Slide 1
Networking
Address Resolution
IPv4 ARP RARP
1
© Janice Regan, 2012-2017
Transport Layer: Socket view
© Janice Regan, 2012-2017
2
An application on one host wishes to send some data to a particular application on another host
The applications use the transport layer interface (sockets) to transfer the data.
Each application has a communication endpoint, specified by a (port descriptor, IP address) pair
The source and destination port descriptors (addresses) are included in the transport layer header that encapsulates the application’s data in one or more segments
Transport Layer: data path
Conceptually we are sending the data from one application to the other in the transport layer
In reality the data is actually passed down the protocol stack of the source host, through the network and up the protocol stack of the destination host
Let’s review how this actually happens
© Janice Regan, 2012-2017
3
Transport Layer: encapsulation
The data from the transport layer is encapsulated
A transport layer header is constructed
The header is prepended before the application data
The transport layer header includes port addresses on source and destination hosts.
The port address indicates the process the data belongs to on the source host and the destination host.
The transport layer header and the data form a transport layer segment.
The transport layer segment is passed down to the network layer to become the data in the IP datagram
© Janice Regan, 2012-2017
4
Network Layer: encapsulation
The transport layer segment is encapsulated by adding a network layer header
The segment and the header form a IP datagram
The IP header includes source and destination IP addresses and other information necessary for the hop by hop transport of the datagram through the network
Next, the IP stack will process the datagram using the forwarding algorithm and the routing table to find the IP address of the next hop destination.
the IP datagram and the next hop address to which the datagram should be sent must be passed to the data link layer
© Janice Regan, 2012-2017
5
Addressing: Data Link Layer
We will need the Ethernet address of the present router (source) and the next hop destination (destination) to use in the MAC header
Both the present router and the next hop destination will be attached to the same physical network segment
We know the Ethernet address of the present router (where the packet is now)
ARP is the protocol that allows us to determine the physical address (for example Ethernet address) of the next hop destination host given the internet address of that host
© Janice Regan, 2012-2017
6
Addressing: Data Link Layer
© Janice Regan, 2012-2017
7
How a packet is delivered
In the physical layer the MAC layer frame is encoded and transmitted
The internet interface (network card) on each machine has a MAC address
For Ethernet the address is associated with a unique Ethernet address (48 bit address) at the time of manufacture
Other types of LAN (using different MAC protocols) have their own types of addresses that may have different lengths from the Ethernet address
© Janice Regan, 2012-2017
8
How a packet is delivered
Each network interface watches the network and can intercept packets addressed to its own address or the broadcast address of the net (also multicast packets)
The sender must know the MAC address of the receiver before it can send anything. How does it find the receivers MAC address? The problem of finding the MAC address is called Address Resolution
© Janice Regan, 2012-2017
9
Using ARP
ARP (address resolution protocol) facilitates mapping of IP addresses to physical addresses for all hosts on the LAN (exceptions discussed later)
Since packets traveling in the network (or on any point to point single hop connection) will be delivered using MAC addresses, the sending host needs to determine the MAC address corresponding to know IP before it can send the packet
© Janice Regan, 2012-2017
10
Using ARP
The host will keep a table called the ARP cache that will contain mappings from MAC to IP addresses
When the host wishes to send a packet it will look in the ARP cache for an entry corresponding to the desired destination host’s IP address.
If there is an entry it will send to the indicated MAC address
If no entry exists an new entry must be added to the ARP cache
© Janice Regan, 2012-2017
11
Sending a packet to an IP address
© Janice Regan, 2012-2017
12
From the TCP/IP Guide http://www.tcpipguide.com/free/t_AddressResolutionandtheTCPIPAddressResolutionProto.htm
Entries in the ARP cache
Entries in the ARP cache are static or dynamic.
Static entries are entered by the administrator and stay in the cache until removed
Dynamic entries are added to the cache when the local host tries to send a packet to a destination host on the LAN
When a dynamic entry is added to the cache a timer is set to indicate the lifetime of that entry
When the two hosts communicate, each host updates (reinitializes) the timer corresponding to the entry for the other host in its own ARP cache
When the timer expires the entry is removed
© Janice Regan, 2012-2017
13
Why use Dynamic Entries
MAC addresses of hosts may change over time
Replacement of a network card (interface) will result in a changed MAC address
Interface may no longer be reachable
Host may be turned off or disconnected
Interface may be disabled
Interface may fail
New hosts/interfaces may be added to the network
Cache should not grow forever as new hosts are added
© Janice Regan, 2012-2017
14
Using Dynamic Entries
Must be able to add new entries and remove old ones
Must have a mechanism for deciding which entries to keep and which to discard
Must keep the size of the cache reasonable
© Janice Regan, 2012-2017
15
Using Dynamic Entries
The detailed handling of when timers are set and when entries expire and are removed is implementation dependent
For Linux there are two significant timers one indicates when an entry becomes stale, one indicates how often stale entries are removed
If the host for the entry is in use by other parts of the OS its entry will not be removed until it is no longer in use
© Janice Regan, 2012-2017
16
Adding new entries -ARP cache
If no entry in the ARP cache corresponds to the IP address of the destination of the packet to be sent the packet will be queued or dropped and an ARP request will be sent
The ARP request is broadcast to the LAN
All hosts on the LAN receive the request
The host with IP address corresponding to the destination IP address of the packet
Will respond with a ARP reply unicast to the source
Will add/update the entry for the source to its ARP cache
© Janice Regan, 2012-2017
17
Operation: ARP protocol
© Janice Regan, 2012-2017
18
Comer 2000: fig 5.1
ARP/RARP Message Format
© Janice Regan, 2012-2017
19
ARP/RARP Message Format
For an ARP request Target Hardware address (HA) is left blank
When the request is received the receiver will
Update entry (rest timer) or add a new entry to its ARP cache
Construct and send an ARP reply package.
The sender HA and IP from the request become the target HA and IP in the reply.
The target IP from the request becomes the sender IP for the reply and the MAC address of the receiver becomes the sender HA
© Janice Regan, 2012-2017
20
Sample OPERATION field values
© Janice Regan, 2012-2017
21
© Janice Regan, 2012-2017
22
Sample HARDWARE field values
ARP Message Information
ARP can be used by many MAC layer protocols not just Ethernet
Different protocols have different address lengths (48 bits for Ethernet)
The protocol type field indicates the MAC protocol being used.
The HLEN field indicates the length of the hardware address for that protocol
© Janice Regan, 2012-2017
23
Gratuitous ARP
Sometimes done as a host boots
An ARP request containing the IP of the booting host will be sent
If a reply is received then someone else is also using the IP of the booting machine and the booting machine should choose another IP
© Janice Regan, 2012-2017
24
What is Proxy ARP
Proxy ARP allows multiple networks/network segments to share a single network address
ARP relies on broadcast requests. The broadcast address for a network (LAN) will have a limited scope.
In particular if a LAN includes segments connected by routers each segment will generally have its own broadcast address
© Janice Regan, 2012-2017
25
What is Proxy ARP
Broadcast packets are not forwarded by IPv4 routing and forwarding.
Therefore, broadcast ARP requests will not travel between LAN segments connected by routers
If the segments connected by routers are parts of a larger logical network we may want ARP requests to travel through the router. To make this possible
A proxy ARP process is run on the router
The proxy ARP process makes it possible for the broadcast ARP requests to appear to travel through the router
© Janice Regan, 2012-2017
26
Proxy Arp
© Janice Regan, 2012-2017
27
From: https://www.cisco.com/c/en/us/support/docs/ip/dynamic-address-allocation-resolution/13718-5.html#howdoesproxyarpwork
Operation of Proxy ARP
Consider two segments connected by a router.
The host A wishes to send an Ethernet frame to host D. A does not know D is on a different physical network segment
An ARP request will be broadcast by A. The request cannot directly reach D
The ARP request from A will reach the router interface e0 (172.16.10.99).
© Janice Regan, 2012-2017
28
Operation of Proxy ARP
B is on the second network segment served by the proxy ARP process
Therefore, the proxy ARP process on the router will recognize that the ARP request should be processed.
The router will send an ARP reply to A claiming that the Ethernet address of B is the Ethernet address of interface e0 on the router (00-00-0c-94-36-ab)
© Janice Regan, 2012-2017
29
Operation of Proxy ARP
Later packets addressed to D will be sent to the hardware address of the router. The router will forward them along subnet B to the destination.
When the router forwards the packet to B it will send the IP address of B to the data link layer (in IP header). The router will check it’s own ARP cache to see if there is an entry for B. If not it will use ARP
© Janice Regan, 2012-2017
30
RARP
Reverse address resolution protocol is designed to allow a host to determine its own IP address
This is usually an issue at boot time, when a diskless host may not know its own IP address
The host sends a RARP request to a RARP server asking for its IP. The IP is supplied in the RARP reply
RARP has been largely superseded by other protocols
Other protocols (BOOTP, DHCP) return more information than just the hardware address, increasing efficiency
RARP cannot be used with dynamic assignment of hardware addresses
© Janice Regan, 2012-2017
31
Operation of RARP
© Janice Regan, 2012-2017
32
From the TCP/IP Guide http://www.tcpipguide.com/free/t_ReverseAddressResolutionandtheTCPIPReverseAddressR-4.htm
Operation of RARP
© Janice Regan, 2012-2017
33
From the TCP/IP Guide http://www.tcpipguide.com/free/t_ReverseAddressResolutionandtheTCPIPReverseAddressR-4.htm
/docProps/thumbnail.jpeg