We are pleased to present the ARP lesson. This lesson will discuss a simple protocol that allows us to find the MAC addresses of computers on the network. As this diagram shows, it can be viewed as follows. Hey bro, what’s your Mac model? This gives you an idea of the basics, but it doesn’t tell you how it works. We’ll get into all the details. What is ARP exactly? ARP stands for Address Resolution Protocol. It is used to convert IP addresses into MAC addresses. This means that the IP address is known but the Mac is not. ARP is necessary because computers must know both the destination’s IP address and destination’s MAC address before they can initiate network communication. We will now learn how ARP can help us ensure that we have both the IP address and MAC address of our destination. ARP is used to determine a destination’s IP address.
Let’s take a look at the actual ARP packet before we move on to the next topic. The ARP packet is contained within an Ethernet frame. We can see that we are inside an Ethernet frame by the presence of an Ethernet header, source address and destination address. And we also have the infamous CRC check at its end. This is the ARP request and the ARP response. We are all familiar with frames and packets, so we can understand why the frame contains some interesting information. This diagram shows you how ARP is used in frames. The ARP reply or request will include these items: the source hardware address, source address protocol address, target hardware address, and target protocol address. In our case, the hardware ID is the MAC address protocol. This means that the IP address is included in an ARP reply or request.
ARP Cache
The ARP cache is temporary tables. It’s also called a cache. It can have items removed from it over the time, but it’s a temporary type of table that contains all known IP addresses to MAC Address mappings. When we send an ARP request, we receive a response with a specific MAC address. The computer either puts it in the ARP cache, or the ARP table. Windows, Mac, or Linux all use the same command to view the ARP tables. It’s ARP-a on a Cisco router, switch, or any other device that displays ARP from the privileged executive mode. If you’re in global configuration, you can type show aRP. You can pull up your command prompt and type ARP-a to see if your computer has an active ARP cache. It also has an ARP table that lists all IP addresses and all related MAC addresses. ARP cache can also include dynamic and static entries. You will see both static and dynamic entries if you run an ARP-a command from Windows via the command prompt. Static will be used for broadcast. Your network has a broadcast address. This address will relate to the broadcast frame., which is the all-inclusive broadcast address, relates to the frame ffffffffffffffffffffffffffffff. This is a static translation. It’s always going be there, it’s never changing because that’s how it is. The simplest dynamic entries are learned entries. If you see anything that says dynamic, it is because the device reached out via ARP and pulled the MAC addresses or received a response with the MAC addresses and then put them in the table. It could have been updated by the network about the IP and MAC addresses and it learned them dynamically. This is a good way of thinking about static and dynamic things. They are both terms that are often used in networking, not only with ARP stuff.
Here is the output from an ARP-a. As you can see, we have both static and dynamic entries. At the bottom is the broadcast. Because a MAC broadcast is all that matters, the Mac relationship to this is all F’s. This is a static broadcast. Next, we have dynamic entries. The computer learned that had the MAC address C8-3a-35-20 c6-38 dynamically. Next, we will say that computers will reference their ARP cache before sending network communications. They check to see if the MAC address is already present. If not, they send an ARP request to find the MAC. After the ARP is complete, they will update the ARP cache.
Gratuitous ARP
Gratuitous ARP is an announcement that hosts receive when they join the network. If their operating systems have gratuitous ARP enabled, it will send out an ARP update to the network stating hello guys, here’s my MAC address, and my IP. This is done without the need for an ARP request. This is what gratuitous ARP does. While some networks might not want gratuitous ARP to occur, they can block them, but it’s generally a good thing. Gratuitous ARP poses some security risks. Sometimes, it is done during the computer startup process. It might send an ARP when your computer’s operating system boots up. This would be done to ensure that the network is up-to-date. It might send out an ARP if you log in to your computer and change the IP address.
What is RARP?
RARP is the reverse-address resolution protocol and is used to resolve MAC