Chapter 6 Mapping Internet Addresses to Physical Addresses (ARP)
IPv6 uses a technique known as direct mapping. The basic idea is straightforward: use a computer’s hardware address as the host portion of the computer’s Internet address.
Direct mapping has the advantage that new computers can be added to a networkwithout changing existing assignments and without propagating new information to existing computers.
6.3 IPv4 Address Resolution Through Dynamic Binding
Although it is efficient, direct mapping cannot be used with IPv4 if a hardware addresses is larger than an IPv4 address. The designers chose to use a low-level protocol that resolves addresses dynamically. Named the Address Resolution Protocol(ARP), the protocol provides a mechanism that is reasonably efficient and does not require an administrator to configure tables manually.
The Address Resolution Protocol, ARP, allows a host to find the physical address of a target host on the same physical network, given only the target’s IP address.
6.4 The ARP Cache
The standard specifies that ARP software must maintain acacheof recently acquired IP-to-hardware address bindings.
6.5 ARP Cache Timeout
A timer is set when information is added to the cache; when the timer expires, the information is deleted.
6.6 ARP Refinements
Several refinements of ARP have been included in the protocol that reduce the amount of network traffic and automate recovery after a hardware address changes:
* ARP requires A to include its IP-to-hardware address binding when sending B a request. B extracts A’s binding from the request and saves the binding in its ARP cache. Thus, when sending an Internet packet to A, B will find the binding is already in its cache.
* The protocol specifies that each machine extract the sender’s IP-to-hardware address binding from the request, and use the information to update the binding in their cache. Notice that a machines that do not already have an entry for sender in their cache do not add this sender’s information; the standard only specifies updating the hardware address on existing entries.
* The computer can notify others of a new address (eg. changing of new hardware due to failure) by broadcasting a gratuitous ARP request.
The sender’s IP-to-hardware address binding is included in every ARP broadcast; receivers use the information to update their address binding information. The intended recipient uses the information to create a new cache entry in anticipation of a reply.
6.7 Relationship of ARP to other protocols
ARP is a low-level protocol that hides the underlying addressing used by network hardware, permitting us to assign an arbitrary IP address to every machine. We think of ARP as associated with the physical network system rather than as part of the Internet protocols.
6.8 ARP Implementation
The first part provides address resolution for outgoing packets: given the IP address of a computer on the network, it finds the hardware address of the computer. If an address is not in the cache, it sends a request.
The second part handles incoming ARP packets. It updates the cache, answers requests from other computers on the network, and checks whether a reply matches an outstanding request.
The timestamp on an entry is reset each time the entry is used. When space must be reclaimed, the entry with the oldest time stamp is removed from the cache. The timestamp refresh every time when received the update.
6.9 ARP Encapsulation and Identification
On an Ethernet, frames carrying ARP messages have a type field of 0x0806, where the prefix0xindicates a hexadecimal value. The frame type for ARP has been standardized by IEEE (which owns the Ethernet standards). Thus, when ARP travels over any Ethernet, the type is always 0x0806. Other hardware technologies may use other values.
6.10 ARP Message Format
The designers did not restrict ARP to IPv4 addresses. Instead, the size of protocol address fields in an ARP message depends on the type of high-level protocol address being used. The design allows ARP to map an arbitrary high-level protocol address to an arbitrary network hardware address. In practice, ARP is only used to map 32-bit IPv4 addresses to 48-bit Ethernet addresses.
The protocol address is 32 bits (4 octets) long, and the hardware address is 48-bits (6 octets) long.
HARDWARE TYPE specifies a hardware interface type for which the sender seeks an answer; it contains the value 1 to specify that the hardware address is an Ethernet MAC address.
PROTOCOL TYPE specifies the type of high-level protocol address the sender has supplied; it contains 0x0800 (hexadecimal) to specify that the protocol address is IPv4.
HLEN and PLEN specify the length of a hardware address and the length of a protocol address.
OPERATION specifies an ARP request (1), ARP response (2), RARP request (3), or RARP response (4).
SENDER HARD specified the sender hardware address and its IPv4 address, if known, in SENDER IPv4.
TARGET HARD and TARGET IPv4 give the hardware address and protocol address of the target machine, if known. For a response message (i.e., a reply), the target information can be extracted from the request message. When sending an ARP request, a sender knows the target’s IPv4 address, but does not know the target’s hardware address. Therefore, in a request, the target hardware address field contains zeroes.
An ARP reply carries the IPv4 address and hardware address of the original requester as well as the IPv4 address and hardware address of the sender. In a request, the target hardware address is set to zero because it is unknown.
6.11 Automatic ARP Cache Revalidation
To avoiding jitter arises from early re-validation, designer implements two counters with each entry in the ARP cache: the traditional timer and a revalidation timer. The revalidation timer is set to a slightly smaller value than the traditional timer. When the revalidation timer expires, the software examines the entry. If datagrams have recently used the entry, the software sends an ARP request and continues to use the entry. When it receives a reply, both timers are reset. Of course, if no reply arrives, the traditional timer will expire, and ARP will again try to obtain a response.
6.12 Reverse Address Resolution (RARP)
RARP was once an essential protocol used to bootstrap systems that did not have stable storage (i.e., diskless devices). Eg: at startup, a system broadcasts a RARP request to obtain an IP address. The request contains the sender’s Ethernet address. A server on the network receives the request, looks up the Ethernet address in a database, extracts the corresponding IPv4 address from the database, and sends a RARP reply with the information. Once the reply arrives, the diskless system continues to boot, and uses the IPv4 address for all communication. RARP uses Ethernet type 0x8035.
6.13 ARP Caches in Layer 3 Switches
First, a switch can watch ARP traffic and keep a record of bindings between IP addresses and Ethernet addresses. Second, if it has the necessary information, a switch can respond to an ARP request without broadcasting the request. Third, an Ethernet address can only change if a computer is powered down, and a switch can tell whether a computer has been powered down. Therefore, a switch can create its own cache of ARP information and can answer requests.
6.14 Proxy ARP
Proxy ARP relies on a computer that has two network connections and runs special-purpose ARP software. Proxy ARP can be used for a firewall or on a VPN connection. The idea is that because a proxy ARP machine impersonates machines on the second network, all packets must travel though the proxy ARP machine where they can be checked.
6.15 IPv6 Neighbor Discover
IPv6’s Neighbor Discovery Protocol(NDP) replaces ARP and allows a host to map between an IPv6 address and a hardware address.
ICMPv6 includes messages that a computer uses to find its neighbors at startup and to check the status of a neighbor periodically.
ARP uses a late-binding approach with soft state. ARP waits until a datagram must be sent to a neighbor before taking any action. After it performs an exchange, ARP stores the binding in its cache, and then sends IP packets to the neighbor without checking the neighbor’s status until the ARP cache timer expires.
NDP uses early binding and takes a proactive approach to state maintenance. Instead of waiting until a datagram must be sent, an IPv6 node uses NDP to discover neighbors at startup. Furthermore, an IPv6 node continually checks the status of neighbors. Thus, transmission of an IPv6 datagram to a neighbor can proceed without delay and does not involve broadcast.
Daniel Networking Blog
There is a great example by Daniel to explain on how ARP works in actual environment.
The link is HERE.
6.1 Two Types of Hardware Addresses
The purpose of ARP is to find out the hardware address for a host for which we know the IP. There are two basic types of hardware addresses: those that are larger than the host
portion of an IP address and those that are smaller. IPv6 accommodates all types of hardware addresses. Thus, the distinction is only important for IPv4
6.2 Resolution Through Direct MappingThere is a great example by Daniel to explain on how ARP works in actual environment.
The link is HERE.
6.1 Two Types of Hardware Addresses
The purpose of ARP is to find out the hardware address for a host for which we know the IP. There are two basic types of hardware addresses: those that are larger than the host
portion of an IP address and those that are smaller. IPv6 accommodates all types of hardware addresses. Thus, the distinction is only important for IPv4
IPv6 uses a technique known as direct mapping. The basic idea is straightforward: use a computer’s hardware address as the host portion of the computer’s Internet address.
Direct mapping has the advantage that new computers can be added to a networkwithout changing existing assignments and without propagating new information to existing computers.
6.3 IPv4 Address Resolution Through Dynamic Binding
Although it is efficient, direct mapping cannot be used with IPv4 if a hardware addresses is larger than an IPv4 address. The designers chose to use a low-level protocol that resolves addresses dynamically. Named the Address Resolution Protocol(ARP), the protocol provides a mechanism that is reasonably efficient and does not require an administrator to configure tables manually.
The Address Resolution Protocol, ARP, allows a host to find the physical address of a target host on the same physical network, given only the target’s IP address.
6.4 The ARP Cache
The standard specifies that ARP software must maintain acacheof recently acquired IP-to-hardware address bindings.
6.5 ARP Cache Timeout
A timer is set when information is added to the cache; when the timer expires, the information is deleted.
6.6 ARP Refinements
Several refinements of ARP have been included in the protocol that reduce the amount of network traffic and automate recovery after a hardware address changes:
* ARP requires A to include its IP-to-hardware address binding when sending B a request. B extracts A’s binding from the request and saves the binding in its ARP cache. Thus, when sending an Internet packet to A, B will find the binding is already in its cache.
* The protocol specifies that each machine extract the sender’s IP-to-hardware address binding from the request, and use the information to update the binding in their cache. Notice that a machines that do not already have an entry for sender in their cache do not add this sender’s information; the standard only specifies updating the hardware address on existing entries.
* The computer can notify others of a new address (eg. changing of new hardware due to failure) by broadcasting a gratuitous ARP request.
The sender’s IP-to-hardware address binding is included in every ARP broadcast; receivers use the information to update their address binding information. The intended recipient uses the information to create a new cache entry in anticipation of a reply.
6.7 Relationship of ARP to other protocols
ARP is a low-level protocol that hides the underlying addressing used by network hardware, permitting us to assign an arbitrary IP address to every machine. We think of ARP as associated with the physical network system rather than as part of the Internet protocols.
6.8 ARP Implementation
The first part provides address resolution for outgoing packets: given the IP address of a computer on the network, it finds the hardware address of the computer. If an address is not in the cache, it sends a request.
The second part handles incoming ARP packets. It updates the cache, answers requests from other computers on the network, and checks whether a reply matches an outstanding request.
The timestamp on an entry is reset each time the entry is used. When space must be reclaimed, the entry with the oldest time stamp is removed from the cache. The timestamp refresh every time when received the update.
6.9 ARP Encapsulation and Identification
On an Ethernet, frames carrying ARP messages have a type field of 0x0806, where the prefix0xindicates a hexadecimal value. The frame type for ARP has been standardized by IEEE (which owns the Ethernet standards). Thus, when ARP travels over any Ethernet, the type is always 0x0806. Other hardware technologies may use other values.
6.10 ARP Message Format
The designers did not restrict ARP to IPv4 addresses. Instead, the size of protocol address fields in an ARP message depends on the type of high-level protocol address being used. The design allows ARP to map an arbitrary high-level protocol address to an arbitrary network hardware address. In practice, ARP is only used to map 32-bit IPv4 addresses to 48-bit Ethernet addresses.
The protocol address is 32 bits (4 octets) long, and the hardware address is 48-bits (6 octets) long.
HARDWARE TYPE specifies a hardware interface type for which the sender seeks an answer; it contains the value 1 to specify that the hardware address is an Ethernet MAC address.
PROTOCOL TYPE specifies the type of high-level protocol address the sender has supplied; it contains 0x0800 (hexadecimal) to specify that the protocol address is IPv4.
HLEN and PLEN specify the length of a hardware address and the length of a protocol address.
OPERATION specifies an ARP request (1), ARP response (2), RARP request (3), or RARP response (4).
SENDER HARD specified the sender hardware address and its IPv4 address, if known, in SENDER IPv4.
TARGET HARD and TARGET IPv4 give the hardware address and protocol address of the target machine, if known. For a response message (i.e., a reply), the target information can be extracted from the request message. When sending an ARP request, a sender knows the target’s IPv4 address, but does not know the target’s hardware address. Therefore, in a request, the target hardware address field contains zeroes.
An ARP reply carries the IPv4 address and hardware address of the original requester as well as the IPv4 address and hardware address of the sender. In a request, the target hardware address is set to zero because it is unknown.
6.11 Automatic ARP Cache Revalidation
To avoiding jitter arises from early re-validation, designer implements two counters with each entry in the ARP cache: the traditional timer and a revalidation timer. The revalidation timer is set to a slightly smaller value than the traditional timer. When the revalidation timer expires, the software examines the entry. If datagrams have recently used the entry, the software sends an ARP request and continues to use the entry. When it receives a reply, both timers are reset. Of course, if no reply arrives, the traditional timer will expire, and ARP will again try to obtain a response.
6.12 Reverse Address Resolution (RARP)
RARP was once an essential protocol used to bootstrap systems that did not have stable storage (i.e., diskless devices). Eg: at startup, a system broadcasts a RARP request to obtain an IP address. The request contains the sender’s Ethernet address. A server on the network receives the request, looks up the Ethernet address in a database, extracts the corresponding IPv4 address from the database, and sends a RARP reply with the information. Once the reply arrives, the diskless system continues to boot, and uses the IPv4 address for all communication. RARP uses Ethernet type 0x8035.
6.13 ARP Caches in Layer 3 Switches
First, a switch can watch ARP traffic and keep a record of bindings between IP addresses and Ethernet addresses. Second, if it has the necessary information, a switch can respond to an ARP request without broadcasting the request. Third, an Ethernet address can only change if a computer is powered down, and a switch can tell whether a computer has been powered down. Therefore, a switch can create its own cache of ARP information and can answer requests.
6.14 Proxy ARP
Proxy ARP relies on a computer that has two network connections and runs special-purpose ARP software. Proxy ARP can be used for a firewall or on a VPN connection. The idea is that because a proxy ARP machine impersonates machines on the second network, all packets must travel though the proxy ARP machine where they can be checked.
6.15 IPv6 Neighbor Discover
IPv6’s Neighbor Discovery Protocol(NDP) replaces ARP and allows a host to map between an IPv6 address and a hardware address.
ICMPv6 includes messages that a computer uses to find its neighbors at startup and to check the status of a neighbor periodically.
ARP uses a late-binding approach with soft state. ARP waits until a datagram must be sent to a neighbor before taking any action. After it performs an exchange, ARP stores the binding in its cache, and then sends IP packets to the neighbor without checking the neighbor’s status until the ARP cache timer expires.
NDP uses early binding and takes a proactive approach to state maintenance. Instead of waiting until a datagram must be sent, an IPv6 node uses NDP to discover neighbors at startup. Furthermore, an IPv6 node continually checks the status of neighbors. Thus, transmission of an IPv6 datagram to a neighbor can proceed without delay and does not involve broadcast.
Nice Explaination
ReplyDelete