Fundamentals of ARP - Address Resolution Protocol

    Author:Navneet Gaur
    Date:March 2014
    Description:This document explains the basic reasons for using layer 2 addressing & address resolution protocol
    Note 1

    How to stop notifications, that are generated when I edit any one of the pre-existing documents

    https://learningnetwork.cisco.com/message/406093

    Note 2To view the included images clearly, click on them
    Note 3Irrespective  of the dates of edit, Cisco Learning Network maintains the history and  keeps each edited version in its database for later reference
    Note 4Index of all my documents

     

    Index

    • The Theory - Requirement for a Layer-2 address

    Situation 1

    Communicating without mac addresses - part I

    Situation 2

    Communicating without mac addresses - part II


    • So, back to our original query, why do we need an additional address at all ?

    Situation 3

    Can we communicate with a different network using only the ip addresses ?

     

    • Remedy

    Situation 4

    Use of layer 2 address


    • Important Related information
    • ARP - Address Resolution Protocol
    • The routing
    • Déjà vu?
    • Conclusion

     

     

    First, we need to understand the basics.

    Basics like, why do we need dual addressing in a frame in the first place.

    • Address number 1 - The Ip address
    • Address number 2 - The layer 2 address - In Ethernet framing this will be the MAC address

     

     

     

     

     

    The Theory - Requirement for a Layer-2 address

     

     

    Situation 1

    Let's see if the world will still revolve around the sun, if we had only one address available to us - the ip address.

    So, no MAC addresses at all.

     

    We will connect two computers to each other

    • The only addresses available to us are the ip addresses
    • The devices do not have any MAC addresses at all

     

    Let's see if the computers can be made to communicate with each other, using only the ip addresses.

     

     

    Fundamentals of ARP - 1a.png

     

     

    Command on PC-1

    ping 1.1.1.2

     

    Fundamentals of ARP - 1b.png


    Step 1

    The frame will be sent out of PC-1

    This frame will have

    • a source IP address of 1.1.1.1
    • a destination IP address of 1.1.1.2

     

    • For a start, we can have device - hub / switch, that will receive any frame & send it out of all the other ports
    • On reaching the hub / switch in the middle, the frame can be sent out of all the ports of that hub / switch

     

     

    Step 2

    • So, the hub / switch in the middle will receive this frame on its FastEthernet 0/1 interface
    • & send it out of its FastEthernet 0/2 interface

     

     

    Step 3

    This frame will reach PC-2

    • PC-2 will check if the frame is meant for it, i.e. is the destination IP - 1.1.1.2 in the frame, its own IP ?
    • It is
    • So the PC-2 will process the frame further

     

     

     

    Situation 2

    • Let's have some fun
    • Let's modify the working of the switch to suit our needs !
    • Let's say that the switch creates a "ip to connected port" address table, where the switch records which ip address is connected to which port
    • Instead of "mac to connected port" address table, where the switch records which mac address is connected to which port

     

    So, using the same logic that is actually used by switches with mac addressing

    Where the switch checks the incoming frame

    a. To see its source mac address

    b. And records this mac address, to the port, on which this frame came on

     

    Now, in our world, the switch will check the incoming frame

    a. To see its source ip address

    b. And record this ip address, to the port, on which this frame came on


     

    Fundamentals of ARP - 1d.png

     

    Step 1

    PC-1 will generate the frame and send it out of its Ethernet interface

     

    Step 2

    When this frame reaches the switch in the middle

    • The switch will check the source ip address of this frame
    • It will see that the source ip address is 1.1.1.1
    • It will also see that the port on which this frame came is FastEthernet 0/1

     

    Step 3

    So it will record this in our "ip address table"

     

    Step 3b

    Now the switch will check the destination "ip address"

    • It will see that it does not have an entry for the destination "ip address" in its "ip address table"
    • So, now the switch will send this frame out of all its active ports
    • Except the port on which this frame came in

     

    Step 4

    This frame will reach PC-2

    • PC-2 will check destination ip address of this frame
    • It will match the ip address of PC-2
    • So, PC-2 will process this frame

     

    Step 5

    Similarly when the return frame from PC-2 to PC-1 enters the switch on port FastEthernet 0/2

    • The switch will check the source ip address of this frame
    • It will see that the source ip address is 1.1.1.2
    • It will also see that the port on which this frame came is FastEthernet 0/2
    • So it will record this in the "ip address table"

     

    Step 6

    Now the switch will check the destination "ip address"

    • It will see that it has an entry for the destination "ip address" that indicates that the port is FastEthernet 0/1
    • So, now the switch will send this frame out of FastEthernet 0/1


    Important point

    And this will work without any issues

     

     

     

    So, back to our original query, why do we need an additional address at all ?

    Here is why

     

     

     

    Situation 3

    Let us see if we can possibly communicate with a different network using only the ip addresses.

     

     

    Fundamentals of ARP - 2.png

     

     

     

    Command on PC-1

    ping 2.1.1.2

     

    Step 1

    PC-1 will create a frame & eject it out of its Ethernet interface


    Step 2

    When the PC-1 will send this frame, the destination ip will be 2.1.1.2

    • This frame will reach the router in the middle
    • It will enter the port that can receive frames through a direct connection to the PC-1
    • This port is FastEthernet 0/0 & this port has an ip address 1.1.1.251

     

     

    Fundamentals of ARP - 2b.png

     


    Step 2b

    So, the router checks the destination address of this frame, just like PC-2 did in previous situations

    • The destination address is not routers ip address
    • The router has no reason to process this frame

     

    • As this frame has no information that would make the router think
    • That this frame is meant to be processed by this router
    • The router ignores this frame

     



    Remedy

     

     

    Therefore, we need an additional piece of information

    • That would make this router know
    • That the incoming frame is indeed meant to be processed by this router

     

    This piece of information, which will tell the router

    • That a particular frame is to be processed by it
    • Is the additional Layer 2 address

     

     

     

    Situation 4

    Let us see how the frames can be "routed", now that a second address is available to us

     

     

    Fundamentals of ARP - 3a.png

     

     

    Command on PC-1

    ping 2.1.1.2

     

    Step 1

    • A frame will be generated on PC-1
    • This frame will have the following information
    • Source ip address - 1.1.1.1 - PC-1 knows its own ip address
    • Source MAC address - PC-1 knows its own MAC address as well
    • Destination ip address - The command "ping 2.1.1.2" provided this information
    • Destination MAC address - PC-1 does not have this information

     

     

    Fundamentals of ARP - 3b.png

     


    Important Related information

    When PC-1 needed to prepare the frame to send a ping request to 2.1.1.2

     

    Step 1

    • It checked the destination ip address, which is 2.1.1.2
    • It checked the destination ip network, which is 2.0.0.0

    Step 2

    • Now, PC-1 checked the destination network against its own network
    • Its own ip address is 1.1.1.1 & its own network is 1.0.0.0

    Step 3

    • Source network 1.0.0.0 & destination network 2.0.0.0 are both different networks

    Step 4

    • So, PC-1 knows that it has to send the frame to its configured gateway

    Step 5

    • But the packet can have only one destination ip address inside it, and that is occupied by 2.1.1.2
    • So, PC-1 will use destination MAC address information field, of the frame, to send it to its gateway router

     

     

     

     

    ARP - Address Resolution Protocol

     

    PC-1 will now send an ARP request to find the MAC address of its gateway, so that it can complete the frame and eject it out of its Ethernet interface.

     

     

    Fundamentals of ARP - 3c.png

     


    Step 1

    The frame is lacking the destination MAC address information

     

    Step 2

    So the PC-1 will send a ARP request inquiring the MAC address of the configured gateway

    • This request itself, apart from the contents that make up the request, will have a destination MAC address of ff:ff:ff:ff:ff:ff
    • This MAC address tells the receiving device, that the frame is a broadcast frame, and the device should process it further to see if the contents are relevant & applicable to it

     

    Step 3

    • This ARP request will reach the router, and the router will process it following the logic stated in bulleted point two above
    • The contents state that the device which has ip address of 1.1.1.251, should reply with its MAC address

     

    Step 4

    • Router has the ip address 1.1.1.251, so it will create an ARP reply and eject it in the direction from where the question came

     

     

    Fundamentals of ARP - 3d.png

     

     

    Step 5

    This ARP reply will reach PC-1 & now the PC-1 has all the information it needs to build a valid frame.

     

    Step 6

    So PC-1 will complete the frame & eject it out of its Ethernet interface.

     

     

    Fundamentals of ARP - 3e.png

     


    The Routing

     

     

    Step 7

    • The frame will reach the router & the router will check the first address, layer 2 address - the MAC address in our example
    • The destination MAC address matches that of the router
    • So the router decides to process the frame further

     

     

    Fundamentals of ARP - 3f.png

     

     

    Now the router analyzes the initial contents of the packet

    • The contents of the packet state that the destination network is 2.0.0.0
    • Router has its interface FastEthernet 0/1 connected to this network
    • So the router knows that it can reach the destination network

     

     

    Fundamentals of ARP - 3g.png

     

     

    Accordingly, the router starts to build a new frame that can be sent out of its FastEthernet 0/1 interface.

     

     

    Fundamentals of ARP - 3h.png

     

     

    Déjà vu ?

     

    Step 9

    • The router needs the MAC address of the destination device to which it will send the frame
    • Since the destination device is directly connected,the router need the MAC address of PC-2

     

    Step 10

    • And now it will send the ARP request out of its FastEthernet 0/1 interface
    • Requesting the MAC address of the device having the ip address 2.1.1.2
    • So that it can build the complete frame and eject it out of its FastEthernet 0/1 interface

     

     

    Fundamentals of ARP - 3i.png

     

     

     

    Conclusion

     

     

    • The contents of a frame require a layer-2 address
    • For an Ethernet network, this is the MAC address of the participating devices
    • Therefore, to completely build a frame that can be transmitted on an Ethernet network
    • Information about MAC address is required
    • Address resolution protocol is used to fetch this MAC address information

     

     

    -------------------------

    The End