Glossary Background Image

No Bad Questions About Hardware

Definition of Address resolution protocol

What is the address resolution protocol?

Address resolution protocol (ARP) is a communication protocol that translates human-readable IP addresses (like 192.168.1.10) into devices' physical addresses (MAC addresses).

By translating IP addresses to MAC addresses, ARP ensures devices on the same network can talk to each other efficiently. It's a foundational protocol for smooth network operation.

How does the ARP work?

Here's how it works in simple terms:

  • You try to connect to a device on your network. Your device knows the IP address of the target device, but it needs the MAC address to send data directly.
  • Your device broadcasts an ARP request. This request contains the target device's IP address and asks, "Who has this IP address?"
  • The target device hears the ARP request and responds. If the IP-to-MAC mapping exists in the cache, the gateway directs the packet to the correct device. If the mapping is missing, the gateway initiates an ARP request.
  • Your device receives the ARP reply. The gateway receives the reply, updates its ARP cache with the new mapping, and forwards the data packet to the intended device. Now, it knows the target device's MAC address and can communicate directly with it.

How address resolution protocol works

Also, it is important to know that ARP caches have limited space and periodically remove outdated entries (a few minutes old) to maintain efficiency. Frequent updates ensure the cache reflects changes in the network, such as a device changing its IP address or becoming unavailable.

What are the types of ARP?

4 types of ARP are commonly used:

Proxy ARP

It enables communication devices on different networks by allowing a Layer 3 device (like a router) to act as a bridge.

How it works:

  • A device on one network sends an ARP request for a device on another network.
  • The router configured for Proxy ARP intercepts the request and responds with its own MAC address, pretending to be the target device.
  • The originating device sends data packets to the router's MAC address.
  • The router then forwards these packets to the actual target device on the other network.

Gratuitous ARP

To help identify and prevent conflicts caused by duplicate IP addresses on a network.

How it works:

  • A device broadcasts an ARP request for its own IP address.
  • If another device on the network has the same IP address, it will respond to the ARP request, revealing the conflict.
  • This allows network administrators to address the duplicate IP issue.

Reverse ARP (RARP)

This type is used in rare situations where a device doesn't know its own IP address.

How it works:

  • The device sends out a Reverse ARP request, typically to a gateway router.
  • The router checks its table that maps MAC addresses to IP addresses and responds with the device's IP address.

Inverse ARP (InARP)

Less common than other ARP types, InARP is used in specific network technologies like Frame Relay and ATM.

How it works:

  • InARP aims to determine a device's IP address based on its MAC address.
  • This is helpful in these network types where Layer 2 virtual circuit addressing exists and needs to be translated to Layer 3 IP addresses.

RARP and InARP are not as widely used as Proxy ARP and Gratuitous ARP.

What is ARP spoofing?

ARP spoofing is a sneaky attack where a hacker tricks the network by linking their MAC address with a real IP address. This lets them grab data intended for the real device, leading to unauthorized access and other cyber threats.

Key Takeaways

  • The Address Resolution Protocol (ARP) translates IP addresses to MAC addresses, ensuring devices on the same network can communicate effectively.
  • It works by sending out requests to find the MAC address of a specific IP address, allowing for direct data transmission.
  • Types of ARP are: 1) Proxy ARP helps devices on different networks communicate through a router. 2) Gratuitous ARP prevents conflicts caused by duplicate IP addresses. 3) Reverse ARP (RARP) is used when a device needs to find its own IP address. 4) Inverse ARP (InARP) determines a device's IP address based on its MAC address, used in specific network technologies.
  • ARP spoofing is a harmful trick in which a hacker manipulates ARP tables on a network to match their own MAC address with a real IP address. This lets them grab data meant for the real device, leading to unauthorized access and other cyber threats.