Date post: | 14-Jan-2016 |
Category: |
Documents |
Upload: | daniel-lucas |
View: | 221 times |
Download: | 0 times |
BAI513 - PROTOCOLS
ARP
BAIST – Network Management
Objectives
At the end of this presentation, the student will be able to:– Describe the history of ARP– Describe the ARP Address Resolution
Process – Describe the fields contained in the ARP
header.
History of ARP
ARP is not your typical protocol– Non-routable– No network layer component
Used for resolution of MAC-layer address with a known L3 address– Also used to test for duplicate IP
addresses on a network segment• DHCP test
Types of ARP Packets
Two types– ARP request– ARP reply
Both use the same format– Differentiated by the ‘Opcode’ field
How ARP Works
Machines using ARP maintain a local cache of addresses already resolved– Cuts down on broadcasts on the network– Use command ‘arp –a’ from the
command prompt of your PC to view– Entry is removed if not used within a
certain period of time– Machine looks to local cache first before
sending ARP request on network
Sample Network
How ARP Works
Host-1 needs to talk to host-4
– No local cache entry
Therefore
– Host-1 broadcasts an ARP request to all devices on subnet 1
• A query asking what is the MAC address of the host using IP address of 172.16.1.12/24
How ARP Works
All devices on subnet 1 compare their IP address with the enclosed IP address sent by host-1
– Address not theirs, they ignore it
How ARP Works
The router will also receive the packet
– Knows that the IP address for Host-4 is on a different subnet
– Knows that it is connected to the subnet on which Host-4 resides
How ARP Works
Router will check its ARP cache
– Two possibilities
• Router knows information
– Router will respond to host-1 with an ARP reply which contains its own (the routers) MAC address
– Host-1 will then always send packets destined for Host-4 to the router, which will then send the packet on
How ARP Works
Router will check its ARP cache
– Two possibilities
• Router doesn’t know information
– Router will send its own ARP request out on host-4’s subnet asking for host-4’s MAC address
– If host-4 is up and responding, it will reply back to the router with an ARP reply
» If host-4 is not up, no reply, and we won’t get there
» But that is fairly obvious, wasn’t it?
How ARP Works
Router will update its ARP cache to include an entry from host-4
• Router will then respond to host-1’s ARP request with an ARP reply, as described above.
ARP Frame
ARP Header Fields
ARP Example
2 Byte
s
2 Bytes 1 Byte 1 Byte 2 Bytes Variable Variable Variable Variable
Hardware Type
Protocol Type
Hardware
Length
Protocol Length
Operation Source Hardware Address
Source Protocol Address
Target Hardware Address
Target Protocol Address
0001 0800 06 04 0001 00 00 c0 93 19 00 c0 99 b9 64 ff ff ff ff ff ff c0 99b9 32
0000: ff ff ff ff ff ff 00 00 c0 93 19 00 08 06 00 01 0010: 08 00 06 04 00 01 00 00 c0 93 19 00 c0 99 b9 64 0020: ff ff ff ff ff ff c0 99 b9 32 00 00 55 00 00 dc 0030: 00 6c 00 d6 00 00 00 a3 00 00 00 41
Ethernet Header – Destination (6 Bytes), Source (6 bytes ), Layer 3 Protocol (2 Bytes)
ARP Header Fields Hardware type field (16 bits)
– This field (the last 2 bytes on the first line) indicates the hardware type used in the physical layer of the network
• In the chart below (taken from RFC 1700) the hex code of 00 01 identifies this hardware type as Ethernet
Type Description Type Description 1 Ethernet (10 Mb) 9 Lanstar 2 Experimental Ethernet 10 Autonet Short Address 3 Amateur Radio AX.25 11 LocalTalk 4 Proteon ProNET Token Ring 12 LocalNet 5 Chaos 13 Ultra Link 6 IEEE 802 Networks 14 SMDS 7 ARCNET 15 Frame Relay 8 Hyperchannel 16 ATM
ARP Header Fields
ARP protocol type
This field shows the type of network protocol address that is used in the network (0x0800 = IPv4)
Uses same chart as Ethernet Protocol Type
ARP has only been implemented for IP so far
ARP Header Fields
ARP Hardware Length Identifies the number of bytes used in the
hardware address by both the source and target hosts– this field will remain constant for Ethernet
• 48 bits = 12 hex digits = 6 bytes
ARP Header Fields
ARP Protocol Length Sets the number of bytes that the two
protocols address (source and target) will contain in the ARP– Since the Protocol Type field has been set to 08 00
for IP and the current length of IP addresses is 4 bytes, this field must contain a value of 04 hex which is also 4 in decimal value.
ARP Header Fields
ARP Operation (Opcode)
Identifies the operation ARP is attempting
– ARP Request will be identified with an Operation Code of 0001
– ARP Reply will be identified with and Operation Code of 0002
• Other codes also possible – check book
– Page 56
ARP Header Fields
ARP Source Hardware Address Identical to the source hardware address field in the
Ethernet Header – repeated because the Ethernet Header is stripped from the packet
before it is sent to the Network Layer for processing
ARP Source Protocol Address contains the IP address of the station sending the message
– represents the 4-byte IP address and is sent as 8 hex characters
ARP Header Fields
ARP Target Hardware Address Filled with ones to display a 6-byte field of ff ff ff ff ff ff
– Some vendors will use all zeros as filler
– It is up to the receiver to provide the proper hardware address
ARP Target Protocol Address Field that will be used by all stations that receive this
packet to check against their own assigned IP address – If they match, the station will then update its ARP cache and provide an
ARP reply
ARP Options Field
Data (Variable)
– On Ethernet networks using TCP/IP this field is most often used for padding
– Due to the size of the Ethernet MAC and IP addresses, this field is used for about 18 bytes of padding
– Other network address schemes such as IPv6 do not require this field.
Summary
This presentation covered information that allowed the student to:– Describe the history of ARP– Describe the ARP address resolution
process – Describe the fields contained in the ARP
header.