ARP is an address resolution protocol, The ARP protocol is utilized to resolve IP to MAC ADDRESS. (ARP maps IP and MAC)
ARP request is sent | ARP response is received. ARP operates in the data-link layer and network layer.
IP -> Network layer protocol and addressing
MAC —> Data– layer addressing
IP is the network address, MAC is the device address.
ARP protocol will BROADCAST packets to all the DEVICES in LAN, to find DEVICES using SPECIFIC IPs. The ARP is leveraged to find the devices in the LAN NETWORK.The devices whose IP ARP is looking will be sent via ARP request and an ARP response will be generated once the device is found. ARP protocol is a communication protocol that is leveraged to discover link-layer addresses by using network-layer addresses.
Link layer address -> MAC ADDRESS
Network layer address -> IP Address
ARP protocol implementation details can be found in IEEE Standards. ARP RFC includes:
- RFC 826 (ethernet address resolution protocol )
- RFC 03 (reverse address resolution protocol)
- RFC 230 (inverse address resolution protocol)
- RFC 5227 (IP address conflict detection)
The ARP packets are managed as ARP REQUEST and ARP RESPONSE in the data link layer. ARP Protocol parameters have been standardized and maintained by IANA (internet-assigned name authority).
MAC address's first 3 bytes are vendor identification) last 3 bytes (unique number from manufacturers).MAC address is a unique identifier used by devices to recognize devices across LAN, WAN, MAN, BAN, and PAN networks. MAC ADDRESS is burned on the networking device by the chip manufacturers.
MAC address is a 12 digital hexadecimal number burned in NIC of all devices. MAC data will be shared in the ARP request and response cycle.
ARP DATA-GRAM: Hardware type | Protocol type | Hardware Address length | Protocol address length | Operation sender hardware | Sender protocol address (SPA) | Target hardware address(THA) | Target protocol address.ARP is a higher-layer access mechanism, as the MAC and IP of the sender, target, and NICs are shared in the ARP DATAGRAM.
Inverse ARP is a process in which all the devices in LAN, network address is retrieved via data link layer (layer) addresses (MAC). ARP carries out Layer 3 and Layer 2 Address Mapping.
Attacks via ARP: ARP spooking attacks | Proxy ARP techniques can be leveraged to sabotage and gain ARP datagrams.IPV6 leverages (neighborhood discovery protocols) and secures neighbor discovery rather than ARP.
LAN is a network over which ARP communication is valid, the MAC address that is accessed via ARP is leveraged to carry out intranet communication.
ARP entries are of 2 types: Dynamic ARP entry | Static ARP entry
ARP communication can be MULTI-CAST and UNI-CAST in nature, it has both properties, ARP cache will be leveraged to make the ARP communication process faster. ARP Datagram will contain MAC ADDRESS and IP ADDRESS (sender, targe, NIC).
MAC address is a unique physical address, that is assigned to NIC, the MAC address is shared between the devices to establish a LAN network and to access the internet.
ARP provides IP to MAC association and ARP CACHE makes device-to-device-to-network connections faster. Devices leverage MAC Addresses to talk to each other and share data via the data link layer.
ARP entries types: STATIC ARP ENTRIES | DYNAMIC ARP ENTRIES
Dynamic entries are flushed out from CACHE, They have lower TIME TO LIVE than static ARP entries.
NOTE : IP both private and public addresses will change, MAC is permanent and stays with the device.
Diagrams
The article above is rendered by integrating outputs of 1 HUMAN AGENT & 3 AI AGENTS, an amalgamation of HGI and AI to serve technology education globally.