Address Resolution
DAT230 – Communication Technology I
Naeem Khademi
Associate Professor, IDE/UiS
naeem.khademi@uis.no
1
�MAC (L2) & IP (L3)
Two types of addressing on (Ethernet) LAN:
– L2 Physical address (MAC addr): NIC to NIC communication of frames on same LAN
– L3 Logical address (IP addr): communication from src to dst (end-to-end, multiple
networks)
– On the same network, destination IP address and destination MAC address belong to
same device
• If dst IP address is on remote net, dst MAC address will be set to DGW’s MAC addr.
• Question: how discover a net device’s MAC address while knowing its IP address?
– Address Resolution Protocol (ARP) for IPv4
– ICMPv6 Neighbor Discovery (ND) for IPv6
2
� Address Resolution Protocol (ARP) (#1)
• A device uses ARP to determine the
destination MAC address of a local device,
knowing its IPv4 address; ARP offers two
basic functions:
– Resolving IPv4 address into MAC
address
– Maintaining an ARP table of IPv4 to
MAC address mappings
• To send a frame:
a) If dst is on the same net, search # arp -an | grep 10 ARP table example (Linux)
ARP table for a dst IPv4 and a MAC ? (10.241.1.114) at 00:25:90:3e:dc:fc [ether] on vlan241
? (10.252.1.8) at 00:c0:b7:76:ac:19 [ether] on vlan244
address match
? (10.252.1.9) at 00:c0:b7:76:ae:56 [ether] on vlan244
b) If dst on different net, search ARP ? (10.241.1.111) at 00:30:48:f2:23:fd [ether] on vlan241
table for DGW’s IPv4 address ? (10.252.1.6) at 00:c0:b7:74:fb:9a [ether] on vlan244
? (10.241.1.121) at 00:25:90:2c:d4:f7 [ether] on vlan241
c) If found, corresponding MAC [...]
address will be used as dst MAC R1# show ip arp
Protocol Address Age (min) Hardware Addr Type Interface
address in the frame Internet 192.168.10.1 - a0e0.af0d.e140 ARPA GigabitEthernet0/0/0
d) If not found, send an ARP request ARP table example (Cisco IOS)
3
� Address Resolution Protocol (ARP) (#2)
• ARP Request: encapsulated directly over Ethernet (not IP, but EtherType: 0x806);
Broadcast frame (FF-FF-FF-FF-FF-FF as dst MAC addr), propagated through and
processed by switches on all interfaces except incoming! If no ARP reply received,
packet is dropped!
• ARP Reply: unicast meaning dst MAC address is the sender of ARP request; also, with
0x806 as EtherType;
• ARP table entries are not permanent and are removed when an ARP cache timer
expires (if no frame is received from a device for a certain duration)!
– Timer duration is OS-dependent -- e.g., Linux (60 sec), Cisco IOS (4 hours)
– ARP entries can also be removed manually
• ARP issues:
– ARP broadcasts: can flood the local
media
– ARP spoofing: malicious reply to an ARP
request for an IPv4 address that belongs
to another device – e.g., pretend to be
the default gateway!
4
� IPv6 Neighbor Discovery (#1)
• IPv6 neighbor discovery provides:
– Address resolution
– Router discovery
– Redirection services
• Neighbor Cache: similar to ARP table
• ICMPv6 Neighbor Solicitation (NS) and
Neighbor Advertisement (NA) messages
are used for device-to-device messaging
such as address resolution.
– NS is multicast
– ICMPv6 encap in IPv6 encap in Ethernet
• ICMTPv6 Router Solicitation (RS) and Router Advertisement (RA) messages are used
for messaging between devices and routers for router discovery.
– used for dynamic address allocation and stateless address autoconfiguration (SLAAC)
– SLAAC devices send the router a request for the network prefix, and the device uses the prefix
and its own MAC address to create an IP address
• ICMPv6 redirect messages are used by routers for better next-hop selection. 5
�IPv6 Neighbor Discovery (#2)
(1) NS (2) R1 ignores NS
(3) Match (4) NA
6
�Summary…
Network layer
Ethernet MAC & Frames IPv4 & IPv6 addressing MAC & IP address
DGW
Store-n-forward and cut-through IPv4 ARP & IPv6 ND
NAT, host routing,
switching route types & dynamic
Port-based mem vs shared mem routing
7
�Q&A
