Connecting Connecting The Network Layer The Network Layer to Data Link Layerto Data Link Layer

ARP in the IP LayerARP in the IP Layer The Address Resolution ProtocolThe Address Resolution Protocol ( (ARPARP)) Part of the Internet Protocol (IP) to Part of the Internet Protocol (IP) to

solve a specific problemsolve a specific problem Usually considered to be a part of the Usually considered to be a part of the

link layerlink layer The physical layer has 6 byte The physical layer has 6 byte MACMAC

addresses, while the network layer addresses, while the network layer has independent (4 byte) IP addresseshas independent (4 byte) IP addresses

ARPARP What is the connection between What is the connection between IP IP

and HW (MAC = Ethernet) addressesand HW (MAC = Ethernet) addresses?? There is no a priori connection as they There is no a priori connection as they

live in different layerslive in different layers But they need some connection But they need some connection

otherwise we won't be able to use a otherwise we won't be able to use a physical layer to send IP packets: we physical layer to send IP packets: we won't know where a particular IP won't know where a particular IP packet should physically be sentpacket should physically be sent

ARPARP Every host on the Internet has (at Every host on the Internet has (at

least) one 32 bit (4 byte) IP addressleast) one 32 bit (4 byte) IP address It is unique to that host and so It is unique to that host and so

identifies that machine on the Internetidentifies that machine on the Internet

ARPARP IP addresses are chosen by the local IP addresses are chosen by the local

system administrator to suit the local system administrator to suit the local networknetwork

Ethernet addresses are built into the Ethernet addresses are built into the interface hardware by the manufacturerinterface hardware by the manufacturer

The two addresses bear absolutely no The two addresses bear absolutely no relationship to one another (as we would relationship to one another (as we would expect from the layering principles)expect from the layering principles)

ARPARP Suppose want to send a packet over Suppose want to send a packet over

(say) an Ethernet(say) an Ethernet We only know the destination's IP We only know the destination's IP

addressaddress To build the Ethernet frame we have To build the Ethernet frame we have

to know the Ethernet address that the to know the Ethernet address that the destination hasdestination has

This is what ARP does: This is what ARP does: It It findfindss the the hardware address corresponding hardware address corresponding to an IP addressto an IP address

How How ARPARP finds the Targets MAC finds the Targets MAC AddressAddress

STEP 1:STEP 1:– ARP broadcasts an ARP Request ARP broadcasts an ARP Request

packet that contains the target IP packet that contains the target IP address in an Ethernet frame with address in an Ethernet frame with destination address ff:ff:ff:ff:ff:ff and destination address ff:ff:ff:ff:ff:ff and source source ((its ownits own)) Ethernet address Ethernet address

– All hosts on the local network read thAll hosts on the local network read thisis broadcasted broadcasted frameframe

– The target host recognises the request The target host recognises the request for its IP addressfor its IP address

ARPARP STEP 2:STEP 2:

– The target sends an ARP Reply packet The target sends an ARP Reply packet containing its own Ethernet address containing its own Ethernet address

– It knows the source's Ethernet address as It knows the source's Ethernet address as found infound in the request packet the request packet

– The source gets the reply and reads out The source gets the reply and reads out the target's Ethernet addressthe target's Ethernet address

– It can now use that Ethernet address to It can now use that Ethernet address to send IP packetssend IP packets

WHAT is WHAT is ARPARP FRAME? FRAME?

The frame type for ARP is 0806The frame type for ARP is 0806 Hardware type: 1 for an Ethernet Hardware type: 1 for an Ethernet

addressaddress Protocol type: 0800 for an IP addressProtocol type: 0800 for an IP address Sizes: sizes in bytes of the address Sizes: sizes in bytes of the address

fields, 6 for Ethernet, 4 for IPfields, 6 for Ethernet, 4 for IP

ARPARP

OP: 1 for a request, 2 for a replyOP: 1 for a request, 2 for a reply Address fields: the dataAddress fields: the data In a In a requestrequest the the targettarget MAC addressMAC address

field is not filled infield is not filled in,, whichwhich is what we is what we are trying to find!are trying to find!

In In a reply a reply the sender the sender MACMAC address is address is the address we seekthe address we seek

ARPARP The source caches the address so it The source caches the address so it

doesn't need to do an ARP for every IP doesn't need to do an ARP for every IP packetpacket

The cache expires after (say) 20 The cache expires after (say) 20 minutes, after which a fresh ARP minutes, after which a fresh ARP exchange is neededexchange is needed

This is in case the Ethernet-to-IP This is in case the Ethernet-to-IP address relationship changes, e.g., an IP address relationship changes, e.g., an IP address is reassigned to a new machineaddress is reassigned to a new machine

What if the Target is not on the What if the Target is not on the Same LAN?Same LAN?

If no machine on the local network has If no machine on the local network has the requested IP address, or that the requested IP address, or that machine is down, no reply will be machine is down, no reply will be forthcomingforthcoming

In this case, after a few seconds (and a In this case, after a few seconds (and a few repeated ARP requests), an error few repeated ARP requests), an error message is send to the application trying message is send to the application trying to make the IP connectionto make the IP connection

This might be “no such host” or “host This might be “no such host” or “host unreachable”unreachable”

SRC and DST on different SRC and DST on different Networks: Networks: ARPARP Bridging Bridging

A clever trick that shows ARP can be A clever trick that shows ARP can be used for things other than it was used for things other than it was designed to dodesigned to do

This trick allows us to extend an This trick allows us to extend an Ethernet (or other network) over a Ethernet (or other network) over a physically larger distance than its physically larger distance than its specifications allow, and to join a specifications allow, and to join a wireless network to a wired one so wireless network to a wired one so they appear to be a single networkthey appear to be a single network

ARPARP Bridging Bridging

A bridge is a host with two interfaces, A bridge is a host with two interfaces, one on each networkone on each network

If host h1 wishes to send to host h2 it If host h1 wishes to send to host h2 it must determine its hardware addressmust determine its hardware address

ARPARP Bridging Bridging

So h1 sends an ARP broadcast for h2So h1 sends an ARP broadcast for h2 The bridge sees this request and responds The bridge sees this request and responds

on behalf of h2 (a proxy ARP), but it on behalf of h2 (a proxy ARP), but it supplies its own hardware address b1supplies its own hardware address b1

ARPARP Bridging Bridging

Now h1 sends data to what it thinks is h2, Now h1 sends data to what it thinks is h2, but is actually the bridgebut is actually the bridge

The bridge reads the packet, sees it is The bridge reads the packet, sees it is destined for h2 (by its IP address) and destined for h2 (by its IP address) and forwards it to the other network where h2 forwards it to the other network where h2 can read itcan read it

ARPARP Bridging Bridging

The forwarded frame will be changed to The forwarded frame will be changed to have h2 as destination and b2 as sourcehave h2 as destination and b2 as source

If h2 replies, it can either use h2 which If h2 replies, it can either use h2 which it got from the original packet or do an it got from the original packet or do an ARP request, which the bridge proxies in ARP request, which the bridge proxies in a symmetrical waya symmetrical way

ARPARP Bridging Bridging

In either case the packet goes to the In either case the packet goes to the bridge, which forwards it to h1, again bridge, which forwards it to h1, again rewriting the frame addresses rewriting the frame addresses appropriatelyappropriately

This is all transparent to h1 and h2 who This is all transparent to h1 and h2 who believe they are on the same networkbelieve they are on the same network

ARPARP Bridging Bridging

This is sometimes called transparent This is sometimes called transparent bridgingbridging

If h1 is communicating with both h2 and h3 If h1 is communicating with both h2 and h3 its cache will show then to have the same its cache will show then to have the same hardware address b1: this is not a problemhardware address b1: this is not a problem

ARPARP Bridging Bridging ARP bridging is fine for joining a pair ARP bridging is fine for joining a pair

of small networks, but less so for of small networks, but less so for larger collections of networkslarger collections of networks

IEEE 802.1d Ethernet Bridging IEEE 802.1d Ethernet Bridging standard addresses this, dealing with standard addresses this, dealing with the cases of multiple routes between the cases of multiple routes between hostshosts

Remote Remote ARPARP Bridging Bridging

Bridging can also connect networks that Bridging can also connect networks that are widely separated, e.g., by a WAN, are widely separated, e.g., by a WAN, again to appear as a single network again to appear as a single network using remote bridgingusing remote bridging

Compare this with tunnellingCompare this with tunnelling

Remote Remote ARPARP Bridging Bridging

The endpoints are called The endpoints are called half bridgeshalf bridges This is similar in principle to local This is similar in principle to local

bridging, but now the half bridges must bridging, but now the half bridges must cope with encapsulation over the WAN; cope with encapsulation over the WAN; differences in speed and packet sizes of differences in speed and packet sizes of the LAN and WAN and so onthe LAN and WAN and so on

Reverse Address ResolutReverse Address Resolution ion Protocol (RARP)Protocol (RARP)

Reverse ARP addresses to opposite Reverse ARP addresses to opposite problem to ARP: problem to ARP: given a hardware given a hardware address find the IP addressaddress find the IP address

Needed by hosts that don't initially Needed by hosts that don't initially know their own IP address, e.g., a know their own IP address, e.g., a diskless computer, a laptop plugging diskless computer, a laptop plugging into a network, a refrigerator, etc.into a network, a refrigerator, etc.

Reverse Address ResolutReverse Address Resolution ion Protocol (RARP)Protocol (RARP)

Very similar to ARPVery similar to ARP Frame type 8035Frame type 8035 Same frame layoutSame frame layout Op type 3 for a RARP request, type 4 Op type 3 for a RARP request, type 4

for a RARP replyfor a RARP reply RARP is OK for limited purposes, but RARP is OK for limited purposes, but

much better protocols exist to solve much better protocols exist to solve the same problem (see DHCP)the same problem (see DHCP)

DHCP DHCP a a Sublayers Under the Sublayers Under the Network LayerNetwork Layer

How does a host get allocated an IP How does a host get allocated an IP address?address?

1.1. allocated manually by an administratorallocated manually by an administrator: : OK as far as it goes but does not scale to OK as far as it goes but does not scale to large networks and some networks (e.g., large networks and some networks (e.g., home networks) don't have (competent) home networks) don't have (competent) administratorsadministrators

2.2. Use the Dynamic Host Configuration Use the Dynamic Host Configuration ProtocolProtocol

DHCP DHCP a a Sublayers Under the Sublayers Under the Network LayerNetwork Layer

DHCP, and its predecessor BOOTP, DHCP, and its predecessor BOOTP, exist to allocate IP addresses to hostsexist to allocate IP addresses to hosts

We start with BOOTP then describe We start with BOOTP then describe DHCP which is similar but massively DHCP which is similar but massively extends BOOTPextends BOOTP

Both extend RARPBoth extend RARP

How Does How Does DHCP DHCP Work?Work?Dynamic Host Configuration Protocol Dynamic Host Configuration Protocol ::DHCPDHCP

DHCP is designed for DHCP is designed for the the general general configuration of a host: address, configuration of a host: address, subnet mask, gateway, name servers, subnet mask, gateway, name servers, and moreand more

Needed uNeeded usually for hosts with non-sually for hosts with non-permanent connections, e.g., permanent connections, e.g., Internet Internet service providers, etcservice providers, etc

How Does How Does DHCP DHCP Work?Work? DHCP has a pool of available addresses DHCP has a pool of available addresses

that it can assign to hosts as they needthat it can assign to hosts as they need When a host leaves, its address can be When a host leaves, its address can be

reusedreused DHCP gives a lease time on an addressDHCP gives a lease time on an address If the lease expires the host can renew If the lease expires the host can renew

via DHCPvia DHCP A well-behaved host will signal (via DHCP) A well-behaved host will signal (via DHCP)

when it no longer needs an addresswhen it no longer needs an address

How Does How Does DHCP DHCP Work?Work?

DHCP suppliesDHCP supplies– IP addressIP address– Subnet maskSubnet mask– GatewayGateway– name serversname servers– lease timeslease times– print serversprint servers

– GatewayGateway– boot serversboot servers– mail serversmail servers– host namehost name– web serversweb servers

Prechecking of an IP AddressPrechecking of an IP Address Before supplying an address, DHCP Before supplying an address, DHCP

should ping the network for that should ping the network for that address: this is to check that no host address: this is to check that no host is accidentally using that address is accidentally using that address alreadyalready

Prechecking of an IP AddressPrechecking of an IP Address Before supplying an address, DHCP should Before supplying an address, DHCP should

ping the network for that address: ping the network for that address: this is this is to check that no host is accidentally using to check that no host is accidentally using that address alreadythat address already

Inform others:Inform others: After getting an address, After getting an address, thethe host can send an ARP reply containing host can send an ARP reply containing its own address. This its own address. This gratuitous ARP gratuitous ARP informs other hosts on the network of the informs other hosts on the network of the new address association so they can new address association so they can update their ARP cachesupdate their ARP caches

How Does How Does DHCP DHCP Work?Work?

The data is encoded in a DHCP packet The data is encoded in a DHCP packet asas– a a tag byte tag byte to indicate the type of datato indicate the type of data– a a lengthlength byte byte– the the datadata itself itself

Tag 0 to pad data for alignmentTag 0 to pad data for alignment Tag 255 to indicate end of dataTag 255 to indicate end of data

The Packet HeaderThe Packet Header

DHCP Message FlowDHCP Message Flow