Networking  

Address Resolution Protocol (ARP) in Networking: How It Works

🌍 Introduction to ARP

When applications send or receive data, they usually deal with IP addresses. But under the hood, actual communication over a local network (LAN) requires MAC addresses. Think of it like this.

  • IP Address: Apartment Number (logical, easy for humans)

  • MAC Address: Street Address (physical, unique identifier for devices)

So, to communicate correctly, devices must know the MAC address of the destination device. This is where ARP comes inβ€”it converts IP addresses into MAC addresses.

❓ What is Address Resolution Protocol (ARP)?

ARP stands for Address Resolution Protocol , a protocol defined in RFC 826 (1982) . It belongs to the Data Link Layer (Layer 2) of the OSI model. Its primary function is to determine the hardware address (MAC address) of a device based on its IP address.

πŸ‘‰ In short: ARP = IP β†’ MAC Mapping.

Note: ARP is mainly used in IPv4 networks. In IPv6, ARP is replaced by the Neighbor Discovery Protocol (NDP).

πŸ”Ž How ARP Works (Step-by-Step)

  1. ARP Request (Broadcast)

    • The sender broadcasts: β€œWho has IP 192.168.1.5?”

    • This message is sent to all devices on the LAN.

  2. ARP Reply (Unicast)

    • The device with that IP responds: β€œ192.168.1.5 is at AA:BB:CC:DD:EE: FF.”

    • This reply is sent directly to the requester.

  3. Cache Mapping

    • The sender saves this mapping in the ARP cache for future use.

  4. Communication

    • Now the sender can send packets directly to the MAC address.

⚑ Example: Your laptop (192.168.1.10) wants to send data to a printer (192.168.1.20). Laptop asks the network, β€œWho has 192.168.1.20?” β†’ Printer replies with its MAC β†’ Laptop stores it β†’ Communication begins.

πŸ› οΈ ARP Cases in Networking

Case 1: Same Network Communication

Sender and receiver are in the same LAN β†’ ARP finds the receiver’s MAC.

Case 2: Different Networks (via Router)

If the destination is outside the LAN β†’ ARP finds the MAC of the next-hop router .

Case 3: Router to Router

A router forwarding packets uses ARP to find the MAC of the next router.

Case 4: Router to Host in Same Network

A router uses ARP to find the final host’s MAC.

Note: ARP request is always a broadcast , ARP reply is always a unicast .

πŸ–₯️ ARP Cache & Commands

When an IP is mapped to a MAC, ARP saves it in a table called the ARP Cache. This avoids repeated broadcasts.

  • ARP Cache Timeout: Defines how long the entry remains valid.

πŸ” To check ARP cache on your computer.

  
    arp -a

This will list IP addresses and their associated MAC addresses.

πŸ”„ Types of ARP

1. πŸ” Reverse ARP (RARP)

Used when a device knows only its MAC address but needs its IP address. Example: A new device requests its IP from the router’s ARP table.

2. πŸ§‘β€πŸ’» Proxy ARP

A router answers ARP requests on behalf of another device. This helps devices on different segments communicate as if they are on the same LAN.

3. πŸ”ƒ Inverse ARP (InARP)

The opposite of ARPβ€”it finds the IP address of a device when its MAC is already known. Common in ATM and Frame Relay networks.

4. πŸ“’ Gratuitous ARP

A device sends an ARP message about its own IP-to-MAC mapping. This is often used for updating caches or preventing duplicate IP issues.

πŸ”— Relationship Between ARP, DNS, and DHCP

  • DNS (Domain Name System): Converts a domain name into an IP address.

  • DHCP (Dynamic Host Configuration Protocol): Assigns IP addresses to devices dynamically.

  • ARP (Address Resolution Protocol): Converts IP addresses into MAC addresses.

πŸ‘‰ Complete flow: Domain β†’ DNS β†’ IP β†’ ARP β†’ MAC β†’ Communication

⚠️ ARP Security Concerns

ARP is simple, but it’s also insecure. It can be exploited in attacks.

  • ARP Spoofing / Poisoning: An attacker sends fake ARP replies to trick devices into thinking the attacker’s MAC belongs to a valid IP.

  • Consequences

    • Man-in-the-Middle attack

    • Denial of Service (DoS)

    • Session hijacking

πŸ“œ History and Future of ARP

  • History: ARP was introduced in 1982 (RFC 826) by David C. Plummer. Initially designed for IPv4 and Ethernet.

  • Future: In IPv6, ARP is replaced by Neighbor Discovery Protocol (NDP), which is more secure and works with ICMPv6 messages.

βœ… Advantages of ARP

  • Automatically resolves IP-to-MAC mappings

  • Simple and widely supported

  • Works dynamically without manual intervention

  • Scales across different network sizes

❌ Disadvantages of ARP

  • Vulnerable to spoofing attacks

  • Broadcasts cause extra traffic in large networks

  • No built-in authentication of responses

πŸ“ Summary

ARP (Address Resolution Protocol) is like a translator that ensures smooth communication in networks. It maps IP addresses (logical) to MAC addresses (physical). Without ARP, devices would not know how to deliver data packets over a LAN. Though efficient, ARP has weaknesses like spoofing, which makes security measures necessary. In IPv6, ARP is replaced by NDP, but for IPv4 networks, ARP remains a fundamental and widely used protocol.

Membership not found