entry. The time-out values for the first three resolved entries are decremented by 60. The timeout value for the lastresolved entry is decremented by 25. The state of the next-to-the last entry is changed to FREE because the time-out is zero. For each of there pending entries, the value of the attempts field is incremented by one. After incrementing, the attempts value for one entry (the one with IP address 201. 11. 56. 7) is more than maximum; the state is changed to FREE, the queue is deleted, and an ICMP message is sent to the original destination. Kyung Hee University 31

Table 8. 8 Updated Cache Table for Example 8. 5 Kyung Hee University 32

8. 7 Summary q Delivery of a packet to a host or router requires two levels of address: logical and physical. A logical address identifies a host or router at the network level. TCP/IP calls this logical address an IP address. A physical address identifies a host or router at the physical level q Mapping of a logical address to a physical address can be static or dynamic. Static mapping involves a list of logical and physical address; maintenance of the list requires high overhead q The address resolution protocol (ARP) is a dynamic mapping method that finds a physical address given a logical address. An ARP request is broadcast to all devices on the network. An ARP reply is unicast to the host requesting the mapping Kyung Hee University 33

8. 7 Summary q In proxy ARP, a router represents a set of hosts. When an ARP request seeks the physical address of any host in this set, the router sends its own physical address. This creates a subnetting effect. q ATMARP is a protocol used on ATM networks that binds a physical address to an IP address. The ATMARP server’s mapping table is built through the use of the inverse request and the inverse reply messages. An ATM network can be divided into logical subnetworks to facilitate ATMARP and other protocol operations. q The ARP software package consists of five components: a cache table, queue, an output module, an input module, and a cache-control module. The cache table has an array of entries used and updated by ARP messages. A queue contains packets going to the same destination. The output module takes a packet from the IP layer and sends it either to the data link later or to a queue. The input module uses an ARP packet to update the cache table. The input module can also send an ARP reply. The cache-control module maintains the cache table by updating entry fields. Kyung Hee University 34