Getting to Know ARP
From the perspective of network layering, we know that in the Layer 2 network, the MAC address is used for transmission , and the MAC address is used as the device identifier of the data link layer.
In the three-layer network, the IP address is used for transmission , and the IP address is used as the device identifier of the network layer.
We also know that domain names that are easy to remember are resolved into IP addresses through DNS , and with IP addresses, you can find your destination on the Internet.
The IP address obtains the MAC address through ARP , and only with the MAC address can data be transmitted on the physical network.
ARP
What is ARP?
ARP , is the Address Resolution Protocol. Query the protocol corresponding to the MAC address according to the IP address of the device. After the host finds the MAC address through ARP, it will add a mapping entry in the ARP cache table , that is, the mapping entry between IP address and MAC address.
ARP principle
How does ARP know the MAC address? Simply put, ARP determines the MAC address through ARP request and ARP response packets.
ARP packets
Suppose host A sends data to host B on the same network segment . The IP address of host A is , the IP address of 10.0.0.1 host B is , and the IP address of 10.0.0.2 host C is 10.0.0.3 . None of them know each other's MAC addresses. The ARP address resolution process is as follows:
1. Host A first checks its own ARP table (ie, the ARP cache table) to determine whether there is an entry corresponding to the IP address of host B. If there is, directly use the MAC address in the entry for encapsulation, encapsulate it into a frame, and send it to host B.
2. If there is no corresponding entry in the ARP table of host A , a broadcast frame is sent , the source IP and source MAC address are host A, the destination IP address is host B, and the destination MAC address is the broadcast MAC address, ie FFFF-FFFF-FFFF . This is the ARP request packet .
3. ARP requests are broadcast packets, which can be received by all hosts on the same network segment . Only host B finds that the destination IP address in the packet is itself, so host B sends a response packet to host A , the source MAC address and source IP address are host B, the destination MAC address and destination IP address are host A, this packet It is called ARP response packet. At the same time, the ARP table of host B records the mapping relationship of host A, that is, the corresponding relationship between the IP address and MAC address of host A.
4. Host C also receives the ARP request message, but the destination IP address is not itself, so it will not respond . So host C adds the mapping relation of host A to the ARP table, and discards the ARP request message.
ARP table
5. After receiving the ARP response message, host A adds the mapping relationship of host B, and encapsulates the frame with the MAC address of host B as the destination address, and sends it to host B.
ARP get MAC address
If an ARP request is required to determine the MAC address every time an IP packet is sent, it will cause unnecessary network traffic. The usual practice is to use the ARP table to record the mapping relationship between IP addresses and MAC addresses. When a host sends a packet, it first checks its ARP table to determine whether it is a known device MAC address. If there is, use it directly; if not, initiate an ARP request to obtain it. However, the cache has a certain time limit. The ARP entry is valid within the aging time ( aging time ). If it is not used within the aging time, the entry will be deleted.
ARP cache
ARP entries are divided into dynamic ARP entries and static ARP entries :
-
Dynamic ARP entries are obtained dynamically by ARP, so in network communication, there is no need to know the MAC address in advance, as long as there is an IP address. If it is not used within the aging time, the entry will be automatically deleted.
-
Static ARP entries are manually configured and will not age out. The priority of static ARP entries is higher than that of dynamic ARP entries, and the corresponding dynamic ARP entries can be overwritten.
ARP entry type
proxy-ARP
ARP broadcast packets will be isolated by routers. When there is no default gateway and hosts on different network segments communicate with each other, the routers connecting the two networks can respond to the ARP request . This process is called Proxy ARP.
proxy-ARP
Host A communicates with host B on another network segment, and host A directly sends an ARP request to resolve the MAC address of host B. After the router running proxy ARP receives the ARP request, it sends an ARP request on the network segment instead of host A to 20.0.0.0 resolve the address of host B.
Proxy ARP request
Host B receives the ARP request sent by the router and sends an ARP response message to inform its own MAC address 2222-2222-2222 . After receiving the ARP response, the router also sends an ARP response to host A, but the destination MAC address is the MAC address of the port connected to the 10.0.0.0 network segment 1010-1010-1010 . After host A receives the packet, it adds 1010-1010-1010 a mapping entry with IP address 20.0.0.1 and MAC address YES in the ARP table.
Proxy ARP response
So host A will send all the data to be sent to host B to the router, and the router will forward it to host B. vice versa.
The proxy ARP function shields the separate network, and the host can communicate with the existing network without modifying the IP address and subnet mask. Let users use it as if they were on the same network. Proxy ARP is used on networks where the host does not have a default network , or does not have any routing, usually older devices that do not support setting subnet masks. However, proxy ARP will forward ARP broadcast packets, resulting in low network efficiency and is not suitable for large-scale networks.
proxy-ARP