Address resolution protocol
- broadcast
- Ethertype = 0x0806
- entry refresh on aging timeout – unicast
- default timeout – 4 hours
- entry learning only via ARP reply to own ARP request
- entry is not refreshed via ARP reply not destined to host (unicast, bcast) – GLBP
- entry is refreshed via ARP reply destined to host (unicast, bcast) – GARP
- sanity check: received ARP reply must be from subnet, connected to receiving interface
- ip route 0.0.0.0/0 <INTF> – connected!
; prefix is considered directly connected, addresses are searched via ARP, not RIB
(config)# ip route <PREFIX> <MULTIACCESS_INTF>
Format
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Hardware type | Protocol type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HLEN | PLEN | OPER | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sender hardware address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sender protocol address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Target hardware address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Target protocol address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
HTYPE:
- L2 protocol:
- Ethernet: 0x0001
HLEN:
- L2 address length
- Ethernet: 6
PTYPE:
- L3 protocol
- IPv4: 0x0800
PLEN:
- L3 address length
- IPv4: 4
OPER:
- 1: request
- 2: reply
Proxy ARP
- if there is a route to dst IP from request (or subnet), router sends ARP reply with its own MAC
- enabled by default, should be disabled
- usecase: fix incorrect config via remote administration
- more ARP traffic, bigger ARP tables
IOS XE
(config-if)# no ip proxy-arp
(config-if)# arp timeout <sec>
RARP
- reverse ARP
- Ethertype = 0x8035
- same messages; THA = self MAC, TPA = 0.0.0.0
- RARP server replies with appropriate IP (DB contains MAC-IP mapping)
- external connectivity – via proxy ARP
- RARP server has to be in the same segment
ARP throttling
- 2s
- every tick ARP request is sent for the missing entry
- ARP is not sent between ticks, packets are dropped
- ended by receiving ARP response