Eathernet, ARP, RARP, InARP

Eathernet (LAN) Address Resolution Protocol (ARP) Reverse Address Resolution Protocol (RARP)

Inverse Address Resolution Protocol (InARP)

Eathernet LAN
Developed by Metcalfe's (Xerox company got patent)
MAC address (48 bits) is used as address of a device. CSMA/CD is used for multiple access. Packet size is variable (payload varies from 46 to 1500 octet)

Pure Eathernet is no more in use, at present combination of

Eathernet and Internet is used in LAN.

Eathernet can be setup using Coaxial cables and Twisted Wire

cables (RJ 45 cat 5 and cat 6 cables)

2

Eathernet frame format

Preamble field consists of 64 bits alternating 0 and 1 to help receiving

interface to synchronize.
48 bits MAC/Hardware/Physical/Eathernet address unique throughout the world

for a devise.
MACaddress 0xFFFFFFFFFFFF is used to broadcast a packet in the network. Some software can generate duplicate MAC address also (generally used by hackers)

16 bits Frame Type Field is used to identify the type of data being carried in a

frame. It determine which protocol software module should process the frame.
Packet size is variable (payload varies from 46 to 1500 octet)

32 bits CRC field helps to detect error in the frame.

3

 Internet devices Host devices- Computer, Laptop, PDA, IP telephone etc. Hub, Switch, Router, Repeaters, Bridge, Gateway, Server
IP allocation Techniques Static IP allocation
comparatively secure but not efficient in case of limited IP addresses

Dynamic IP allocation (DHCP)

more efficient but less secure, can be secured by allocating user login & password to authenticate users

Internet devices (Cont.)

Hub: connects PCs together,

Works as multi-port repeater , simply passes on (repeats) all the

information it receives broadcasts incoming packets from a port to other ports of the Hub. Can not process packets. generates unnecessary traffic in network due to broadcasting of packets through undesired ports (not part of destination link) .
Hub can be used in a small network but for a larger, heavily

used network a another network device (switch) may be used to reduce the amount of unnecessary traffic being generated.
5

Internet devices (Cont.)

Switch: Switch has capability to process received packet and identify

the destination port based on destination address in header of the packet. It forwards the received packets to respective destination ports only Thus it doesnt generate unnecessary traffic in network This allows simultaneous communication across the switch, improving bandwidth.
Switch is preferred over Hub to extend a network.

ARP and RARP

Objectives
Understand the need for ARP Understand the cases in which ARP is used Understand the components and interactions in an ARP package Understand the need for RARP

ARP and RARP

ARP
ARP provides a dynamic mapping from an IP address to the

corresponding hardware (MAC) address. We use the term dynamic since it happens or updates automatically after certain period of time and is normally not a concern of either the application user or the system administrator.
RARP (Reverse Address Resolution Protocol)

RARP is used by systems without a disk drive but requires

manual configuration (in ROM) by the system administrator to send bootstrap message.
8

10

ARP and RARP

11

Position of ARP and RARP in TCP/IP protocol suite

Notice that ARP and RARP are supplemental to IP.

12

ARP operation

13

ARP packet (IP PDU)

Hardware Type - Ethernet is type 1, field length= 16 bits Protocol Type- IPv4= x0800, field length= 16 bits Hardware Length: Hardware Address length (6 byte), field length= 8 bits

Protocol Length: length of IPv4 address (4 byte), field length= 8 bits

Operation: Request 1, Reply 2, field length= 16 bits
14

Encapsulation of ARP packet (IP PDU)

The ARP packet is encapsulated within an Ethernet packet. Note: Type field for ARP is x0806

15

Four cases using ARP

16

Example 1
A host with IP address 130.23.43.20 and physical address B2:34:55:10:22:10 has a packet to send to another host with IP address 130.23.43.25 and physical address A4:6E:F4:59:83:AB (which is unknown to the first host). The two hosts are on the same Ethernet network. Show the ARP request and reply packets encapsulated in Ethernet frames.

See Next Slide

17

Network topology:- when two computers connected directly or through Hub in same network

Example 1 (Continued)
Solution the ARP request and reply packets. Note that the ARP data field in this case is 28 bytes, and that the individual addresses do not fit in the 4-byte boundary. That is why we do not show the regular 4-byte boundaries for these addresses. Also note that the IP addresses are shown in hexadecimal. For information on binary or hexadecimal notation see Appendix B.

See Next Slide

18

Example 1

19

Proxy ARP

A proxy ARP, running in a router, can respond to an ARP request for any of its sub- ordinate device. The proxy ARP replies with its own MAC address. When the packet arrives, the router delivers it to the appropriate host.

20

ARP Software Package

An example of a simplified ARP software package ARP software package consists of five modules: a cache table, queues, an output module, an input module, and a cache-control module.

The topics discussed in this section include: Cache Table Queues Output Module Input Module Cache-Control Module

21

ARP components

22

The Cache Table

If ARP just resolved an IP address, chances are a few moments later someone

is going to ask to resolve the same IP address.

When ARP returns a MAC address, it is placed in a cache table. When the

next request comes in for the same IP address, look first in the cache table.

Essential to the efficient operation of ARP is the maintenance of

an ARP cache on each host.

23

Original cache table used for examples

24

The Cache Table Contents

State: FREE, PENDING, RESOLVED Hardware type: same as ARP field

Protocol type: same as ARP field

Hardware length: same as ARP field Protocol length: same as ARP field Interface number: port number (m0,m1, m2) Queue number: which queue the ARP request is sitting in Attempts: how many times have you tried to resolve this address? Time-out: how long until this address is tossed out (need the room in cache) Hardware address: destination hardware address Protocol address: destination IP address

25

How Does the Cache Work?

Output Module
The output module waits for an IP packet with a request

Checks the cache for an existing entry

If entry found and state RESOLVED, we already have this MAC

address
If entry found and state PENDING, packet waits until destination

hardware address found

If no entry found, output module places this request in queue, and a

new entry is placed in cache with state PENDING and ATTEMPTS set to 1. An ARP request is then broadcasted.
26

How Does the Cache Work?

Input Module
The input module waits until an ARP request or reply arrives Module checks the cache for this entry If entry is found and state is PENDING, module updates entrys

target hardware address, changes state to RESOLVED, and sets the TIME-OUT value

27

How Does the Cache Work?

Input Module (cont.)
If entry is found and state RESOLVED, module still updates the entry

(target hardware address could have changed) and the TIME-OUT value reset
If entry not found, module creates a new entry. State is set to

RESOLVED and TIME-OUT is set

Now the module checks to see if arrived ARP packet is a Request. If

it is, the module immediately creates an ARP Reply message and sends it back to sender.
28

How Does the Cache Work?

Control Module
The cache-control module periodically checks each cache entry

If entrys state is FREE, skips it If entrys state is PENDING, Attempts field is incremented by 1. This

value greater than max? Toss this entry (and mark entry as FREE). Less than max? Send another ARP request
If state of entry is RESOLVED, module decrements value of Time-out

field accordingly
If Time-out field < 0, then remove entry and set state to FREE
29

Original cache table used for examples

30

Example 2
The ARP output module receives an IP datagram (from the IP layer) with the destination address 114.5.7.89.
It checks the cache table and finds that an entry exists for this destination with the RESOLVED state (R in the table).
It extracts the hardware address, which is 457342ACAE32, and sends the packet and the address to the data link layer for transmission. The cache table remains the same.

31

Example 3
Twenty seconds later, the ARP output module receives an IP datagram (from the IP layer) with the destination address 116.1.7.22.
It checks the cache table and does not find this destination in the table.

The module adds an entry to the table with the state PENDING and the Attempt value 1. It creates a new queue for this destination. It then sends an ARP request to the data link layer for this destination.

32

See Next Slide

Updated cache table for Example 3

33

Example 4
Fifteen seconds later, the ARP input module receives an ARP reply packet with target protocol (IP) address 188.11.8.71.
The module checks the table and finds this address.
It changes the state of the entry to RESOLVED and sets the time-out value to 900. The module then adds the target hardware address (E34573242ACA) to the entry. Now it accesses queue 18 and sends all the packets in this queue, one by one, to the data link layer. The new cache table is shown in next slide.

34

See Next Slide

Updated cache table for Example 4

35

Example 5
Twenty-five seconds later, the cache-control module updates every entry.
The time-out values for the first three resolved entries are decremented by 60. The time-out value for the last resolved entry is decremented by 25.
The state of the next-to-the last entry is changed to FREE because the timeout is zero. For each of the three pending entries, the value of the attempts field is incremented by 1. One entry (IP address 201.1.56.7 is over max, so change to FREE.

36

See Next Slide

Updated cache table for Example 5

37

ARP Probe message

ARP Probe is used in the IPv4 Address Conflict Detection specification (RFC 5227).

It is an ARP request constructed with an all-zero sender IP address.

Before beginning to use an IPv4 address (whether received from manual configuration, DHCP, or some other means), a host implementing this specification must test to see if the address is already in use, by broadcasting ARP probe packets

38

ARP announcement / gratuitous message

This is useful for updating other hosts' mapping of a hardware address when the sender's IP address or MAC address has changed.

ARP request is broadcasted containing the sender's protocol and Hardware address, with the target hardware address set to zero.
An alternative is to broadcast an ARP reply with the sender's hardware and protocol addresses . An ARP announcement is not intended to solicit a reply. Gratuitous ARP is also used by some interface drivers to provide load balancing for incoming traffic (sends information without requests).

In a team of network cards, it is used to announce a different MAC address within the team that should receive incoming packets.
39

40

RARP
RARP finds the logical address (IP) for a machine that only knows its physical address. This if often encountered on thin-client workstations. No disk (memory), so when machine is booted, it needs to know its IP address (dont want to burn the IP address into the ROM). RARP requests are broadcast, RARP replies are unicast. If a thin-client workstation needs to know its IP address, it probably also needs to know its subnet mask, router address, DNS address, etc. So we need something more than RARP. BOOTP, and now DHCP have replaced RARP.

41

RARP operation

42

RARP packet (IP PDU)

43

Encapsulation of RARP packet

44

InARP (Inverse ARP)

Inverse Address Resolution Protocol (Inverse ARP or InARP) is

used to obtain Network layer addresses (for example, IP addresses) of other nodes from data link layer (Layer 2) addresses.
It is primarily used in Frame relay networks based on TDMA,SDMA,

FDMA, OFDMA based on Data Link Connection Identifier (DLCI) and ATM networks, in which Layer 2 addresses of virtual circuits are sometimes obtained from Layer 2 signaling, and the corresponding Layer 3 addresses must be available before those virtual circuits can be used.

45

InARP (Cont.)
Since ARP translates Layer 3 addresses to Layer 2 addresses,

InARP may be described as its inverse. In addition, InARP is implemented as a protocol extension to ARP: it uses the same packet format as ARP, but different operation codes as for request = 8, reply = 9.
The RARP, like InARP, translates Layer 2 addresses to Layer 3

addresses. However, in InARP the requesting station queries the Layer 3 address of another node, whereas RARP is used to obtain the Layer 3 address of the requesting station itself for address configuration purposes
46

Frame-relay inverse-ARP
Frame-relay is a layer 2 technique that uses a concept of Connection

Identifier to distinguish user connections in TDMA, OFDM, OFDMA, SDMA based and ATM networks.

These days WiFi, WiMAX and LTE are OFDMA based wireless

technique which uses Connection Identifiers (CID) at Layer 2.

In WiMAX connection Identifiers (CID) are of 16 bit length (total

2^16 CIDs are classified as Initial, Management, Traffic and Relay sub-sets based on their utilization), All the CIDs can be reused in another network cell (under one Base Station) except replay sub-set of CIDs.

47

Connection techniques in Frame based networks

Two techniques are used to assign DLCI between adjacent devices
Common DLCI Distinct DLCI

Single virtual connection between two devices

Central device assigns a DLCI and Protocol address (network address) to

a host device. The host device requests Protocol address of Central device/ other host device by sending InARP request.
Multiple virtual connection between two device
Central device assigns a DLCIs and Protocol addresses (network
48

address) to a host device as per number of virtual connections for example based on type of services.

QoS scheduling in WiMAX

CID/SID= connection Identifier/Subscriber identifier

The TDMA frame format

Super-frame
Random Access Random Access

Reserved

Reserved

p1
0

p1
1

p0

p0
0 1

p1

Transmit Part

Receive Part

Space Division Multiple Access

primitive applications are Sectorized

antennas

in future adaptive antennas simultaneously steer energy in the direction of many users at once

SDMA and PDMA in satellites

SDMA dual-beam receive

antenna simultaneously access from two different regions of the earth

OFDM frame

53

OFDMA/TDD frame (WiFi, WiMAX)

54

Traffic Tunneling in WiMAX

55

Tunnel in tunnel for traffic transmission in WiMAX

56

Initialing Messaging in WiMAX

57