ARP- ARP

Others 2019-09-15 01:52:06 views: null

introduction

  IP protocol is designed to span the physical packet-switched network to provide interoperability of different types, which need to convert between the address (IP) network layer software and addresses used by the underlying hardware, the network interface hardware usually has a major hardware address (e.g., 48-bit address of the 802.11 wireless Ethernet interface). Data frame by the hardware must be exchanged, it will not be able to transmit data through the correct hardware interface.

  In addition, the network address (IPv4 32bit | IPv6 128bit) and hardware address (MAC address 48) allocated by different administrative departments, to address the hardware, its strictly follow the uniqueness of the device hardware interface addresses by the device manufacturer in ICANN distribution under the provisions of (the Internet Corporation for assigned names and numbers), and in the permanent memory of the device, so he will not change its storage. For it is the network address, with the limited nature of IPv4 network addresses, more of a network service provider (ISP) to obtain IP network segment from RA IEEE registries, and on-demand, such as WIFI, which is from the IP network dynamic pool leased network connection point, a certain timeliness, the IP address may change.

  ARP only for IPv4, IPv6 neighbor discovery protocol to use, he was incorporated into the ICMPv6 protocol.

  ARP discovery process is the mapping between the two addresses. And always for a dynamic mapping between 32-bit and 48-bit IPv4 address of the Ethernet MAC address.

  The reason why ARP is dynamic, because it will automatically execute and change with time, when a host changed his network interface card, thus changing his hardware address (but retained temporarily or permanently assigned IP address) , ARP can dynamically discover and make changes in a short period of time.

  ARP provides reverse mapping protocol called RARP, it is for lack of a disk drive system, currently use very little.

  

  Related concepts:

  1. Ethernet. Ethernet is the most common communication protocol standards used in today's existing LAN, focused on the end of the OSI layers (the data link layer and physical layer), secondly, whether the communication between the local area network, wide area network or a computer, the final are expressed as a data packet from the initial node on some form of links starting from a node to another node is transmitted, and finally to the destination node,  

  2. The network segment (link). Used to distinguish between hosts on the network are within the same network segment in the local area network, each computer can only own the same network segment of telecommunications and computers with each other, consider a IPv4 address 192.168.123.250, indicating that it is in 192.168 .123.X (not consider subnet mask) of the network segment (any value between 1-255 X representatives). If the IP address of your router is 192.168.1.X or other address, indicating two who is not in the same network segment, you can not connect to each other between them.

  3. ARP agreement ARP request only pass on the same segment (the same network prefix), the default gateway or forwarded to the network segment (or other route), for example, A (192.168.123.250) sends an ARP request, requesting a connection B (192.168.3.0), but not within the same network segment (192.168.123.X) requesting its default gateway C (eg 192.168.12,123), assuming A gateway is located just 192.168.xx subnet, A direct connection can be found B, B C a forwards the received ARP request and response, C then the response back to a, i.e., to complete a cross-segment ARP request procedure

 

ARP broadcasts and direct delivery

  

  Suppose hosts A and B in the same network segment (the same IP network prefix), Host A to Host B sends a message, a specific address resolution procedure is as follows:
  (1) Host A looks into its ARP cache table , to determine whether it contains there ARP entry corresponding to the host B. If the corresponding MAC address, Host A uses the MAC address in the ARP table, the IP data packet encapsulating the frame, sends the data packet to Host B.

  (2) If the host can not find the MAC address A in the ARP cache table, then the data packet buffer, and then broadcasts an ARP request packet. ARP request packets the sender IP address and a Sender MAC address of Host A IP address and MAC address, destination IP address and the destination MAC address is the IP address of the host B and the all-zero MAC address. Because the ARP request packet is a broadcast, all hosts on the network can receive the request, but only the host is requested (i.e., Host B) will process the request.

  (3) Host B compares its own IP address and destination IP address of the ARP request packet, and when the two phases simultaneously processed as follows: the IP address of the ARP request packet transmitting side (i.e., Host A) and the MAC address into its ARP table. After in unicast sends an ARP response packet to the host A, which contains its own MAC address.

  (4) Host A receives the ARP response packet, the MAC address of Host B to its own ARP cache table (expiry time 20min) to a subsequent packet forwarding, while the IP packet encapsulates sent out.

  

ARP frame format

  

  Field 1 is the destination Ethernet address of the ARP request, all 1 represents a broadcast address.

  Field 2 is an Ethernet address to send ARP requests.

  Field 3 Ethernet frame type indicates the following data types, the ARP request and an ARP reply is 0x0806.

  4 field type, a hardware address hardware address more than one kind of Ethernet, Ethernet is a type of this value.

  5 field indicates the type of protocol address to be mapped to the IPv4 address on the map, this value is 0x0800.

  Fields 6 and 7 shows the hardware address length and protocol address length, MAC address representing 6 Bytes, IP address is four bytes.

  Field 8 is an operation type field, a value of 1 indicates an ARP request; is 2, it represents an ARP reply; is 3, representation RARP request; is 4, for showing RARP reply.

  Field 9 is a hardware address of the ARP request or response sender, here is the same as the Ethernet address, and 2 fields.

  Field 10 is the IP address of the ARP request or reply.

  Fields 11 and 12 are the hardware address and a destination protocol address

  ARP request frame

  

 

   ARP reply frame

  

ARP Cache

  ARP was able to operate efficiently because a maintained on each host or router ARP cache , the cache address resolution for each interface using the network layer maintains the latest mapping hardware address, when an ARP cache entry is generated, which normal expiration time is 20min

  Use arp command to check the machine arp cache (windows system)

arp -a

  

 

  It shows the ARP cache entries hardware interface addresses.

  Dynamic entries automatically add and delete (ARP learning) over time.

  Static entry will not change.

ARP Cache Timeout

  Timeout ARP generally associated with each cache entry, in most implementations, the complete entry timeout 20min, incomplete entries timeout is 3min (incomplete entry, for example, forcing the host requests a host address is not present), these implementations usually restart timeout 20min for him after each use one entry.

Proxy ARP

  Proxy ARP can cause a system to answer ARP requests different hosts. It makes ARP sender of the opinion that the system response is a destination address, and HTTP reverse proxy is similar to this effect, but in fact does not exist or the destination host in another network segment, generally should try to avoid using him.

  Proxy ARP is also known as ARP ARP ARP and mixed hackers. These names from the history of the use of proxy ARP: to hide their two physical networks to each other. In this case, two physical networks may use the same IP prefix, as long as the intermediate router is configured as a proxy ARP, in a network to other network host ARP request from the proxy response. This technique can be used not hide another set of hosts to a group of hosts. In the past, this has two common reasons: some systems can not be subnetting, some systems use older broadcast address (all 0s instead of all 1s)

  linux support an automatic proxy ARP function. He can / * / proxy_arp written characters in a document / proc / sys / net / ipv4 / conf, or use sysctl command to start, and the need to manually enter the ARP entry, but choose a proxy address range.

 

Guess you like

Origin www.cnblogs.com/kisun168/p/11509345.html
ARP
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com