The Address Resolution Protocol (ARP) is a critical communication protocol used on local area networks (LANs). It is defined in RFC 826 and operates at Layer 2 of the OSI model. ARP provides the translation between IP addresses and MAC addresses within a single network.
This allows machines to communicate directly on the LAN without the need for complex routing. ARP is a simple protocol, relying on broadcast requests and responses to populate ARP cache tables. The proper functionality of ARP is foundational for communication on Ethernet networks.
The Role of ARP in Network Communication
ARP enables effective communication between devices on a LAN by bridging between Layer 3 IP addressing and Layer 2 MAC addressing. Whenever a node on an IP network needs to send data to another local IP address, ARP is used to determine the recipient’s MAC address.
The sender consults its ARP cache or initiates an ARP broadcast to resolve the IP into a MAC. Without the IP-to-MAC translation ARP provides, LAN nodes would be unable to properly address frames to each other using the right MAC destination address. ARP is the key enabler for getting data to the right physical interface.
The Purpose and Function of an ARP Table
The core purpose of the ARP table, sometimes referred to as the ARP cache, is to record IP address to MAC address mappings discovered on the LAN. Here is an example ARP table:
The ARP table serves as a lookup reference for determining the MAC address that corresponds to a given IP address. This saved mapping information eliminates the need to repeatedly send ARP requests for addresses already resolved.
Decoding the ARP Table
The Process of MAC (Media Access Control) Address Discovery
When an IP address needs to be resolved to a MAC address, the node sends an ARP “Who has” broadcast request onto the LAN containing the desired IP address.
The device assigned to that IP will then respond with its MAC address. This response is unicasted directly back to the requesting node. The MAC returned in the ARP reply gets cached in the requester’s ARP table.
The Significance of Each Device’s Unique ARP Table
Because ARP functions within a single LAN broadcast domain, its effectiveness depends on each device building its own ARP cache to reflect the local network. The ARP table on each node is populated by the ARP requests made specifically by that device. No two ARP tables are identical since they represent the perspective of each device’s communications.
The Importance of ARP in Network Communication
Without the IP addressing to MAC addressing linkage provided by ARP, Layer 3 routing of packets could not occur down to Layer 2 delivery between physical network interfaces. Communication would fail without mapping IP-to-MAC. ARP enables getting network packets to the right destination device.
The Mechanics of ARP
The Interplay of MAC and IP Addresses in the OSI Model
MAC addresses uniquely identify devices at the Layer 2 data link layer, while IP addresses route packets at the Layer 3 network layer. Before a packet goes out on the wire, both the MAC and IP addresses must be properly set. ARP handles the process of harmonizing IP and MAC for effective communication.
The Process of MAC Address Discovery via ARP
When a node wants to communicate with an IP address that is not already mapped in its ARP table, the node sends a broadcast ARP request containing the desired IP. The device assigned that IP will reply with its MAC address in a unicast ARP reply. The requesting node adds this IP-to-MAC mapping into its cache.
A Practical Example of ARP in a Local Subnet
Here is an example of how ARP works:
- Computer A wants to send data to Computer B at IP address 192.168.1.102
- Computer A checks its ARP cache and finds no entry for 192.168.1.102
- Computer A sends a broadcast ARP request for 192.168.1.102
- Computer B sees the ARP request and replies with its MAC address of 00:1b:54:11:e2:ac
- Computer A adds the mapping of 192.168.1.102 to 00:1b:54:11:e2:ac into its ARP table
- Now Computer A can send the data to Computer B directly using the resolved MAC address
This exchange allows Communication A to learn Computer B’s MAC address for further direct communication.
Mastering ARP Table Operations
How to View an ARP Table?
There are several methods to view a device’s ARP table:
arp -acommand can be used in Windows, Linux, and OS X to output the ARP cache contents
- Network admin tools like ipconfig (Windows) or ifconfig (Linux/OS X) include options for ARP table output
- Wireshark can passively sniff and collect ARP traffic to reconstruct the table state
Steps to Add an ARP Entry
Static ARP entries can be manually added to bypass the dynamic ARP process using the
arp -s command. For example, to add a static ARP entry on a Windows machine:
arp -s 192.168.1.100 00-11-22-33-44-55
This will enter the mapping into the ARP cache without sending an ARP request.
Modifying an Existing ARP Entry
Because the ARP cache has a timeout on dynamic entries, changes can be made by forcing in a new static entry. To modify an existing ARP-mapped entry, simply use the
arp -s command on the desired IP with the new MAC address. The static entry will override the previous dynamic one.
Exploring ARP-Related Terminology
Understanding Reverse ARP
Reverse ARP (RARP) works in the opposite direction to the normal ARP process. With RARP, the MAC address is known and the IP address needs to be determined. It allows a host to broadcast its MAC and receive its IP address in response.
The Concept of Proxy ARP
Proxy ARP enables one device to respond to an ARP request on behalf of another device. This is useful in some special networking configurations and allows for the expansion of the reachable subnet.
An Introduction to Inverse ARP
Inverse ARP (InARP) serves a similar address resolution function as ARP but for the ATM protocol’s address rather than Ethernet’s MAC address. This allows ATM nodes to map Layer 3 addresses down to Layer 2 virtual circuits.
The Role of ARP Cache
Defining ARP Cache
The ARP cache also called the ARP table, stores IP-to-MAC address mappings learned through dynamic ARP requests and responses. It serves as a short-term lookup table to avoid repeated requests for the same address.
The Function of ARP Cache in Storing IP-to-MAC Address Mappings
The ARP cache on each device improves network efficiency by storing previously resolved IP-to-MAC mappings for a configurable timeout period. Rather than re-ARPing for every packet, devices can consult their cache for destinations they recently communicated with.