ARP notes
For other network related things, see:
Also: |
For context, consider that
- wired home LANs are usually Ethernet, and
- within a Ethernet network, packets are sent to MAC addresses
The fact that what we carry on top is usually IP is not something that Ethernet layer hardware cares about.
Yet IP is so ubiquitous that some amount of added integration between IP and Ethernet would be great.
ARP is mainly used to find a MAC when the IP is known - which IPv4 addresses are (currently) held by which Ethernet MACs - so that you can think in IP addresses instead, and there is something doing the translation for you.
ARP's packets carry little more than something like
"Who has 192.168.178.29? Tell 192.168.178.1"
And responses (from the node with that address)
"192.168.178.29 is at 74:d4:35:01:23:45"
(which is basically what tcpdump arp -n will say)
Nodes will keep a table containing the (mac,ip) pairs from such answers,
as they support IP-level networking calls.
Note that this is also useful for layer-2 switching,
in that ARP responses will have the side effect of telling the switch
which port a particular MAC is attached to (we can ignore the IP part of the response),
which is the only port that packets for that MAC need to be sent on
(before it learns this, it has to broadcast packets to all ports - basically acting like hub until it learns this).
Each computer-like host tends to keep an ARP table too see arp -n in *nix or arp -a on windows)
ARP has other uses,
such as the allowing a DHCP client to double check whether the IP it just got is already in use in its broadcast domain, before creating what might be an IP conflict.
(optional but a good idea)
ARP requests are usually broadcast (though there are uses for Directed ARP requests) }}, responses unicast.