ARP Based on Computer Networks and Internets (Comer) CSIT 220 (Blum) 1 Hidden but still present Just when you thought it was safe to forget about the Data Link Layer … The IP Layer may hide the information of the Network Interface Layer (equivalent of Data Link Layer in OSI) from the above lying layers, but that information while hidden is still there and is necessary. The software is useless unless it is acting on the hardware underneath. CSIT 220 (Blum) 2 The final header One should not forget that as a packet passes through a protocol stack, each layer adds a header to the packet. The header added by Layer 2 includes a physical address. Somehow a packet must obtain the hardware address of its destination All communications require Layer 2 to Layer 2 to Layer 2, etc. (each Layer 2 hop has a unique hardware address) CSIT 220 (Blum) 3 CSIT 220 (Blum) 4 Translation So eventually there must be a translation from the IP (software) address to the physical address. The physical address is also known as The hardware address The MAC (Media Access Control) address The DLC (Data Link Control) address The DLC identifier CSIT 220 (Blum) 5 The problem The problem: given an IP address, what is the corresponding MAC address? Finding the address is known as “resolving” or “resolution.” One gives the packet a hardware address, so that it will be taken in by the right computer. If the target computer is not on the same network, then it is the router’s NIC (gateway’s NIC) that takes in the packet and so that is the hardware address assigned. A hardware address is never resolved beyond the network it is on. CSIT 220 (Blum) 6 Solutions to finding MAC addresses Look it up in a table. Calculate it. Send out a request packet (exchange messages). CSIT 220 (Blum) 7 Table Computers can have a table containing pairs of associated IP addresses and MAC addresses. Tables can be dynamic (determined on the fly) or static (hand-coded). CSIT 220 (Blum) 8 Fig. 19.2 CSIT 220 (Blum) 9 Closed Form Calculation In general IP addresses are logically assigned and hardware addresses are not. However, if the hardware addresses are configurable, then the hardware address and IP address can be simply related. For instance, the hardware address and node portion of the IP address could be made the same. CSIT 220 (Blum) 10 Exchanging messages The previous two approaches were local (at least once the table is made). In the third approach, the computer sends out a message requesting the MAC address that corresponds to a particular IP address. But to whom is the request made? CSIT 220 (Blum) 11 AR Server or broadcast Some networks have an AR (address resolution) server, a machine dedicated (at least in part) to answering these address resolution questions. If there is no AR server, the request is broadcast to all computers on the network and the one with a matching IP address replies with a packet containing its MAC address. CSIT 220 (Blum) 12 Address Resolution Protocol Address Resolution Protocol (ARP) is a set of rules governing the translation of IP addresses into physical addresses. ARP is part of the TCP/IP suite The protocol specifies a packet allowing for A request: has known IP, seeks MAC A response: fills in MAC Not to be confused with AARP CSIT 220 (Blum) 13 ARP Cache Before issuing an ARP request packet, the computer will see if it has the information locally. A table, known as the ARP cache, holds IP/MAC address pairs that the computer has recently used. The table is refreshed roughly every 20 minutes (??) in case an IP address is reassigned CSIT 220 (Blum) 14 How ARP Works A computer has a message to send, it knows the IP but not the MAC address. That computer may be the original source of the message. Or that computer may be the local network’s router if the message originated on another network. The computer first checks the ARP cache. If there is a “cache hit,” the Network Interface Layer (Data Link Layer) will add the appropriate header with the physical address found. Now the message is “complete” – ready to be placed on the physical network. CSIT 220 (Blum) 15 An ARP Request If there is a “cache miss,” ARP broadcasts a special request packet (containing the IP address to be resolved) to all nodes on the local network. If a host recognizes the IP address as its own, then it returns a reply which supplies the physical address (which is then cached). If the destination is not on the local network, a gateway will respond instead. The message can not be sent until the address is resolved. CSIT 220 (Blum) 16 Request is broadcast Response is unicast CSIT 220 (Blum) 17 Flexibility of the protocol ARP was designed to be flexible. It has parameters determining the length of the IP address, so it can accommodate IP(v4) and IP(v6). It has parameters determining the length of the physical address. The protocol varies from LAN protocol to LAN protocol. There are separate ARP Requests for Comments (RFC) for Ethernet, ATM, Fiber Distributed-Data Interface, etc. CSIT 220 (Blum) 18 When a request arrives Upon receiving an ARP request a computer Caches the MAC/IP address pair into its ARP table • Adding it if it is new • Updating it if it is old Compares the target IP address to its own • If it does not match, do nothing more • If it does match, prepare a response packet CSIT 220 (Blum) 19 Fig. 19.6 CSIT 220 (Blum) 20 Example with IP(v4) and Ethernet Determines the type of LAN: 1 for Ethernet CSIT 220 (Blum) 21 Example with IP(v4) and Ethernet Determines software protocol: usually IP CSIT 220 (Blum) 22 Example with IP(v4) and Ethernet Determines length of hardware address: 6 octets for Ethernet CSIT 220 (Blum) 23 Example with IP(v4) and Ethernet Determines length of protocol address: 4 octets for IP(v4) CSIT 220 (Blum) 24 Example with IP(v4) and Ethernet Determines operation: request, response, etc. CSIT 220 (Blum) 25 Example with IP(v4) and Ethernet Hardware address of source CSIT 220 (Blum) 26 Example with IP(v4) and Ethernet Protocol (IP) address of source CSIT 220 (Blum) 27 Example with IP(v4) and Ethernet Hardware address of destination (not known in a request) CSIT 220 (Blum) 28 Example with IP(v4) and Ethernet Protocol (IP) address of destination CSIT 220 (Blum) 29 RARP Reverse Address Resolution Protocol (RARP) is when the physical address is known but the IP address is not known. When booting “diskless workstations” know only their MAC address and not their IP addresses. They must discover their IP addresses from an external source, usually a RARP server. The network administrator creates a table of MAC/IP address pairs. CSIT 220 (Blum) 30 Diskless workstation A workstation or PC on a LAN that does not have its own hard drive. Instead, it puts files on a network file server. They can reduce the cost of a LAN since one largecapacity disk drive is usually cheaper than several low-capacity drives. Also they can simplify backups and security because all files are on the file server. A disadvantage is that they are useless if the network fails. CSIT 220 (Blum) 31 What’s my address? When a diskless workstation is booted, its RARP client program requests that the RARP server send it its IP address. Provided the entry is in the RARP server’s table, it sends it to the diskless workstation in a RARP response. CSIT 220 (Blum) 32 arp (at home, not a network) options CSIT 220 (Blum) 33 arp (at work in one of the labs, after pinging a few other computers) CSIT 220 (Blum) 34 Inverse ARP Recall that in connection-oriented schemes one works not with the destination address but with the virtual circuit (channel) identifier (VCI). Inverse ARP (InARP) translates an IP address into a VCI. CSIT 220 (Blum) 35 Other References http://www.webopedia.com http://www.whatis.com http://www.hill.com/library/publications/tcp ip.shtml CSIT 220 (Blum) 36