Download Address Resolution Protocol

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
Document related concepts

Dynamic Host Configuration Protocol wikipedia , lookup

Distributed firewall wikipedia , lookup

RapidIO wikipedia , lookup

Computer network wikipedia , lookup

Deep packet inspection wikipedia , lookup

Internet protocol suite wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Point-to-Point Protocol over Ethernet wikipedia , lookup

AppleTalk wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

I²C wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
Unit 4
Address Resolution
Overview
Description
IP addresses are assigned to hosts and are logically independent of their
physical address. The network-layer software must depend on the data
link layer to deliver data to a host on the same physical network.
Therefore, the IP address must be mapped to the physical (MAC) address
of the host.
The Address Resolution Protocol (ARP) is used to associate known IP
addresses to unknown physical hardware, MAC, addresses.
A node uses ARP with another node when it determines that the
destination address is on a directly attached network. The node can
determine if the host is local by comparing the network portion (including
the subnet) of its own address with the destination address.
Reverse Address Resolution Protocol (RARP) is used to associate a known
MAC address to an unknown IP address. As its name indicates, it is
simply the reverse of ARP.
Unit Table of Contents
This unit contains the following lesson:
Lesson
Pages
Length
Lesson 4-1: Address Resolution Protocol
162-182
5 hours
ST0025804A
161
Unit 4: Address Resolution
Lesson 4-1: Address Resolution Protocol
At a Glance
ARP, the Address Resolution Protocol, is a member of the TCP/IP protocol
suite that is used to translate between logical IP addresses, and physical
MAC addresses. It accomplishes this task by building a correspondence
table of IP and MAC addresses, using specialized packets, broadcast on
the local network.
What You Will Learn
After completing this lesson, you will be able to do the following:
162
•
Diagram how the ARP mechanism is used in address resolution.
•
Describe Gratuitous ARP.
•
Describe Proxy ARP.
•
Interpret an ARP Cache.
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
Tech Talk
•
ARP Cache—Another term for ARP Table. A storage mechanism that
associates all the IP addresses of the hosts on a network with their
MAC addresses.
•
ARP Cache Timeout—The time period during which a proxy must rebind or link its addresses. The proxy’s hosts are unavailable until the
hosts using it as a proxy re-request their addresses.
•
ARP Reply—Contains both the IP and MAC addresses for the
destination host. Issued in response to the ARP request.
•
ARP Request—Contains the IP address of the host computer
attempting to send a packet across the network.
•
ARP Table—A table that associates all the IP addresses of the hosts on
a network with their MAC Addresses.
•
Gratuitous ARP—A method for a host to request its own address.
•
Proxy ARP—A method that allows hosts on different LANs to
successfully transmit packets across an internetworking environment.
Hosts may act as a representative for other hosts on different LANs.
ST0025804A
163
Unit 4: Address Resolution
The ARP Mechanism
ARP, the Address Resolution Protocol, is different than other protocols in
the TCP/IP suite. Instead of being a peer-to-peer protocol, it is the
interface between IP, a Layer 3 protocol, and an underlying Layer 2
protocol, which it depends upon for transport. To understand the need for
ARP, consider the network illustrated below.
Suppose that host A’s IP layer has a packet destined for address
168.192.10.12. It transmits this packet across the network.
Host A Transmits a Packet to Host C
A
168.192.10.5
168.192.10.254
08.00.20.92.b1.04
08.00.20.92.b1.7f
C
168.192.10.12
08.00.20.92.b1.52
B
168.192.10.12 Packet
164
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
The Ethernet layer encapsulates the IP packet for transport.
The IP Packet is Encapsulated in an Ethernet Frame
168.192.10.5
163.192.10.5
168.192.10.254
163.192.10.254
08.00.20.92.b1.04
08.00.20.92.b1.7f
A
168.192.10.12
163.192.10.12
08.00.20.92.b1.5
2
08.00.20.92.b1.52
C
B
168.192.10.12 Packet
IP Header
Ethernet
?
Preamble
03.00.20.92.b1.7f
...
...
168.192.10.254
Source
MAC Address
IP Source
Address
168.192.10.12
Data
IP Destination
Address
Destination
MAC Address
Address
In order for the host to be able to transport the IP packet, it must be able
to determine the destination MAC address corresponding to the
destination IP address in a packet it is to transport. To do this, it must
refer to an ARP table, also known as an ARP cache, that associates the IP
addresses and MAC addresses of all the hosts on a network.
The ARP Table or Cache
IP Address
MAC Address
168.192.10.254
08.00.20.92.b1.7f
168.192.10.5
08.00.20.92.b1.04
168.192.10.12
08.00.20.92.b1.52
ST0025804A
165
Unit 4: Address Resolution
This table relates IP addresses to the corresponding MAC addresses. If the
destination IP address is in this table, the host only needs to look up the
destination IP address and insert the corresponding MAC address in the
Ethernet frame. It can then transmit the packet to the destination.
Building The ARP Table
In the previous example, the Host A is attempting to transport a packet
addressed to 192.168.10.12, Host C. To do so, it first looks in the ARP
table to see if it can find a corresponding MAC address. If the MAC
address is not in the table, it constructs an ARP Request. The ARP request
contains the IP address of the host computer attempting to send a packet
across the network.
ARP Request
Ethernet Header
Ff.ff.ff.ff.ff.ff
03.00.20.92.b1.7f
...
Preamble
Source
MAC Address
Destination
MAC Address
...
08.00.20.92.b1.7f
Source
MAC Address
168.192.10.254
00.00.00.00.00.00 168.192.10.12
Destination
MAC Address
Source
IP Address
Destination
IP Address
The ARP Request Format
This packet is sent to the Ethernet broadcast address, so all connected
hosts receive it. Since the sending host has put its source MAC and IP
addresses into the packet, all receiving hosts add an entry for the source to
their own ARP tables.
166
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
Only one of the hosts (host C in the example) is using the destination IP
address. That host constructs an ARP reply and returns it to the
requester.
The ARP Reply Format
ARP Reply
Ethernet Header
Ff.ff.ff.ff.ff.ff
03.00.20.92.b1.7f
Preamble
Source
MAC Address
Destination
MAC Address
...
...
08.00.20.92.b1.7f
168.192.10.254
Source
MAC Address
08.00.20.92.b1.52 168.192.10.12
Destination
MAC Address
Source
IP Address
Destination
IP Address
This ARP reply contains both the IP and MAC addresses for host C. Host
A, when it receives the frame, can make the appropriate entries in its ARP
table. Host A can now send its original packet to C. Because C created an
ARP entry for A, when A made its ARP request, it can reply.
Check Your Understanding
Briefly describe how an ARP table is built.
ST0025804A
167
Unit 4: Address Resolution
ARP Packet Format
ARP is defined to be a universal mechanism for relating addresses between
two protocols. The ARP packet illustrated can be encapsulated in a datalink protocol as a broadcast message.
ARP Packet Format for IP Over Ethernet
Source
Hardware
Type
2 octets
H
S
1
Z
Protocol
Type
P
S
1
Z
Hardware
Address
2 octets
1
octet 1
octet
HS1Z
octets
Protocol
Address
PS1Z
octets
Destination
Hardware
Address
HS1Z
octets
Protocol
Address
PS1Z
octets
The fields in an ARP packet are:
168
•
Hardware type: 2 octets—This field identifies the specific data-link
protocol being used. For Ethernet, the value of this field is 1.
•
Protocol type: 2 octets—As the hardware type identified the data-link
protocol, this field identifies the network protocol. For IP, the value of
this field is 2048.
•
Hardware address size: 1 octet—This field specifies the length, in
octets, of a MAC address in fields 5 and 7 of the ARP packet. For
Ethernet, the value of this field is 6
•
Protocol address size: 1 octet—Analogous to the hardware address size,
this field specifies the length, in octets, of the protocol addresses in
fields 6 and 8 of the ARP packet.
•
Addresses: varying—The next four fields are the source hardware, and
protocol addresses, and the destination hardware and protocol
addresses, respectively. The two hardware addresses are the length
specified in the Hardware address size field, and the protocol addresses
are the length specified in the Protocol address field. In the case of IP
over Ethernet, this corresponds to two 6-octet fields, and two 4-octet
fields, for a total of 20 octets.
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
Gratuitous ARP
Gratuitous ARP is used as a method for a host to request its own address.
It is usually done when the host first boots up to inform the other hosts on
the network of its address, often a new MAC address, and to verify it does
not have a duplicate MAC address.
In the previous example, Hosts A and C created entries for each other in
their respective ARP tables. Suppose, however, that for some reason Host
C’s addressing information changes. One way this could happen is when a
NIC fails and must be replaced. When the NIC is replaced, the new NIC
will have a new MAC hardware address.
Because Host A still has Host C’s old MAC address in its ARP table, it will
continue to attempt to send any packet addressed to C using the old MAC
address. It will continue to do this until Host A is no longer connected to
the network.
In order to correct this problem whenever a host changes either its MAC or
its logical address, it performs a gratuitous ARP request for its own logical
address. This accomplishes two things:
•
If any other host replies, there is a logical address conflict. This
usually generates a system warning.
•
Since all hosts update their ARP tables in response to an ARP request,
any old MAC addresses for a new host are eliminated.
ST0025804A
169
Unit 4: Address Resolution
Proxy ARP
Proxy ARP is a method that allows hosts on different LANs to successfully
transmit packets across an internetworking environment.
Suppose that Host A has an IP packet addressed to Host D. According to
the normal ARP process, it might send a request to all other hosts
physically connected to its network, in an attempt to discover a MAC
address for Host D. Since Host D is not physically connected to Host A’s
network, A will receive no reply. Eventually it will conclude that Host D is
unreachable, and report an error.
Host A Sends an ARP Request
A
D
ARP
Request
D’s
address?
E
B
Router
F
C
170
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
Suppose however, that the router has Proxy ARP enabled and it recognizes
ARP requests for Host D, located on the other side. Host D can not reply to
the ARP request. However, the router, when it sees the ARP request from
Host A to Host D, replies with its own MAC address.
The Router Replies
D
A
B
ARP
Reply
with
Router
address
E
Router
F
C
ST0025804A
171
Unit 4: Address Resolution
Host A, assuming that it now has Host D’s MAC address, makes the
corresponding entry in its ARP table, and sends the packet to the router.
It is up to the router to recognize that the packet is intended for Host D,
and to arrange its delivery. The router is serving as a proxy for Host D.
The Router Becomes Host D’s Proxy
D
A
Packet
E
B
Router
F
C
Proxy ARP is occasionally used by routers to forward packets between
hosts when a router is inserted to subnet a network. The hosts on the
network that have not yet been converted (ARP Table has not been
updated) to the new subnet would expect to transmit packets directly to all
other hosts, even those newly located behind the inserted router. The
router must act as a proxy for those hosts newly subnetted.
Check Your Understanding
Diagram the differences between gratuitous ARP and proxy ARP.
172
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
Proxy ARP Versus Bridging
A bridge delivers a packet based on its destination MAC address. The
source host puts the destination host’s MAC address into the frame.
Bridges forward the packet to the destination based on that address.
Proxy ARP is based, instead, on the binding between a MAC address, and a
logical address. Because the two are separate, an intermediate router can
proxy for any host to which it knows a path. The proxy can make distant
hosts appear to be on the local network.
Like transparent bridging, proxy ARP is invisible to the source host.
Unlike bridging, however, the source never needs to know a MAC address
for the destination. Instead it discovers, dynamically, a proxy that will
forward the packet.
Proxy ARP has its shortcomings, too. There is no mechanism through
which a proxy can perform gratuitous ARP for all hosts for which it is a
proxy. If the proxy must re-bind its addresses, the hosts for which it is a
proxy will be unavailable until the hosts using it as a proxy re-request
their addresses. Commonly this period, the ARP cache timeout, is
approximately 20 minutes.
Proxy ARP also means that each source host must have a separate entry
for each destination to which it sends. It is not uncommon for a large
server for the World Wide Web to interact with hundreds of different hosts
per minute. Such a server might have to have thousands of different ARP
entries.
ST0025804A
173
Unit 4: Address Resolution
Try It Out
Examine Your ARP Cache
To do this experiment, you will need to refer to the diagram of your
classroom network. This should be located in your portfolio. If not, or if
your class network has changed, you should diagram the network before
beginning this activity.
Materials Needed:
•
Classroom Network Diagram
•
Classroom Network
•
Windows 95 PC
•
Any Word Processor (e.g., MS Word)
•
Pen/Pencil and Paper
•
Student Portfolio
Record your experiences, results, specifications, and conclusions in your
portfolio. Write summary of the lab.
It is quite simple to examine the ARP cache on our workstation.
1. Open the MS-DOS Prompt from the Start/Programs menu.
2. At the prompt, type arp –a.
3. When the ARP Table appears, answer the following questions:
a. Where are the IP addresses?
b. Which column contains MAC addresses?
4. Refer to a diagram of your network and decide whether or not there are
entries in the table that surprise you. Are there any that you would
expect to be there that are not? If so, speculate as to why?
5. If there is an address that you think is missing from the ARP cache, try
pinging it, and then look in the table again. Is it there now? What do
you think happened?
a. To ping, type in the command prompt “ping” and the IP address of
the station you wish to ping.
174
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
6. Are there some IP addresses that you can ping successfully, but that
you cannot get to appear in the ARP cache? Can you explain why?
7. Leave your workstation untouched for 30 minutes, and examine the
ARP cache again. Can you explain what has happened, and why?
Rubric: Suggested Evaluation Criteria and Weightings
Criteria
%
Individual Summary (on-time delivery)
25
Analysis and synthesis of information
50
Summary organized and in format suitable for
reproduction
25
TOTAL
100
ST0025804A
Your Score
175
Unit 4: Address Resolution
Stretch Yourself
The ARP Game
Materials Needed:
•
Windows 95 PC (optional)
•
Any Word Processor (e.g., MS Word) (optional)
•
Pen/Pencil and Paper
Devise a team action game for 6-8 students based on the Address
Resolution Protocol. Document a simple set of rules and describe their
relationship to ARP.
Rubric: Suggested Evaluation Criteria and Weightings
176
Criteria
%
Simple, but clear set of rules.
25
Creative and enticing game.
50
Accurate relationship to ARP concepts.
25
TOTAL
100
ST0025804A
Your Score
Routing
Lesson 4-1: Address Resolution Protocol
Network Wizards
Hubs and Switches
Materials Needed:
•
2 BayStack 152 Hubs
•
2 BayStack 153 Hubs
•
2 Nortel Networks 350T Switches
•
2 Straight Through Ethernet Cables (Cat. 5 w/ RJ-45 connectors)
•
2 Windows 95 PCs
•
Any Word Processor (e.g., MS Word)
•
Pen/Pencil and Paper
•
Student Portfolio
For this experiment you will need a network configured as shown below:
BayStack Hub
W S1
W S2
Be sure to use the BayStack 152 Hub for this first experiment.
Work in groups of three. Record your experiences, results, speculations,
and conclusions in your portfolio. Write a summary of the lab.
ST0025804A
177
Unit 4: Address Resolution
Part One
1. Open the MS-DOS Prompt from the Start/Programs menu on WS1.
2. Ping WS2 using the command ping -t and WS2’s IP address.
3. The -t flag tells ping to keep pinging WS2 until you explicitly stop it,
using a Control-C.
4. Start ping running, and verify that there is connectivity between WS1
and WS2.
5. As you watch the ping responses scroll by, speculate about what you
think will happen if you unplug WS1's cable from its socket on the hub,
and then quickly plug it back in.
6. Try it. Did it do what you expected?
7. Experiment with disconnecting and reconnecting cables in several
other places. Is there any place in which unplugging the cable will
cause ping to fail irretrievably? Is there a maximum amount of time,
after which ping will not restart?
178
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
Part Two
Now try another scenario.
1. Start ping and quickly reverse the cables from the two different
WS1
WS1
BayStack 152 Hub
BayStack 152 Hub
WS2
Before
After
WS2
workstations in their hubs, as shown below.
2. Record your observations.
3. Is this behavior what you expected?
Part Three
Repeat this entire experiment using the BayStack 153 Hub, and then the
350-T Switch. Are the results the same? Explain.
Rubric: Suggested Evaluation Criteria and Weightings
Criteria
%
Group cooperative participation
25
Analysis and synthesis of information
50
Summary organized and documented for portfolio
25
TOTAL
100
ST0025804A
Your Score
179
Unit 4: Address Resolution
Summary
In this lesson, you learned the following:
•
How the ARP mechanism is used in address resolution.
•
The description of Gratuitous ARP.
•
Description of Proxy ARP.
•
How to interpret an ARP Cache.
Review Questions
Name___________________
Lesson 4-1: Address Resolution Protocol
Part A
Diagram how ARP creates an ARP Table. Summarize the steps.
Part B
Describe Gratuitous ARP and the primary reason this form of ARP is so
important. Include an example in your description.
Part C
Describe Proxy ARP and the primary reason this form of ARP is so
important. Include an example in your description.
180
ST0025804A
Routing
Lesson 4-1: Address Resolution Protocol
Scoring
Rubric: Suggested Evaluation Criteria and Weightings
Criteria
%
Part A: Diagram how the ARP mechanism is
used in address resolution
50
Part B: Describe Gratuitous ARP
25
Part C: Describe Proxy ARP
25
TOTAL
100
Try It Out: Interpret an ARP Cache
100
Stretch Yourself
100
Network Wizards
100
FINAL TOTAL
400
ST0025804A
Your Score
181
Unit 4: Address Resolution
Resources
Comer, D. E. (1995). Internetworking With TCP/IP: Principles, Protocols,
and Architecture 3rd edition, Prentice Hall, Upper Saddle River, New
Jersey.
Free Soft. (2000). Connected: An Internet Encyclopedia ARP Protocol
Overview. Available Online: http://www.FreeSoft.org/CIE/Topics/61.htm.
Perlman, R. (1992). Interconnections: Bridges and Routers, AddisonWesley Publishing Co.,Reading, MA.
Stevens, W. R.(1994). TCP/IP Illustrated, Volume 1: The Protocols,
Addison-Wesley Publishing Co., Reading, MA.
182
ST0025804A
Routing
Related documents
Security Lab
Security Lab
Chapter 5
Chapter 5
Cisco certified network associate
Cisco certified network associate
AT Series | Architectural LED Brochure
AT Series | Architectural LED Brochure
Ethernet: An Introduction Carrier Sense Multiple Access with
Ethernet: An Introduction Carrier Sense Multiple Access with
CS 5480/6480: Computer Networks – Spring 2012 Homework 4
CS 5480/6480: Computer Networks – Spring 2012 Homework 4
IP Routing
IP Routing
Exercise3 - University of North Carolina Wilmington
Exercise3 - University of North Carolina Wilmington
Networking-1
Networking-1
Chapter 1: Protocols and Layers
Chapter 1: Protocols and Layers
Module 4 Data Link Layer
Module 4 Data Link Layer
Tutorial 1 Answers File
Tutorial 1 Answers File
Address Resolution Protocol
Address Resolution Protocol