Table of contents
2. Why is the ARP protocol needed?
4. What is the broadcast domain?
5. What is the ARP cache table?
7. Processing rules for ARP broadcast messages received by different network devices
8. Principle of ARP working mechanism
1. What is ARP protocol?
We know that the host or Layer 3 network device will maintain an ARP entry for data transmission in the system. Each time a data packet is sent, the ARP entry will be queried to encapsulate the data packet into a data frame with a MAC address. The so-called ARP protocol is to obtain the corresponding physical MAC address based on the IP address of the target network device.
2. Why is the ARP protocol needed?
Since current LANs use Ethernet technology standards, all data packets will be forwarded through Layer 2 network equipment. Therefore, in this situation, data transmission between networks must encapsulate data packets into data frames with MAC addresses. , only in this way can the data frame be forwarded in the Layer 2 network and the ARP protocol obtains the MAC address of the peer (NH next hop) through IP and saves it in the ARP cache table of the device.
3. ARP message format
The format of the ARP message obtained through packet capture:
4. What is the broadcast domain?
A broadcast domain is an area that broadcast packets can reach. In the absence of VLAN division, a network segment is a broadcast domain, and broadcasts generally cannot be forwarded through Layer 3. The router can isolate the broadcast domain and either process or discard the received broadcast messages without forwarding them.
5. What is the ARP cache table?
ARP entries store the mapping relationship between device IP addresses and MAC addresses.
6. Types of ARP
6.1 ARP proxy
Communication between hosts on the same network segment and different physical networks can be achieved through ARP proxy.
Scenario: Communication between computers on the same network segment and different physical networks uses ARP proxy services.
1. Host A and Host B are on the same network segment, and Host A sends an ARP request packet.
D.MAC(F)+S.MAC(A) D.IP(B)+S.IP(A)
2. The router receives the ARP broadcast packet sent by host A, unpacks it, and finds that the destination IP of the request is not in the same network segment as the IP of the interface that receives the ARP broadcast frame. It checks whether there is a route to host B (yes) and responds to host A. An ARP response packet (destination IP, mac host A, source IP is host B, source MAC is the MAC address of its own G0/0/0)
3. Host A receives the ARP response packet and stores the mapping between host B's IP and router G0/0/0 in the ARP cache entry.
4. Host A sends a unicast message to host B (D. MAC is G0/0/0) and sends it to the router.
5. The router unpacks the packet, checks the IP routing table for a route to host B, and forwards the packet to host B. Host B then sends a return packet to host A.
6.2 Free ARP
Detect whether there are other hosts in this network segment that have the same IP address as your own, causing problems such as errors in the direction of network data frames caused by IP address conflicts and video freezes on the device.
Principle: The device will send an ARP broadcast packet whose source IP and destination IP are both its own. When a host responds to this broadcast packet, it means that there is a host in the LAN using the same IP address as mine; if it does not receive it, it means there is no conflict. Generally, a gratuitous ARP message is automatically triggered after the host obtains a new IP address.
7. Processing rules for ARP broadcast messages received by different network devices
PC computer:
1. First check whether the IP source address of the ARP broadcast message and the IP address of the interface that received the ARP broadcast message are in the same network segment? In the same network segment (discard if not in the same network segment) -----> Check whether the ARP destination IP is sent to you? If yes, reply to the initiator of the ARP broadcast message; if not, discard it.
RT router:
First, check whether the source IP of ARP and the IP of the interface that receives ARP are in the same network segment (that is, check whether the ARP broadcast message comes from the same network segment). If so, process it, otherwise, discard it.
1. When the router receives the ARP broadcast message, the destination IP and its receiving interface are in the same network segment (that is, the destination MAC to be obtained by ARP is a device on this network segment) -----> If the destination IP is itself, then Unicast reply to ARP initiator---->If it is not itself, discard it.
2. When the target IP of the ARP request received by the router is not on the same network segment as its own router, if the device turns on ARP proxy and checks that there is a route to the target IP, it will pretend to be the target host and broadcast the ARP message. The initiator replies with an ARP reply packet with the source address being the destination IP and the source MAC being its own MAC. In this way, the initiator of the ARP broadcast message (another router on this network segment) will communicate with a PC not on this network segment next time. The data packet will be sent to the proxy router first, and then sent to the PC by the proxy router.
8. Principle of ARP working mechanism
Note: When using static manual configuration of the destination network route for the router, if the next hop is set to the outbound interface of this router, the router will think that this destination network is directly connected to itself. Therefore, when all data packets using this static route are forwarded through the router, the router will think that the data packet can directly reach the destination host, so the target IP of the triggered ARP packet request will also be the IP address of the destination host.
For example: On AR1, the next hop G0/0/0 of the route 10.0.23.0/24 is specified as an interface through a static outbound interface.
1. When AR1 host pinged 10.0.23.2, it checked the local routing table and found that the next hop was its own G0/0/0 interface, thinking that the target host was directly connected to itself.
2. Search the local ARP cache table according to the target host 10.0.23.2 and find that there is no corresponding MAC address, so an ARP broadcast packet is triggered (S_mac: AR1 D_mac: full f, S_ip: 10.0.12.1 D_ip: 10.0.23.2).
3. After the G0/0/0 interface of AR2 receives the ARP request packet:
●Check whether the destination IP requested by the ARP packet is on the same network segment as the G0/0/0 interface that receives the ARP packet:
●On the same network segment----->Check whether the destination IP requested by the ARP packet is its own local IP address. If so, unicast reply AR1 tells it the MAC address corresponding to its own IP. If not, no reply will be made. At the same time, the IP address corresponding to the destination IP of AR1 is recorded in the local ARP cache table.
●If they are not on the same network segment, and the AR2 router does not enable the Arp routing agent, it will discard its ARP request packet and will not reply (for example: in this case, AR1 cannot obtain the mac address corresponding to 10.0.23.2 and cannot communicate with AR2. G0/0/1 communication. The loopback interface routes configured through static outgoing interfaces in the directly connected network segments will also be unable to communicate with each other).
Solution:
●The next hop of a statically manually configured route is specified by IP address.
●Enable the ARP routing proxy function under the router interface that receives ARP packets.
Therefore, when processing the ARP request packet, the router will check whether the request target IP is in the same network segment as the interface that receives the ARP broadcast packet. If it is not (the ARP routing proxy is not turned on), it will not do any processing on the ARP request packet. That is, the router will think that the target IP requested by the ARP packet is not in the same broadcast domain as itself and will not process it. If they are on the same network segment and the requested target IP is your own local IP address, a reply will be given to tell the requester its own mac address.
@Statement: The knowledge level of the blogger of "山月仁无声" is limited. If there are any inaccuracies in the above article, IT enthusiasts are welcome to correct me. I will definitely learn from you with an open mind!