How ARP Protocol Works

How ARP Protocol Works

Description
ARP (Address Resolution Protocol) is a protocol used in computer networks to find the corresponding MAC address for a given IP address. It operates within a Local Area Network (LAN) to resolve the mapping between network layer addresses (IP addresses) and data link layer addresses (MAC addresses).

Core Concepts

  • IP Address: A logical address at the network layer, used for communication across networks (e.g., 192.168.1.10).
  • MAC Address: A physical address at the data link layer, used for device identification within a LAN (e.g., 00-1A-2B-3C-4D-5E).
  • ARP Cache Table: A locally stored table on a device that holds IP-to-MAC mappings, effectively reducing duplicate queries.

Detailed Working Process
Step 1: Check Local ARP Cache
When Device A (IP_A) needs to communicate with Device B (IP_B):

  1. Device A first checks its local ARP cache table to see if a MAC address for IP_B exists.
  2. If it exists and is not expired, it directly uses that MAC address to encapsulate the data frame without triggering the ARP protocol.
  3. If it does not exist or has expired, the ARP request process begins.

Step 2: Send ARP Request Broadcast (Key Step)

  1. Device A constructs an ARP request packet containing:
    • Sender IP Address: IP_A
    • Sender MAC Address: MAC_A
    • Target IP Address: IP_B
    • Target MAC Address: All zeros (00:00:00:00:00:00, indicating it is to be queried).
  2. This packet is encapsulated into a broadcast frame (destination MAC address is FF:FF:FF:FF:FF:FF).
  3. The broadcast frame is sent to the LAN, and all devices receive it.

Step 3: Device B Responds to the ARP Request

  1. All devices in the LAN receive the broadcast frame and parse the ARP request packet.
  2. Only Device B, whose IP address matches the target IP (IP_B), processes the request:
    • It records Device A's IP-MAC mapping (IP_A → MAC_A) into its own ARP cache.
    • It constructs an ARP reply packet containing:
      • Sender IP Address: IP_B
      • Sender MAC Address: MAC_B
      • Target IP Address: IP_A
      • Target MAC Address: MAC_A
  3. Device B sends the reply packet back to Device A via a unicast frame (sent directly to MAC_A).

Step 4: Device A Updates ARP Cache

  1. Upon receiving the ARP reply, Device A:
    • Extracts the mapping between IP_B and MAC_B.
    • Records this mapping into its local ARP cache table (typically with a validity period of 15-20 minutes).
  2. Thereafter, Device A can use MAC_B to encapsulate data frames and communicate normally with Device B.

Technical Details and Characteristics

  1. Broadcast Domain Limitation: ARP requests propagate only within the local broadcast domain; routers do not forward broadcast packets.
  2. Cache Timeout Mechanism:
    • Dynamic Entries: Mappings learned via ARP, typically valid for 15-20 minutes.
    • Static Entries: Permanent mappings configured manually (e.g., using the arp -s command).
  3. Gratuitous ARP:
    • A device proactively broadcasts its own IP-MAC mapping for purposes such as:
      • Detecting IP address conflicts (if a response is received, it indicates an IP conflict).
      • Updating ARP caches on other devices (e.g., during primary/backup server switchover).

Typical Application Scenarios

  • A PC accessing a network printer within the same LAN.
  • Querying MAC addresses when a virtual machine communicates with its host.
  • Address resolution before a switch forwards data based on its MAC address table.

Through the above steps, the ARP protocol achieves dynamic resolution of IP addresses to MAC addresses, serving as a foundational protocol for LAN communication.