2.2 Understand arp and proxy arp

Others 2021-03-27 17:51:39 views: null

Understand arp and proxy arp

Principle overview

arp correctly maps an ip address to the correct mac address, which is divided into dynamic and static. Static arp requires the administrator to manually add a fixed mapping relationship between ip and mac.

The proxy arp is sent from a PC to resolve the hardware address of another host that is on the same logical layer 3 network but not on the same physical network segment, so that different physical hosts can communicate normally.

1. The purpose of the experiment

Understand the working principle
of arp, master the configuration of static arp and proxy arp,
understand the host communication process

2. Experimental topology addressing and project background

r1 is the gateway, connected to the external network. The company uses the 10.1.0.0/16 network segment. Prevent arp spoofing attacks by configuring static arp. Ensure communication security. Configure arp proxy to realize the communication of hosts in the network

Insert picture description here

Insert picture description here

2. Experimental content

Observe the dynamics of arp entries

1. Configure ip address for ping test

Success, use arp -a to see the arp table entries of the host. After the empty
ping is successful, just look at the table entry.

Because it must first encapsulate data when sending data. If there is no dip-dmac mapping table entry in the arp table, arp broadcast will be improved. After receiving it, dip responds with the arp unicast packet.

Configure static arp

Because the arp protocol is easy to be attacked. The mapping relationship between the forged arp messages is wrong. And use the wrong entry to encapsulate the data to be sent. As a result, the receiving end cannot receive it. This directly leads to communication failure.
You can use static arp, which takes precedence over dynamic.

arp static ip address mac address

Configure proxy arp

Be sure to configure the gateway to be a proxy arp!
The company network is currently divided into two independent broadcast domains by r1. The two sides cannot communicate by default. This is to use the proxy arp function

On the gateway router interface

arp-proxy enable

Summary and reflection

With the arp proxy enabled, if the ping 10.1.2.4 host does not exist on the pc-2, who will lose it and why?

For r1, the router will not receive the 10.1.2.4 response message.

Guess you like

Origin blog.csdn.net/weixin_45821358/article/details/114828618
ARP
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com