[c-nsp] Understanding how ARP works
Joost greene
joost.greene at gmail.com
Sat Jun 7 09:46:44 EDT 2008
Hello everyone,
Please help me confirm my understanding of how basic routing and ARP works,
assuming the below setup, I'll replay how I think it works hoping for
correction.
If you know of an end-to-end example that is documented anywhere on the net
or books like the below, please point me to it.
HostA---SwitchA----(e0)Router(e1)-----SwitchB-----HostB
*
*
*On Host A:*
HostA wants to ping HostB and so it creates an ICMP packet with Src IP of A
and Dst IP of B, looks up the routing table and finds a default gateway
pointing to the Router e0 interface IP address.
A second/recursive lookup is made to the routing table to find out how to
reach the Router's e0 interface and HostA realizes it's directly connected
because they are on the same subnet.
So the Packet gets handed down to Layer 2 and the Src MAC of HostA is added
to the frame and a lookup is made for the Dst MAC in the arp table but none
found so an arp broadcast request is sent out.
*On SwitchA:*
SwitchA receives the request (arp who has) for the IP address of Host B and
it checks its MAC table but none found so it will broadcast the request to
all ports and changes the Src MAC to that of the switch port that is
directly connected to e0 on the router.
Router will receive the request and reply with its e0 MAC address and
SwitchA adds the MAC to its table, so now it replies back to HostA with the
MAC address of e0.
*On Host A:*
MAC address table is now updated and the frame is created and sent to the
Router.
*On SwitchA:*
Frame destined to the router is received and the switch will read only the
Dst MAC and looks up its table, finds which port to send it and there it
goes.
*On Router:*
Router de-encapsulates the Layer 2 frame to find the destination IP of HostB
and looks it up in its routing table, it finds that it's on the same subnet
as the directly connected interface e1 and so it decides to send it out
there.
Router knows now where it needs to send this packet and wants to build a
layer 2 frame for it; we will rewrite the Src MAC to be of e1 before
sending.
To find out the Dst MAC, Router checks its arp table for this MAC but none
found so it sends out an ARP request.
SwitchB receives the request and won't find it in its table so it will
broadcast the request to all ports and then HostB responds and so SwithcB
and correspondingly the Router has the MAC address of HostB and is now able
to construct a Layer 2 frame with all needed information.
Frame is sent out and de-encapsulated at HostB and a reply is sent back and
thats it.
Src and Dst MAC has been changed along the way but never the Src and Dst IP
addresses?
This is all an effort to understand this thread which is:
http://puck.nether.net/pipermail/cisco-nsp/2005-April/019738.html
Thanks,
Joost
More information about the cisco-nsp
mailing list