Chapter 19 -- binding protocol addresses (arp)

(rev. 01/12/2008)

Notes On Chapter Nineteen -- Binding Protocol Addresses (ARP)

19.1 Introduction
- To transmit a packet across a LAN or WAN link, a host or router needs to have the hardware address of the intended recipient.
- When an Internet router receives an IP packet, it looks up a next-hop IP address in its routing table.
- Routing tables do not tell a router what hardware address to use for the next hop.
- Hosts and routers need to have a method of translating an IP address into a hardware address.
- This chapter is about various ways to do that translation.
- The translation is called address resolution
19.2 Protocol Addresses And Packet Delivery
- The Internet uses certain standard kinds of addresses and packet formats.
- The actual physical networks over which the Internet traffic flows use different addressing schemes and frame formats -- incompatible with TCP/IP standards and generally with the other physical networks too.
- When Internet packets are sent over network links, they are encapsulated - they travel inside frames appropriate to the physical network, addressed using the addressing scheme of that network.
19.3 Address Resolution
- When hosts X and Y are on the same LAN, X wants to send a packet to Y, and X has only the IP address of Y, then X uses some method of address resolution to translate the IP address to the physical address.
- X can then send the message directly to Y.
- If X and Y are not on the same LAN, then X does not seek the physical address of Y.
- X will send the packet to a router R across the local LAN or other link.
- R will forward the packet to get it close to Y.
- If X does not know the physical address for R, X may use address resolution to obtain it.
- IP packets just get passed from router to router to router until they arrive at a router G connected to the destination network. Then G uses address resolution to find the physical address of the recipient, and delivers the packet.
19.4 Address Resolution Techniques
- "There's more than one way to skin a cat." Address resolution can be done in a variety of ways. It may be done differently on different types of physical networks. Basic categories:
  - Table Lookup
  - Closed-form computation
  - Message exchange
19.5 Address Resolution With Table Lookup
- The basic idea of table lookup is just to look up the IP address in a table (often implemented with an array) and read off the corresponding physical address.
- If the IP addresses are all sequential and the table is laid out in order of increasing IP address, then software can be written so it "jumps" to the correct entry in the table immediately.
- If not, there are programming tricks (e.g. hashing) that can simulate the situation where the numbers are sequential.
- This is important because it can take too long to search a long table for an IP address.
19.6 Address Resolution With Closed-Form Computation
- It may be possible to assign the physical addresses and IP addresses in such a way that there will be a simple arithmetic formula that can be used to translate from one address to the other.
- As a simple example, Ethernet addresses are 6 byte numbers and IP addresses are 4 byte numbers. The Ethernet address corresponding to A.B.C.D could be 0.0.A.B.C.D.
- The closed-form method is very "nice" because it is efficient in its use of both time and memory.
19.7 Address Resolution With Message Exchange
- Hosts can send messages to an address resolution server.
- The servers can be a problem because their tables have to be kept current and they can be swamped with requests.
- Hosts can broadcast a request for address resolution. The intended recipient recognizes its own IP address sent out in the broadcast and replies by sending its hardware address to the host that made the broadcast.
- This distributed method can be a problem because broadcasts force all hosts to use their CPU's.
- On an Ethernet the method is usually message exchange, except that results are cached in a table.
19.8 Address Resolution Protocol
- The TCP/IP standard does not dictate what method of address resolution to use.
- Generally, TCP/IP uses table lookup to find hardware addresses for WAN links.
- Address Resolution Protocol (ARP) is a TCP/IP protocol/standard for message-based address resolution. TCP/IP commonly uses ARP on LAN's with static hardware addressing.
19.9 ARP Message Delivery
- Suppose computer W wishes to send a packet to computer Y. The protocol requires that the ARP request be broadcast on the local LAN in a single packet containing the IP address of W, the hardware address of W, and the IP address of Y.
- Then Y is supposed to respond to W.
- All other hosts process the request, but make no reply.
- Y does not broadcast. It simply places its hardware address in a packet and transmits it to W.
19.10 ARP Message Protocol
- A field in the ARP packet tells the length (in bytes) of a protocol address and the length of a physical address.
- Usually the protocol address is an IP address and the physical address is an Ethernet address, but ARP can be used to translate between arbitrary protocol and hardware addresses.
- The fields of the ARP packet are shown in the figure at right, and on page 313 of the fourth edition.
19.11 Sending an ARP Message
- A host sending an ARP packet places it inside a physical frame (just as any other "data" would be).
- In other words the ARP packet is encapsulated in a hardware frame and treated as "freight" for its trip across the physical network.
19.12 Identifying ARP Frames
- The hardware frame has a type field.
- The sender of an ARP packet places a special code in the type field (0x806 for an Ethernet frame carrying an ARP packet) so the receiver will know that the data portion of the packet contains an ARP message.
- This is useful to the receiver, to help it determine to what protocol stack or software module the packet should be given.
19.13 Caching ARP Responses
- A host W that sends an ARP request will get a reply containing a binding. W will cache the binding in a table.
- That way, W may not have to broadcast another ARP request the next time it needs to resolve that same IP address -- a waste of network bandwidth and CPU time on all the local hosts.
- A host must age and eventually expire information in its ARP cache, else it would keep obsolete information indefinitely.
- ARP information has to change: IP address assignments can change and host NIC's can be replaced.
19.14 Processing An Incoming ARP Message
- Suppose a computer W broadcasts an ARP request on a LAN, in an attempt to learn the physical address of a computer Y. Of course, the ARP request is delivered to all the computers on the LAN. Suppose Z ≠Y is a computer on the LAN that already has a version of W's binding in its cache. Interestingly, Z will update its cache with the binding for W contained in the ARP request.
- This is useful because, since Z currently has a binding for W, it has probably been communicating with W in the recent past. It will probably need to communicate with W in the near future. If Z takes the opportunity now to update its binding for W, then maybe that will save Z some time and effort. Z won't have to send an ARP request to W in the near future.
- Z updates its cache with W's binding only if Z's cache already has a version of W's binding.
- Y, the target of the ARP request from W, behaves differently. Y places W's binding in its cache whether or not it already has binding for W.
- This is worthwhile because W is almost sure to send a packet to Y immediately and Y is almost sure to reply to W. Anticipating this, Y caches W's binding.
19.15 Layering, Address Resolution, Protocol Addresses
- ARP operates at the "Network Interface Layer" of the TCP/IP protocol stack.
19.16 Summary