This is the fourth day of my participation in Gwen Challenge

ARP working process

As can be seen, when PC1 pingPC2 for the first time, there will be a packet loss, because PC1 has no mapping about PC2 in the ARP table. Now it only knows the IP address and does not know the MAC address corresponding to this IP address. Therefore, the packet loss indicates that an ARP request is being made.

ARP proxy

When a cross-network ARP request occurs, a router returns its MAC address to the sender of an ARP broadcast request to implement MAC address Proxy (bona fide spoofing) and enable the host to communicate.

Here are the highlights:

First, proxy ARP is only an extension of normal ARP, and is optional rather than necessary.

Second: proxy ARP has specific application scenarios, and the gateway/routing Settings have a direct relationship: when the computer does not have the gateway/routing function, and need to communicate across the website, it will trigger proxy ARP. In other words, if you have gateway/routing capabilities, proxy ARP is not required;

Third: Under normal circumstances, when users access the network, they obtain IP address and gateway information through DHCP or manually configured (proxy ARP is not required).

First, we shut down THE IP routing of PC to simulate a computer without a gateway. In the absence of a default gateway, PC1 will request the MAC address of the destination IP address through ARP

The default ARP proxy of a router is enabled. Therefore, the router responds to PC1 with the MAC address of its port for PC1 to send packets to it for processing

On the other side, PC2 uses ARP to obtain the MAC address of the destination IP address. In this case, the router also implements ARP proxy

What if the router turns off the ARP proxy?

R1(config)#int g0/0R1(config-if)#no ip proxy-arp
Copy the code

At this time, PC1 keeps sending ARP to request the MAC address of the destination IP address, but cannot wait for the response. Because it communicates across the network segment, no host in the broadcast domain responds to the ARP request, and the router does not perform proxy

In this case, if there is no gateway, PC1 will directly request the MAC address of the gateway, and then send the packet to the gateway for processing

PC1 (config) # IP default gateway - 172.16.1.1Copy the code

Free ARP

Gratuitous ARP, also known as Gratuitous ARP, is used to detect IP address conflicts in a LAN, helping users and network operation and maintenance personnel to a certain extent. The word “gratuitous” is easier to understand than the translation of “free” : “ask yourself a question and answer it without being asked.”

After setting an IP address, the PC sends a gratuitous ARP broadcast packet on the LAN. If no reply packet is received, the IP address is available

What happens if we change the IP address of PC3 to the same as that of PC2?

The result is that when computers detect a conflict between their IP addresses and those of other computers, they’ll send each other gratis ARP messages telling each other, “Your IP address conflicts with mine.” Note that gratuitous ARP packets are sent in THE ARP Request or Reply broadcast format. They bind IP and MAC addresses and advertise to the entire LAN. If other computers listen in during the declaration and the address is the same as yours, they will also directly participate in the “reciprocal” process.

This is an address conflict dialog box alarm for Windows and MacOS, prompting users to change the local IP address

Log on PC2:

*Dec 11 14:14:35.275: % IP-4-DUpaddr: Duplicate address 172.16.1.2 on Fastethernet0/0, sourced by CA03.2e38.0000Copy the code

Log on PC3:

*Dec 11 14:14:56.411: %IP-4-DUPADDR: Duplicate address 172.16.1.2 on FastEthernet0/0, sourced by ca02.2964.0000
Copy the code

We ping the conflicting IP address on PC1

We can see that there are two ARP reply packets

You can see that the destination MAC address of ICMP packets keeps changing.

So, will this chaotic scramble stop?

It could go on for a while, or it could go on forever. Conflicting parties may keep sending each other until one side gives in and changes the IP address. (Different systems have different solutions)

Because we use a router to simulate a PC, Cisco IOS detects an address conflict through gratuitous ARP and resolves it by brute force. For example, PC2 and PC3 will continue to send gratuitous ARP broadcasts until the conflict is resolved. You can view data packets using the Wireshark

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Working Principle of SUPER Detailed ARP Protocol (full)

ARP working process

ARP proxy

Free ARP

Working Principle of SUPER Detailed ARP Protocol (full)

ARP working process

ARP proxy

Free ARP

Related Posts

Python OpenCV Edge Filter Retention (EPF)

Do you need to add watermarks to Excel worksheets? Easy to implement in C# using Aspose

Introduction to Java basics