Address Resolution Protocol (ARP) – Mapping Internet Addresses to

physical addresses.

Systems in the same network must know their physical addresses in order to
communicate with each other.
 How does a host or gateway map an IP address to the correct physical address
when it needs to send a packet over a physical network ?
 Devise a low-level software that hides physical addresses and allows higher-level
programs to work only with internet addresses
 Consider two machines A and B that connect to the same physical network.

A’s IP Address (IA) B’s IP Address (IB)

A’s Physical B’s Physical Address(PB)

Address(PA)

The goal is to devise a low-level software that hides physical addresses and allows
higher-level programs to work only with internet addresses.
System A wants to send packets to System B across a physical network to which they
both are attached, but A has only B’s internet addresss, how does A map that address to
B’s physical address.
1) A must map B’s IP address to its physical address.
2) At any point along the path from the source A to the destination B the packet may
be sent to the router. So the sender A must map the intermediate router’s internet
address to a physical address.
The problem of Mapping of high-level IP address to low-level physical addresses is
called as address resolution problem.
This can be solved by 2 ways
1) some protocols suites keeps tables in each machine that contain pairs of high-level
and physical addresses.
2) Others solve the problem by encoding hardware addresses in high-level addresses.

Two types of physical address

 Small
 Token Ring (proNET-10)
 8 bits
 Large
 Ethernet
 48 bits

 proNET-10 - uses Class C addresses with the host-id portion = 1, 2, ... , 255

Resolution through direct mapping

Consider a proNET token ring network. It uses a small integer for physical addresses and
allows the user to choose a hardware address when installing an interface board in a
computer.
When installing network interface hardware, select a physical address that corresponds to
the IP address (user has the freedom to select both the addresses). Eg., IP address is
192.4.122.4 then physical address can be 4. New machines can be added to the network
without changing existing assignments or recompiling code.

Choosing a numbering scheme that makes address resolution efficient means selecting a
function f that maps IP addresses to physical addresses.

PA = f (IA)

In an ATM network one or more computers (servers) store pairs of addresses, where
each pair contains an internet address and the corresponding physical address. Such
servers store the pairs in a table in memory to speed searching. To guarantee efficient
address resolution in such cases, software can use a conventional hash function to
search the table.

Resolution through dynamic binding

In Ethernet network the problem is with representation of 48-bit Ethernet addresses

within a 32-bit IP address and allowing new machines to be added without recompilation
and does not require maintenance of a centralized database.
To avoid maintaining table of mappings, the designers chose to use a low-level protocol
to bind addresses dynamically. ARP provides a mechanism that is both reasonable
efficient and easy to maintain.

When a host wants to resolve IP address IB, it broadcasts a special packet that asks the
host with IP address IB to respond with its physical address PB.
All hosts, including B receive the request, but only host B recognizes its IP address and
sends a reply that contains its physical address.
When A receives the reply, it uses the physical address to send the internet packet
directly to B.

 ARP - is a low-level protocol used to bind addresses dynamically.

 ARP allows a host to find a physical address of a target host on the same physical
network, given only it’s IP address.
 ARP hides the underlying network physical addressing. It can be thought of as
part of physical network system and not the internet protocols.

ARP Cache

 ARP broadcasts special packets with the destination’s IP address to ALL hosts.
 The destination host (only) will respond with it’s physical address.
 When the response is received, the sender uses the physical address of destination
host to send all packets.
 Broadcasting is expensive on network resources, so an ARP cache of recently
acquired IP-to-Physical address bindings is kept in the cache.
Other Broadcast Improvements:
 Include the sender’s IP-to-Physical address binding along with the request, to the
destination. This reduces future traffic.
 During each broadcast, ALL machines can find out the senders physical address
and record it locally in it’s ARP cache.
 When a new machine comes on-line, it immediately broadcasts it’s IP-to-Physical
address binding to all nodes.

ARP Cache Timeout

ARP cache provides an example of soft state, a technique commonly used in network
protocol, it is a situation in which information can become “stale” without warning.

Advantages and disadvantages of soft state.

 A computer can determine when information in its ARP cache should be
revalidated independent of other computers.
 A sender does not need successful communication with the receiver or a third
party to determine that a binding has become invalid
 The scheme does not rely on network hardware to provide reliable transfer.
 Disadvantage is delay – if the timer interval is N seconds, a sender may not detect
that a receiver has crashed until N seconds elapse.

ARP Refinement
 A includes its IP-to-PA binding when sending B a request. B extracts A’s binding
from the request, saves the binding in its ARP cache, and then sends a reply to A.
  A broadcasts its initial request, all machines on the network receives it and can
extract and update A’s IP-to-PA binding in their cache.
 When a computer has its host interface replaced, its PA changes, the computer
can notify others of a new address by sending an ARP broadcast when it boots.

Relationship of ARP to other protocols

 ARP is a low-level protocol that hides the underlying network physical
addressing, permitting one to assign an arbitrary IP address to every machine,
 ARP is a part of the physical network system, and not as part of the IP.

ARP implementation
There are two main functional parts of the address resolution protocol:
 Determine the destination’s physical address before sending a packet.
 Answer requests that arrive for it’s own Physical-to-IP address binding.
Because of lost/duplicate packets, ARP must handle this to avoid many re-broadcasts.
Bindings in ARP cache (actual cache table) must be removed after a fixed period of time
to ensure validity.
When a packet is received, the sender’s IP address is stripped and the local table is
updated (ARP cache), then the rest of the packet is processed.
Two types of incoming packets:
 Those to be processed (correct destination).
 Stray broadcast packets (can be dropped after updating the ARP cache).
Application programs may request the destination address many times before the binding
is complete. This must be handled, by discarding enqueued requests, when the correct
binding returns.

ARP message

Frame Frame data area

Header
ARP Frame Format
0 8 16 24 31
HARDWARE TYPE PROTOCOL TYPE
HLEN PLEN OPERATION
SENDER HA (octets 0-3)
SENDER HA (octets 4-5) SENDER IP (octets 0-1)
SENDER IP (octets 2-3) TARGET HA (octets 0-1)
TARGET HA (octets 2-5)
TARGET HA (octets 0-3)

 ARP sets the field “TYPE” for the ID of a frame.

 ARP packets DO NOT have a fixed format header, so they can be used with
arbitrary physical addresses and arbitrary protocol addresses.
 The lengths of physical addresses may vary up to 48-bits.

 Hardware Type: (16-bits) - the type of interface the sender seeks an answer for.
 Protocol Type: (16-bits) - the high-level software address type provided.
 HLEN: (8-bits) - length of arbitrary physical address.
 PLEN: (8-bits) - length of arbitrary protocol address.
 OPERATION:(16-bits) - the specific type of operation requested.
 ARP.request (1)
 ARP.response (2)
 SENDER HA: (6-octets) - the sender’s actual hardware address, scalable up to
six bytes.
 SENDER IP: (4-octets) - the sender’s IP address, always 32-bits.
 TARGET HA: (6-octets) - the destination node’s hardware address, scalable up
to six bytes.
 TARGET IP: (4-octets) - the destination node’s IP address, always 32-bits.
Determining an Internet Address at startup / Reverse Address
Resolution Protocol (RARP)

 Machines without secondary-storage (diskless workstations) that cannot store

their IP addresses need to find out by broadcasting their physical address and
requesting a binding to the appropriate IP address.
 Terminals and nodes cannot connect to their fileservers without using source and
destination IP addresses.
 IP addresses should not be bound into a machines bootstrap image. Not doing so
allows for flexibility and convenient changes to configuration information.
 A connection is needed at start-up to allow the diskless workstation to begin
functioning (sends request to a server and waits for the response).
 To provide the connection, workstations include a minimal set of TCP/IP
protocols in firmware.
 Two advantages of using a unique physical address:
 Physical address is available from the network interface hardware and
does not have to be bound into the operating system.
 The machine ID depends on the network (not it’s CPU) so all machines
will be given uniform and unique IDs.

Reverse Address Resolution Protocol (RARP)

 RARP functionality supports multiple physical network types.

 All machines receive RARP requests but only those authorized to supply RARP
services can respond. Machines supplying RARP services are called RARP
servers.
 RARP is only used on LANs with a low probability of failure since bootstrapping
requires quick responses

Fig – a) Machine A broadcasts a RARP request specifying itself as a target

b) those machines authorized to supply the RARP service (C and D) reply directly to A.
Primary and Backup RARP Servers
 Primary servers respond while backup servers simply record the time of the
incoming requests.
 If the primary server is down, backup server will see reoccurring requests and
take over. This take over is done by using a random delay to see if other backup
servers respond first.
RARP Header Fields
0 8 16 24 31
HARDWARE TYPE PROTOCOL TYPE
HLEN PLEN OPERATION
SENDER HA (octets 0-3)
SENDER HA (octets 4-5) SENDER IP (octets 0-1)
SENDER IP (octets 2-3) TARGET HA (octets 0-1)
TARGET HA (octets 2-5)
TARGET HA (octets 0-3)

 RARP requests and responses use the same frame format as ARP, however the
OPERATION field value differs.
 OPERATION:(16-bits) - the specific type of operation requested.
  RARP.request (3)
 RARP.response (4)

Timing RARP Transactions

RARP requests and response are susceptible to loss, because it uses the physical network
directly, no other protocol software will time the response or retransmit the request,
RARP software must handle these tasks.

RARP is used in LAN like Ethernet, where the probability of failure is low.
If the network has only one RARP server, that machine may not be able to handle the
load, so packets may be dropped.

The main advantage of having several computers function as RARP servers is that it
makes the system more reliable.

If one server is down or too heavily loaded to respond, another answers the request.

The disadvantage of having several RARP servers is that when a machine broadcasts a
RARP request, the network becomes overloaded because all servers attempt to respond.

Solution for several RARP servers:

1. Each machine that makes RARP requests is assigned a primary server,
under normal conditions only that server responds to a RARP request. All
nonprimary servers receives the request but merely record its arrival time.
If the primary server is unavailable the original machine will timeout
waiting for a response and then rebroadcast the request. Whenever a
nonprimary server receives a second copy of a RARP request within a
short time of the first, it responds.
2. Use a similar scheme but attempts to avoid having all nonprimary servers
transmit responses simultaneously. Each nonprimary machine that
receives a request computes a random delay and then sends a response.
Under normal circumstances, the primary server responds immediately
and successive responses are delayed, so there is low probability that
several responses arrive at the same time. When the primary server is
unavailable, the requesting machine experiences a small delay before
receiving a reply. By choosing delays carefully, the designer can ensure
that requesting machines do not rebroadcast before they receive an
answer.