Transcript netLyr-arp

IP Addresses
• Universal address regardless of layer 2
architecture
• Each address is that of an interface, not
necessarily a host
• A host may have more than one interface
and therefore more than one IP address
• IP address affects the path selected to
deliver data to a host
Path Based on Address
I1
R
I3
A
I4
B
I2
Host A sends data to host B at address I4
Host A sends data to host B at address I5
I5
I1
Host
I2
I3
I4
Router I5
I8
I7
Bridge
Datagram Delivery
• In the Internet Protocol, the basic unit of
data is called a datagram
• Each datagram is individually addressed
• Decide if destination is on a network to
which device (host/router) is attached
• If on the same network, deliver datagram
directly (direct delivery)
• If on other than a directly attached network,
send datagram to a predefined router for
delivery (indirect delivery)
Datagram Delivery
• Given a destination IP address, a datagram
eventually needs direct delivery
• But datagram must be encapsulated into
the layer 2 architecture for delivery (frame)
• How to find the layer 2 (MAC) address that
is associated with the destination IP
address?
• Could build a table
• Could develop a protocol
Address Resolution Protocol
(ARP)
Ethernet
IA
IB
A
PA
IC
B
C
PB
PC
• At higher level protocol we wish to use addresses
IA, IB, IC
• At final delivery we need to use PA, PB, PC
• We must therefore map
IX
PX
O
F
Ethernet
IA
IB
A
PA
IC
B
PB
C
PC
• Station O needs to send a datagram to address IX
• Station O sends a special frame to broadcast address
• Frame contains address IX
• Station IX is expected to respond with its Physical address
• Station O retains this mapping in its memory (cache)
• Station O also includes its own IP and Physical addresses
in the frame
Address Resolution Protocol
• This is sort of a call for ‘Who on this
network has address IX’
• Response from target station contains its
Physical address
• Actual protocol is defined in RFC 826
• Frame format also defined
• This is a general protocol, not unique to IP
ARP Frame
11111..111
CRC
Source
T
Type = 0806
ARP Frame
1111….111
CRC
Source
T
Type = 0806
ARP Frame
Hardware type: 1 for Ethernet
Protocol type: 0800 for Internet Protocol
Hardware length: 6 for Ethernet
Protocol length: 4 for IP
Operation: 1 for ARP Request, 2 for Reply
Sender hardware address
Sender protocol address
Target hardware address: 0s on a request
Target protocol address
ARP – The Protocol
• A broadcast is received
• Check the frame type – 0806 = ARP
• Check Type and address of sender (Is)
Update cache
•
•
•
•
•
•
Check Operation – Is it a Request
Check Target address (It) – Is it me?
Swaps Hardware and Protocol address
Inserts own Hardware address
Set Operation to Reply (2)
Sends response (unicast)
Gratuitous ARP
• Station send ARP request for its own IP
address
• Let other stations know its mapping and
any changes in hardware address
• Checks to see if any other station has this
same IP address
Proxy ARP
• Sometimes it is desirable for one device
(router) to respond on behalf of other
hosts
• Often used to respond for devices on the
other end of a serial line connected to the
router
• If a station can respond for another, is this
a security concern?
Reverse ARP
• Extension of ARP protocol to allow a
station to obtain its IP address given its
hardware addressed
• Originally used with diskless stations
• This function has been replaced with more
modern protocols
• BOOTP
• DHCP
Position of ARP and RARP
in TCP/IP Stack
Tools - Utilities
Packet Capture – Analyzer
http://www.ethereal.com
Ethereal capture/analyzer
Windows version
Unix version
Ethereal_XTRA on course Web site
http://www.netgroup.polito.it/
WinPcap – required for ethereal
Analyzer – another capture utility
Windump