Check out my first novel, midnight's simulacra!

ARP: Difference between revisions

From dankwiki
No edit summary
No edit summary
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
The Address Resolution Protocol (ARP) provides IPv4 hosts within a broadcast domain with a means to discover what (if any) other host owns a network address. It is replaced by the [[IPv6#Neighbor_Discovery|Neighbor Discovery Protocol]] in [[IPv6]]. The ARP cache has a fixed size, and older entries are garbage-collected when necessary (unless marked "permanent"; see below).
==ARP packet types==
This nomenclature comes from RFC 3927, which specifies all-zero destination hardware addresses for broadcasting. All-ones is more common.
* ARP Announcement -- Source and destination network address are equal. Destination hardware address is all zeros. Source hardware address is the sending station's MAC.
** Used to claim an address in LLMNR for [[Zeroconf|zero-configuration networking]]
* ARP Probe -- Source network address is all zeroes, as is destination hardware address. Source hardware address is the sending station's MAC. Destination network address is the address being probed.
** Used to check address suitability for LLMNR in [[Zeroconf|zero-configuration networking]]
* Gratuitous ARP -- ARP for which there was no request
* Inverse ARP -- Opcodes 8 and 9 allow for Inverse ARP: "I know this hardware address; what's the physical address?"
* Reverse ARP -- Opcodes 3 and 4 allow for Reverse ARP: "I know my hardware address; what's my physical address?" Replaced by [[DHCP|DHCP/BOOTP]].
==Linux ARP states==
==Linux ARP states==
These are encoded in the <tt>ndm_state</tt> bitmask of a RTM_NEWNEIGH/RTM_GETNEIGH [[netlink]] message (valid ndm_flags values include NTF_PROXY for proxy ARP entries and NTF_ROUTER for IPv6 routers).
{|class="wikitable" border="1"
{|class="wikitable" border="1"
!state
!state
Line 6: Line 19:
|-
|-
|'''permanent'''
|'''permanent'''
|never undergoes verification or expiry
|never undergoes verification or expiry, and is not subject to LRU
|none (manually configured)
|none (manually configured)
|-
|-
|'''noarp'''
|'''noarp'''
|normal expiration, never verified
|normal expiration, never verified
"A device with no destination cache"
|use resets use counter
|use resets use counter
|-
|-
Line 28: Line 42:
|-
|-
|'''probe'''
|'''probe'''
|need ARP reply for verification
|need ARP reply for verification (reprobing)
|use resets timer and returns to '''reachable'''
|use resets timer and returns to '''reachable'''
timer reissues ARP requests or moves to '''failed'''
timer reissues ARP requests or moves to '''failed'''
Line 38: Line 52:
|-
|-
|'''failed'''
|'''failed'''
|no response received
|no response received / invalid cache entry
|timer governs reissuing of ARP requests
|timer governs reissuing of ARP requests
use resets timer and moves to '''reachable'''
use resets timer and moves to '''reachable'''
Line 45: Line 59:


==See Also==
==See Also==
* Linux's rtnetlink(7) [http://www.kernel.org/doc/man-pages/online/pages/man7/rtnetlink.7.html man page]
* "[http://www.cs.clemson.edu/~westall/853/notes/arpstate.pdf The ARP State Machine]" James Westall's CpSc 853 "[http://www.cs.clemson.edu/~westall/853/ Protocol Implementation]" class notes
* "[http://www.cs.clemson.edu/~westall/853/notes/arpstate.pdf The ARP State Machine]" James Westall's CpSc 853 "[http://www.cs.clemson.edu/~westall/853/ Protocol Implementation]" class notes
* "[http://linux-ip.net/html/ether-arp.html 2.1 Address Resolution Protocol (ARP)]" Martin Brown's "[http://linux-ip.net/html/index.html Guide to IP Layer Network Administration with Linux]"
* "[http://linux-ip.net/html/ether-arp.html 2.1 Address Resolution Protocol (ARP)]" Martin Brown's "[http://linux-ip.net/html/index.html Guide to IP Layer Network Administration with Linux]"
* "[http://www.ietf.org/mail-archive/web/dhcwg/current/msg03797.html Gratuitous ARP in DHCP vs IPv4 ACD Draft]" 2004-04-02 (IETF [[DHCP|DHC]] working group)
[[CATEGORY: Networking]]

Latest revision as of 22:33, 19 April 2023

The Address Resolution Protocol (ARP) provides IPv4 hosts within a broadcast domain with a means to discover what (if any) other host owns a network address. It is replaced by the Neighbor Discovery Protocol in IPv6. The ARP cache has a fixed size, and older entries are garbage-collected when necessary (unless marked "permanent"; see below).

ARP packet types

This nomenclature comes from RFC 3927, which specifies all-zero destination hardware addresses for broadcasting. All-ones is more common.

  • ARP Announcement -- Source and destination network address are equal. Destination hardware address is all zeros. Source hardware address is the sending station's MAC.
  • ARP Probe -- Source network address is all zeroes, as is destination hardware address. Source hardware address is the sending station's MAC. Destination network address is the address being probed.
  • Gratuitous ARP -- ARP for which there was no request
  • Inverse ARP -- Opcodes 8 and 9 allow for Inverse ARP: "I know this hardware address; what's the physical address?"
  • Reverse ARP -- Opcodes 3 and 4 allow for Reverse ARP: "I know my hardware address; what's my physical address?" Replaced by DHCP/BOOTP.

Linux ARP states

These are encoded in the ndm_state bitmask of a RTM_NEWNEIGH/RTM_GETNEIGH netlink message (valid ndm_flags values include NTF_PROXY for proxy ARP entries and NTF_ROUTER for IPv6 routers).

state meaning transitions
permanent never undergoes verification or expiry, and is not subject to LRU none (manually configured)
noarp normal expiration, never verified

"A device with no destination cache"

use resets use counter
reachable normal expiration use resets timer
stale still usable, needs verification use resets timer and returns to reachable

timer changes state to delay

delay schedule ARP request, needs verification use resets timer and returns to reachable

timer changes state to probe, issuing ARP request

probe need ARP reply for verification (reprobing) use resets timer and returns to reachable

timer reissues ARP requests or moves to failed

incomplete (new entry) need ARP reply for first use use resets timer and returns to reachable

timer reissues ARP requests or moves to failed

failed no response received / invalid cache entry timer governs reissuing of ARP requests

use resets timer and moves to reachable

See Also