Check out my first novel, midnight's simulacra!

ARP

From dankwiki
Revision as of 22:33, 19 April 2023 by Dank (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The Address Resolution Protocol (ARP) provides IPv4 hosts within a broadcast domain with a means to discover what (if any) other host owns a network address. It is replaced by the Neighbor Discovery Protocol in IPv6. The ARP cache has a fixed size, and older entries are garbage-collected when necessary (unless marked "permanent"; see below).

ARP packet types

This nomenclature comes from RFC 3927, which specifies all-zero destination hardware addresses for broadcasting. All-ones is more common.

  • ARP Announcement -- Source and destination network address are equal. Destination hardware address is all zeros. Source hardware address is the sending station's MAC.
  • ARP Probe -- Source network address is all zeroes, as is destination hardware address. Source hardware address is the sending station's MAC. Destination network address is the address being probed.
  • Gratuitous ARP -- ARP for which there was no request
  • Inverse ARP -- Opcodes 8 and 9 allow for Inverse ARP: "I know this hardware address; what's the physical address?"
  • Reverse ARP -- Opcodes 3 and 4 allow for Reverse ARP: "I know my hardware address; what's my physical address?" Replaced by DHCP/BOOTP.

Linux ARP states

These are encoded in the ndm_state bitmask of a RTM_NEWNEIGH/RTM_GETNEIGH netlink message (valid ndm_flags values include NTF_PROXY for proxy ARP entries and NTF_ROUTER for IPv6 routers).

state meaning transitions
permanent never undergoes verification or expiry, and is not subject to LRU none (manually configured)
noarp normal expiration, never verified

"A device with no destination cache"

use resets use counter
reachable normal expiration use resets timer
stale still usable, needs verification use resets timer and returns to reachable

timer changes state to delay

delay schedule ARP request, needs verification use resets timer and returns to reachable

timer changes state to probe, issuing ARP request

probe need ARP reply for verification (reprobing) use resets timer and returns to reachable

timer reissues ARP requests or moves to failed

incomplete (new entry) need ARP reply for first use use resets timer and returns to reachable

timer reissues ARP requests or moves to failed

failed no response received / invalid cache entry timer governs reissuing of ARP requests

use resets timer and moves to reachable

See Also