Check out my first novel, midnight's simulacra!
ARP: Difference between revisions
No edit summary |
No edit summary |
||
(7 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
The Address Resolution Protocol (ARP) provides IPv4 hosts within a broadcast domain with a means to discover what (if any) other host owns a network address. It is replaced by the [[IPv6#Neighbor_Discovery|Neighbor Discovery Protocol]] in [[IPv6]]. The ARP cache has a fixed size, and older entries are garbage-collected when necessary (unless marked "permanent"; see below). | |||
==ARP packet types== | |||
This nomenclature comes from RFC 3927, which specifies all-zero destination hardware addresses for broadcasting. All-ones is more common. | |||
* ARP Announcement -- Source and destination network address are equal. Destination hardware address is all zeros. Source hardware address is the sending station's MAC. | |||
** Used to claim an address in LLMNR for [[Zeroconf|zero-configuration networking]] | |||
* ARP Probe -- Source network address is all zeroes, as is destination hardware address. Source hardware address is the sending station's MAC. Destination network address is the address being probed. | |||
** Used to check address suitability for LLMNR in [[Zeroconf|zero-configuration networking]] | |||
* Gratuitous ARP -- ARP for which there was no request | |||
* Inverse ARP -- Opcodes 8 and 9 allow for Inverse ARP: "I know this hardware address; what's the physical address?" | |||
* Reverse ARP -- Opcodes 3 and 4 allow for Reverse ARP: "I know my hardware address; what's my physical address?" Replaced by [[DHCP|DHCP/BOOTP]]. | |||
==Linux ARP states== | ==Linux ARP states== | ||
These are encoded in the <tt>ndm_state</tt> bitmask of a RTM_NEWNEIGH/RTM_GETNEIGH [[netlink]] message (valid ndm_flags values include NTF_PROXY for proxy ARP entries and NTF_ROUTER for IPv6 routers). | |||
{|class="wikitable" border="1" | {|class="wikitable" border="1" | ||
!state | !state | ||
Line 6: | Line 19: | ||
|- | |- | ||
|'''permanent''' | |'''permanent''' | ||
|never undergoes verification or expiry | |never undergoes verification or expiry, and is not subject to LRU | ||
|none (manually configured) | |none (manually configured) | ||
|- | |- | ||
|'''noarp''' | |'''noarp''' | ||
|normal expiration, never verified | |normal expiration, never verified | ||
"A device with no destination cache" | |||
|use resets use counter | |use resets use counter | ||
|- | |- | ||
Line 28: | Line 42: | ||
|- | |- | ||
|'''probe''' | |'''probe''' | ||
|need ARP reply for verification | |need ARP reply for verification (reprobing) | ||
|use resets timer and returns to '''reachable''' | |use resets timer and returns to '''reachable''' | ||
timer reissues ARP requests or moves to '''failed''' | timer reissues ARP requests or moves to '''failed''' | ||
Line 38: | Line 52: | ||
|- | |- | ||
|'''failed''' | |'''failed''' | ||
|no response received | |no response received / invalid cache entry | ||
|timer governs reissuing of ARP requests | |timer governs reissuing of ARP requests | ||
use resets timer and moves to '''reachable''' | use resets timer and moves to '''reachable''' | ||
Line 45: | Line 59: | ||
==See Also== | ==See Also== | ||
* Linux's rtnetlink(7) [http://www.kernel.org/doc/man-pages/online/pages/man7/rtnetlink.7.html man page] | |||
* "[http://www.cs.clemson.edu/~westall/853/notes/arpstate.pdf The ARP State Machine]" James Westall's CpSc 853 "[http://www.cs.clemson.edu/~westall/853/ Protocol Implementation]" class notes | * "[http://www.cs.clemson.edu/~westall/853/notes/arpstate.pdf The ARP State Machine]" James Westall's CpSc 853 "[http://www.cs.clemson.edu/~westall/853/ Protocol Implementation]" class notes | ||
* "[http://linux-ip.net/html/ether-arp.html 2.1 Address Resolution Protocol (ARP)]" Martin Brown's "[http://linux-ip.net/html/index.html Guide to IP Layer Network Administration with Linux]" | * "[http://linux-ip.net/html/ether-arp.html 2.1 Address Resolution Protocol (ARP)]" Martin Brown's "[http://linux-ip.net/html/index.html Guide to IP Layer Network Administration with Linux]" | ||
* "[http://www.ietf.org/mail-archive/web/dhcwg/current/msg03797.html Gratuitous ARP in DHCP vs IPv4 ACD Draft]" 2004-04-02 (IETF [[DHCP|DHC]] working group) | |||
[[CATEGORY: Networking]] |
Latest revision as of 22:33, 19 April 2023
The Address Resolution Protocol (ARP) provides IPv4 hosts within a broadcast domain with a means to discover what (if any) other host owns a network address. It is replaced by the Neighbor Discovery Protocol in IPv6. The ARP cache has a fixed size, and older entries are garbage-collected when necessary (unless marked "permanent"; see below).
ARP packet types
This nomenclature comes from RFC 3927, which specifies all-zero destination hardware addresses for broadcasting. All-ones is more common.
- ARP Announcement -- Source and destination network address are equal. Destination hardware address is all zeros. Source hardware address is the sending station's MAC.
- Used to claim an address in LLMNR for zero-configuration networking
- ARP Probe -- Source network address is all zeroes, as is destination hardware address. Source hardware address is the sending station's MAC. Destination network address is the address being probed.
- Used to check address suitability for LLMNR in zero-configuration networking
- Gratuitous ARP -- ARP for which there was no request
- Inverse ARP -- Opcodes 8 and 9 allow for Inverse ARP: "I know this hardware address; what's the physical address?"
- Reverse ARP -- Opcodes 3 and 4 allow for Reverse ARP: "I know my hardware address; what's my physical address?" Replaced by DHCP/BOOTP.
Linux ARP states
These are encoded in the ndm_state bitmask of a RTM_NEWNEIGH/RTM_GETNEIGH netlink message (valid ndm_flags values include NTF_PROXY for proxy ARP entries and NTF_ROUTER for IPv6 routers).
state | meaning | transitions |
---|---|---|
permanent | never undergoes verification or expiry, and is not subject to LRU | none (manually configured) |
noarp | normal expiration, never verified
"A device with no destination cache" |
use resets use counter |
reachable | normal expiration | use resets timer |
stale | still usable, needs verification | use resets timer and returns to reachable
timer changes state to delay |
delay | schedule ARP request, needs verification | use resets timer and returns to reachable
timer changes state to probe, issuing ARP request |
probe | need ARP reply for verification (reprobing) | use resets timer and returns to reachable
timer reissues ARP requests or moves to failed |
incomplete (new entry) | need ARP reply for first use | use resets timer and returns to reachable
timer reissues ARP requests or moves to failed |
failed | no response received / invalid cache entry | timer governs reissuing of ARP requests
use resets timer and moves to reachable |
See Also
- Linux's rtnetlink(7) man page
- "The ARP State Machine" James Westall's CpSc 853 "Protocol Implementation" class notes
- "2.1 Address Resolution Protocol (ARP)" Martin Brown's "Guide to IP Layer Network Administration with Linux"
- "Gratuitous ARP in DHCP vs IPv4 ACD Draft" 2004-04-02 (IETF DHC working group)