Address Resolution Protocol

Address Resolution Protocol

ยท

2 min read

1. What is ARP ?? ๐Ÿค”

The Address Resolution Protocol (ARP) is a communication protocol for discovering layer 2 addresses, for example, MAC addresses.

ARP was defined by RFC 826 in 1982. ( RFC refers to Request for Comments as a set of rules on how a protocol or functionality should work and operate most prominently set by the IETF i.e Internet Engineering Task Force )

Devices use ARP to learn another device's MAC addresses ( Layer 2 ). An IP address ( Layer 3 ) is used to locate a device on a network whereas a MAC address identifies the actual device.

ARP table shows the respective mac addresses of the devices assigned against the IP addresses.

ARP consists of 2 messages:-

  1. ARP Request - It is a broadcast message sent to all hosts on the network. ARP Request consists of source IP, destination IP, src mac address, and destination mac address. If the destination mac address is unknown a broadcast mac address is used instead i.e FFFF.FFFF.FFFF

  2. ARP Reply - It is a unicast message sent only to one host ( uni-directional messages ).

2. Understanding ARP

arp_process.jpg

Step 1: let's assume all the Mac Addresses (table with a list of known mac addresses) table is empty.

Step 2: Host A sends an ARP request.

Step 3: The switch checks if the requested mac address is in the mac address table.

Step 4: If the mac address exists a unicast is sent directly to the destination address else a broadcast request is sent just like in the above image.

Step 5: The matching mac address ( Here Host B ) sends an ARP Reply message confirming its existence other packets whose destination mac address doesn't match are dropped.

3. Viewing ARP table

arp table.png

We can use the "arp -a" command to view the list of known mac addresses in windows, mac, and Linux.

4. Dynamic vs Static ARP entries

Dynamic type entries are those entries that are automatically learned and are kept on a device for a while time whereas static type is those entries where the mac address is manually added to the cache table for a device and are retained in the cache permanently.

Static+and+Dynamic+ARP+Cache+Entries.jpg

Did you find this article valuable?

Support Saket's Blog by becoming a sponsor. Any amount is appreciated!

ย