Chapter 4 and chapter 5 of network protocols _ ARP RARP
Network Protocol Chapter 3 _ IP Internet Protocol
Http://www.bkjia.com/net/201305/209591.html
Introduction
When a host sends an Ethernet data frame to another host on the same LAN, the destination interface is determined based on the 48-bit ethernet address. The device driver never checks the IP address in the IP datagram.
ARP provides dynamic ing between IP addresses and hardware addresses, because this process is automatically completed.
RARP is used by systems that do not have a disk drive. It needs to be manually set by the system administrator.
Example
An example is used to explain the ARP running process.
Run the command ftp bsdi.
1. the ftp client calls the gethostbyname function to convert the host name to a 32bit IP address. This function is called a parser in DNS.
2. the ftp client uses the obtained IP address to establish a TCP link.
3. TCP sends a connection request segment to the remote host, that is, IP datagram is sent using the IP address above.
4. if the destination host is on the local network, IP datagram can be directly sent to the destination host. If the destination host is on a remote network, then, the IP address routing function is used to determine the next route address on the local network.
5. Assume that it is an Ethernet, the sender must change the 32bit IP address to a 48bit ethernet address. Process translation is required from the logical Internet address to the corresponding physical hardware address. This is the ARP function.
6. ARP sends an Ethernet data frame of the ARP request to each host on the Ethernet. This process is called broadcast. The ARP request data frame contains the IP address of the target host. If you are the owner of the IP address, please reply to your hardware address.
7. The ARP layer of the target host identifies that the broadcast is the hardware address that the sender is asking for, and then sends an ARP response.
8. After ARP responds, the IP datagram for ARP request-response exchange can be sent now.
9. Send IP data to the destination address.
Each network interface has a 48-bit hardware address. A correct interface address is required for data frame exchange at the hardware level. However, knowing the IP address of the host cannot send a frame of data to the host. Because the kernel must know the destination hardware address before sending data, this is the significance of ARP.
SLIP and PPP (point-to-point) links do not use ARP. When you set these links, you need to inform the IP addresses of each end of the kernel link without involving hardware addresses.
ARP high-speed cache
Each host has an ARP high-speed cache to store the ing records from the nearest Internet address to the hardware address. The survival time of each item in the cache is generally 20 minutes, And the start time starts from the time when it is created (the survival time is updated to 20 minutes after it is used again ).
ARP group format
Format of ARP requests and response Frames
Compared with the frame format of Ethernet sub-assembly in Chapter 2, we found that the header is the same, and the ARP request/response field is the data segment.
If the destination ethernet address is 1, it is a broadcast address.
There is a duplicate message in the format of ARP request/Response Group: both the Ethernet header and the hardware address of the sender in the ARP request/response frame.
For an ARP request, the hardware address of the target end must be filled in. When the host receives an ARP request whose destination IP address is the local machine, it fills in its hardware address and replaces the destination address with the two sender addresses, replace the sender address with the destination address and then send the message.
ARP request to a host that does not exist
If the network corresponding to the network number and subnet number does exist, but the host number does not exist, there will be multiple ARP requests. After about 75 s, the TCP connection request will be abandoned.
Note: The TCP packet segment can be sent only when the ARP response is returned, because the hardware address of the destination is known.
ARP cache timeout settings
Set the timeout value to 20 min for the complete table items and 3 min for the incomplete table items.
ARP proxy
If an ARP request is sent from a network host to another network and its footprint, the router connected to the two networks can answer this ARP request. This process is called a delegated ARP or ARP proxy. In this way, the sender of ARP can be spoofed and the router is the target host, while the target host is on the other side of the router.
ARP proxy is also known as ARP hybrid and ARP leasing. These names come from other uses of ARP Proxy: two physical network routers can hide the physical network, in this case, the desired network number can be used between two physical networks. You only need to set the intermediate router as an ARP proxy to respond to ARP requests from one network to another.
Free ARP
Free ARP means the host sends ARP to find its own IP address.
Free ARP:
1. Use it to determine if the same IP address is set for another host. If there is an ARP response, it indicates that another host has set the same IP address.
2. If the host sending free ARP changes the hardware address (For nic), the Free ARP can update the old hardware address in ARP cached by other hosts. If the host receives an ARP request from an IP address and it is already in the recipient's notification cache, update the corresponding content in the cache using the hardware address of the sender in the ARP request.
An example: by sending a free ARP request containing the backup hardware address and the IP address of the faulty server, the backup server can successfully take over from the faulty server. In this way, all reports destined for the faulty server are sent to the backup server. The client program does not have to worry about whether the original server is faulty.
RARP Reverse Address Resolution Protocol
Introduction
When a system with a local disk is booted, the IP address is generally read from the configuration file on the disk. However, diskless machines, such as X terminals and diskless workstations, must use other methods to obtain IP addresses.
The RARP implementation process of a diskless System reads the unique hardware address from the interface card, and then sends an RARP request (a frame of data broadcast on the network ), request a host to respond to the IP address of the diskless system (in RARP response ).
RARP requests are transmitted in broadcast mode, and RARP responses are transmitted in Unicast mode. The RARP response contains the IP address of the sender, so that the sender knows its IP address. When the diskless system receives its IP address from the RARP response, it sends a TFTP request to read the boot image.
RARP Server Design
It is easy to provide an ARP Server, which is usually part of TCP/IP implementation in the kernel. Because the kernel knows the IP address and hardware address, when it receives an ARP request asking the IP address, it only needs to provide a response using the corresponding hardware address.
The RARP server must provide hardware address-to-IP address ing for multiple hosts (all diskless systems on the network. The ing is included in a disk file. Because the kernel generally does not read and analyze disk files, the functions of the RARP server are provided by the user process rather than as part of the Kernel TCP/IP implementation.
RARP requests are broadcast on the hardware layer and are not forwarded by the router. Generally, multiple RARP servers are provided on a network. In order to enable the diskless system to boot when the RARP server is shut down.
Each RARP server sends an RARP response to each RARP request.