Arp; Overview; The Arp Cache - D-Link NetDefendOS User Manual

3.5. ARP

3.5.1. Overview

Address Resolution Protocol (ARP) allows the mapping of a network layer protocol (OSI layer 3)
address to a data link layer hardware address (OSI layer 2). In data networks it is used to resolve
an IPv4 address into its corresponding Ethernet address. ARP operates at the OSI layer 2, data link
layer, and is encapsulated by Ethernet headers for transmission.
IP Addressing Over Ethernet
A host in an Ethernet network can communicate with another host only if it knows the Ethernet
address (MAC address) of that host. Higher level protocols such as IP make use of IP addresses
which are fundamentally different from a lower level hardware addressing scheme like the MAC
address. ARP is used to retrieve the Ethernet MAC address of a host by using its IP address.
When a host needs to resolve an IPv4 address to the corresponding Ethernet address, it
broadcasts an ARP request packet. The ARP request packet contains the source MAC address, the
source IPv4 address and the destination IPv4 address. Each host in the local network receives this
packet. The host with the specified destination address, sends an ARP reply packet to the
originating host with its MAC address.

3.5.2. The ARP Cache

The ARP Cache in network equipment, such as switches and firewalls, is an important component
in the implementation of ARP. It consists of a dynamic table that stores the mappings between IP
addresses and Ethernet MAC addresses.
NetDefendOS uses an ARP cache in exactly the same way as other network equipment. Initially,
the cache is empty at NetDefendOS startup and becomes populated with entries as traffic flows.
The typical contents of a minimal ARP Cache table might look similar to the following:
Type
Dynamic
Dynamic
Publish
The explanation for the table contents are as follows:
• The first entry in this ARP Cache is a dynamic ARP entry which tells us that IPv4 address
192.168.0.10 is mapped to an Ethernet address of 08:00:10:0f:bc:a5.
• The second entry in the table dynamically maps the IPv4 address 193.13.66.77 to Ethernet
address 0a:46:42:4f:ac:65.
• The third entry is a static ARP entry binding the IPv4 address 10.5.16.3 to Ethernet address
4a:32:12:6c:89:a4.
Tip: OSI Layers
See Appendix D, The OSI Framework for an overview of the different OSI layers.
IPv4 Address
192.168.0.10
193.13.66.77
10.5.16.3
Ethernet Address
08:00:10:0f:bc:a5
0a:46:42:4f:ac:65
4a:32:12:6c:89:a4
221
Chapter 3: Fundamentals
Expires
45
136
-