Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "ARP"
From NetSec
m (removed {{social}} because cancer) |
|||
| (12 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | '''Address Resolution Protocol''' ('''ARP''') is used to resolve a network layer address to a link layer address, typically resolving a [[MAC]] address to an [[IP address]]. For example, ARP may resolve the [[MAC]] address 01:23:45:67:89:AB to the IPv4 address 192.168.1.1. | |
| − | + | ==How ARP Works== | |
| + | To resolve a MAC address to an IP address, ARP uses cached ARP tables containing IP address/MAC address pairs stored locally. When dynamic ARP is enabled, this cache is updated by ethernet frames on the Local Area Network (LAN) broadcasting [[IP address]] and MAC address pairs. | ||
| − | + | For example, Network Device A (NDA) wants to send a packet to Network Device B (NDB) with a MAC address of DE:AD:BE:EF:CA:FE and an IP address of 192.168.1.1. | |
| − | + | * Device A first needs to resolve 192.168.1.1 to its [[MAC]] address, DE:AD:BE:EF:CA:FE. | |
| − | + | * First it checks for the IP address 192.168.1.1 in its ''ARP table''. | |
| + | :If it finds the corresponding MAC address it will send the packet to the address it found, and it will (hopefully) reach its target. | ||
| − | + | ''If it cannot find the corresponding MAC address:'' | |
| − | + | * It will send a broadcast ARP message (with a destination of FF:FF:FF:FF:FF:FF) requesting the [[MAC]] address of 192.168.1.1 (also known as an ARP WhoHas). | |
| − | + | * Network Device B would then respond to that message with its MAC address (DE:AD:BE:EF:CA:FE), and will also store the MAC address of Network Device A in its own ARP cache table. | |
| + | * Network Device A now has the MAC of Network Device B and can send its [[TCP/IP]] message along over the [[ethernet]]. | ||
| − | + | ==See Also== | |
| − | + | * [[protocols]] | |
| − | + | * [[ARP poisoning]] | |
| + | * [[static ARP configuration]] | ||
| + | [[Category:Administration]] | ||
[[Category:Protocols]] | [[Category:Protocols]] | ||
Latest revision as of 20:09, 21 June 2016
Address Resolution Protocol (ARP) is used to resolve a network layer address to a link layer address, typically resolving a MAC address to an IP address. For example, ARP may resolve the MAC address 01:23:45:67:89:AB to the IPv4 address 192.168.1.1.
How ARP Works
To resolve a MAC address to an IP address, ARP uses cached ARP tables containing IP address/MAC address pairs stored locally. When dynamic ARP is enabled, this cache is updated by ethernet frames on the Local Area Network (LAN) broadcasting IP address and MAC address pairs.
For example, Network Device A (NDA) wants to send a packet to Network Device B (NDB) with a MAC address of DE:AD:BE:EF:CA:FE and an IP address of 192.168.1.1.
- Device A first needs to resolve 192.168.1.1 to its MAC address, DE:AD:BE:EF:CA:FE.
- First it checks for the IP address 192.168.1.1 in its ARP table.
- If it finds the corresponding MAC address it will send the packet to the address it found, and it will (hopefully) reach its target.
If it cannot find the corresponding MAC address:
- It will send a broadcast ARP message (with a destination of FF:FF:FF:FF:FF:FF) requesting the MAC address of 192.168.1.1 (also known as an ARP WhoHas).
- Network Device B would then respond to that message with its MAC address (DE:AD:BE:EF:CA:FE), and will also store the MAC address of Network Device A in its own ARP cache table.
- Network Device A now has the MAC of Network Device B and can send its TCP/IP message along over the ethernet.
