Jump to content

Address Resolution Protocol

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Johnuniq (talk | contribs) at 01:44, 25 September 2009 (Packet structure: in practice, THA is six of 00 not FF (although FF is possible)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In computer networking, the Address Resolution Protocol (ARP) is the method for finding a host's link layer (hardware) address when only its Internet Layer (IP) or some other Network Layer address is known. ARP is defined in RFC 826.[1] It is Internet Standard STD 37.

ARP has been implemented in many types of networks; it is not an IP-only or Ethernet-only protocol. It can be used to resolve many different network layer protocol addresses to interface hardware addresses, although, due to the overwhelming prevalence of IPv4 and Ethernet, ARP is primarily used to translate IP addresses to Ethernet MAC addresses. It is also used for IP over other LAN technologies, such as Token Ring, FDDI, or IEEE 802.11, and for IP over ATM.

In the next generation Internet Protocol, IPv6, ARP's functionality is provided by the Neighbor Discovery Protocol (NDP).

Internet protocol suite
Application layer
Transport layer
Internet layer
Link layer

Operating scope

Within the framework of the Internet Protocol Suite, ARP is a Link Layer protocol because it only operates on the local area network or point-to-point link that a host is connected to.[2]

ARP is also very often discussed in terms of the Open Systems Interconnect (OSI) networking model, because that model addresses hardware-to-software interfaces more explicitly and is preferred by some equipment manufacturers. However, ARP was not developed based on the design principles and strict encapsulation hierarchy of this model and, therefore, such discussions create a number of conflicts as to the exact operating layer within this model. Most often ARP is placed into the Data Link Layer (Layer 2), but it also requires the definitions of network addresses of the Network Layer.

Packet structure

The following is the packet structure used for ARP requests and replies. On Ethernet networks, an ARP request and reply use an EtherType of 0x0806, and an ARP request is sent to the broadcast MAC address of FF:FF:FF:FF:FF:FF, while an ARP reply is generally sent to the MAC address that sent the ARP request. The EtherType 0x0806 is used in the Ethernet header, and not as the PTYPE (see below) of the ARP packet. The packet structure shown in the table has SHA and THA as 48-bit fields, and SPA and TPA as 32-bit fields, as is the case on Ethernet networks using IPv4; the actual lengths are determined by the hardware and protocol length fields.

bit offset 0 – 7 8 – 15 16 – 31
0 Hardware type (HTYPE) Protocol type (PTYPE)
32 Hardware length (HLEN) Protocol length (PLEN) Operation (OPER)
64 Sender hardware address (SHA) (first 32 bits)
96 Sender hardware address (SHA) (last 16 bits) Sender protocol address (SPA) (first 16 bits)
128 Sender protocol address (SPA) (last 16 bits) Target hardware address (THA) (first 16 bits)
160 Target hardware address (THA) (last 32 bits)
192 Target protocol address (TPA)
Hardware type (HTYPE)
Each data link layer protocol is assigned a number used in this field. For example, Ethernet is 1.
Protocol type (PTYPE)
Each protocol is assigned a number used in this field. For example, IP is 0x0800.
Hardware length (HLEN)
Length in bytes of a hardware address. Ethernet addresses are 6 bytes long.
Protocol length (PLEN)
Length in bytes of a logical address. IPv4 address are 4 bytes long.
Operation
Specifies the operation the sender is performing: 1 for request, 2 for reply, 3 for RARP request, and 4 for RARP reply.
Sender hardware address (SHA)
Hardware address of the sender.
Sender protocol address (SPA)
Protocol address of the sender.
Target hardware address (THA)
Hardware address of the intended receiver. This field is ignored in requests.
Target protocol address (TPA)
Protocol address of the intended receiver.

ARP request example

If a host with the IPv4 address 10.10.10.123 and MAC address 00:09:58:D8:11:22 needs to send a packet to another host with the IP address 10.10.10.140, but does not have its MAC address, then the host sends an ARP request to resolve the unknown address. The packet illustrated below is an example of a broadcast request. If a host with the IP 10.10.10.140 is connected and reachable, then it receives this ARP request and sends back a reply.

+ Bits 0 – 7 8 – 15 16 – 31
0 Hardware type = 0x0001 Protocol type = 0x0800
32 Hardware length = 6 Protocol length = 4 Operation = 1
64 SHA (first 32 bits) = 0x000958D8
96 SHA (last 16 bits) = 0x1122 SPA (first 16 bits) = 0x0A0A
128 SPA (last 16 bits) = 0x0A7B THA (first 16 bits) = 0x0000
160 THA (last 32 bits) = 0x00000000
192 TPA = 0x0A0A0A8C

ARP response example

According to the above scenario, if a host with the IP address 10.10.10.140 has a MAC address 00:09:58:D8:33:AA, then it will send a response packet illustrated below. Notice, the address fields of the sender and receiver now have their values exchanged (the sender of a response is a receiver of a request; the receiver of a reply is the sender of the request). Additionally, the host 10.10.10.140 has filled in its MAC address in the filed of physical address of the sender. Any host in the same network segment as the sender and receiver will get the request (as it was broadcast) and may add into their cache the sender's information. The ARP response is only sent to the source of the ARP request however, therefore the ARP response is not accessible to other hosts on the network.

+ Bits 0 – 7 8 – 15 16 – 31
0 Hardware type = 0x0001 Protocol type = 0x0800
32 Hardware length = 6 Protocol length = 4 Operation = 2
64 SHA (first 32 bits) = 0x000958D8
96 SHA (last 16 bits) = 0x33AA SPA (first 16 bits) = 0x0A0A
128 SPA (last 16 bits) = 0x0A8C THA (first 16 bits) = 0x0009
160 THA (last 32 bits) = 0x58D81122
192 TPA = 0x0A0A0A7B

ARP announcements

An ARP announcement (also known as Gratuitous ARP) is a packet containing valid sender hardware and protocol addresses (SHA and SPA) for the host that sent it, with identical destination and source addresses (TPA = SPA). Such a request is not intended to solicit a reply, but merely updates the ARP caches of other hosts that receive the packet. Gratuitous ARP is usually an ARP request [3], but it may also be an ARP reply [4][5].

Many operating systems perform this during startup. It helps to resolve problems which would otherwise occur if, for example, a network card was recently changed (changing the IP-address-to-MAC-address mapping) and other hosts still have the old mapping in their ARP caches.

Gratuitous ARP is also used by some drivers to ensure load balancing on incoming traffic. In a team of network cards, it is used to announce a different MAC address in the team to receive incoming packets.

ARP announcements can be used to defend link-local IP addresses in the Zeroconf protocol (RFC 3927), and for IP address takeover within high-availability clusters.

ARP probe

An ARP probe is an ARP request constructed with an all-zero sender IP address. The term is used in the IPv4 Address Conflict Detection specification (RFC 5227). Before beginning to use an IPv4 address (whether received from manual configuration, DHCP, or some other means), a host implementing this specification must test to see if the address is already in use, by broadcasting ARP probe packets.

ARP mediation

ARP mediation refers to the process of resolving Layer 2 addresses when different resolution protocols are used on multiple connected circuits, e.g., ATM on one end and Ethernet on the others.

Variants of the protocol

ARP has also been adapted to resolve many types of Layer 2 addresses; for example, ATMARP is used to resolve ATM NSAP addresses in the Classical IP over ATM protocol.

Inverse ARP and Reverse ARP

The Inverse Address Resolution Protocol, also known as Inverse ARP or InARP, is a protocol used for obtaining Layer 3 addresses (e.g., IP addresses) of other nodes from Layer 2 addresses (e.g. the DLCI in Frame Relay networks). It is primarily used in Frame Relay and ATM networks, where Layer 2 addresses of virtual circuits are sometimes obtained from Layer 2 signaling, and the corresponding Layer 3 addresses must be available before these virtual circuits can be used.

ARP translates Layer 3 addresses to Layer 2 addresses, therefore InARP can be viewed as its inverse. In addition, InARP is actually implemented as an extension to ARP. The packet formats are the same; only the operation code and the certain field values differ.

Reverse ARP (RARP), like InARP, also translates Layer 2 addresses to Layer 3 addresses. However, RARP is used to obtain the Layer 3 address of the requesting station itself, while in InARP the requesting station is querying the Layer 3 address of another node. RARP was obsoleted by BOOTP which itself has been superseded by the Dynamic Host Configuration Protocol (DHCP).

See also

References

  1. ^ RFC 826, An Ethernet Address Resolution Protocol -or- Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware, David C. Plummer, The Internet Society (November 1982) - Internet Standard STD-37
  2. ^ RFC 1122, Requirements for Internet Hosts -- Communication Layers, R. Braden (Ed.), Internet Engineering Task Force (October 1989)
  3. ^ Gratuitous ARP in DHCP vs. IPv4 ACD Draft
  4. ^ RFC 2002 Section 4.6
  5. ^ RFC 2131 DHCP - Last lines of Section 4.4.1

This article is based on material taken from the Free On-line Dictionary of Computing prior to 1 November 2008 and incorporated under the "relicensing" terms of the GFDL, version 1.3 or later.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Address_Resolution_Protocol&oldid=316040694"