Figure 5.4-1: Each adapter connected to a LAN has a unique LAN address.
One interesting property of LAN addresses is that no two adapters have the same address. This might seem surprising given that adapters are manufactured in many different countries by many different companies. How does a company manufacturing adapters in Taiwan make sure that it is using different addresses from a company manufacturing adapters in Belgium? The answer is that IEEE manages the physical address space. In particular, when a company wants to manufacture adapters, it purchases a chunk of the address space consisting of 224 addresses for a nominal fee. IEEE allocates the chunk of 224 addresses by fixing the first 24 bits of a physical address and letting the company create unique combinations of the last 24 bits for each adapter.
An adapter's LAN address has a flat structure (as opposed to a hierarchical structure), and doesn't change no matter where the adapter goes. A portable computer with an Ethernet card always has the same LAN address, no matter where the portable goes. Recall that, in contrast, an IP address has a hierarchical structure (i.e., a network part and a host part), and a node's IP address needs to be changed when the host moves. An adapter's LAN address is analogous to a person's social security number, which also has a flat addressing structure and which also doesn't change no matter where the person goes. An IP address is analogous to a person's postal address, which is hierarchical and which needs to be changed whenever a person moves.
One natural question at this juncture is, because all nodes also have IP addresses, why do they have to have LAN addresses as well? There are several good answers to this question. First, LANs are designed for "arbitrary" network-layer protocols, not just for IP. If adapters were to get assigned IP addresses rather than "neutral" LAN addresses, then the adapters would not be able to easily support other network-layer protocols (e.g., IPX or DECNet). Second, if adapters were to use IP addresses instead of LAN addresses, the IP address would have to stored in adapter RAM and configured every time the adapter were moved (or powered up). Another option is to not use any addresses in the adapters, and have each adapter pass the data (i.e., the IP datagram) of each frame it receives to its parent node. The parent node could then check for a matching IP address. One problem with this option is that the parent node will be interrupted by every frame sent on the LAN, including by the frames that are destined for other nodes on the LAN.
As we described at the beginning of this section, when an adapter wants to send a frame to some destination adapter on the same LAN, the sending adapter inserts the destination LAN address into the frame. When the destination adapter receives the frame, it extracts the enclosed datagram and passes the datagram up the protocol stack. All the other adapters on the LAN also receive the frame; but these other adapters discard the frame without passing the network-layer datagram up the protocol stack. Thus, these other adapters do not have to interrupt their hosts when they receive datagrams destined to other hosts. Having said this, sometimes a sending adapter does want all the other adapters on the LAN to receive and process the frame it is about to send. In this case, the sending adapter inserts a special LAN broadcast address into the destination address field of the frame. For LANs that use the six-byte addresses (such as Ethernet and token-passing LANs), the broadcast address is a string of 48 consecutive 1s (i.e., FF-FF-FF-FF-FF-FF in hexadecimal notation).
So we see that ARP resolves an IP address to a LAN address. In many ways it is analogous to DNS (studied in section 2.5), which resolves hostnames to IP addresses. However, one important difference between the two resolvers is that DNS resolves hostnames for hosts anywhere in the Internet, whereas ARP only resolves IP addresses for nodes on the same LAN. If a node in California were to try to use ARP to resolve the IP address for a node in Mississippi, ARP would return with an error.
Now that we have explained what ARP does, let's look at how it works.
The ARP module in each node has a table in its RAM called an ARP table.
This table contains the mappings of IP addresses to LAN addresses. Figure
5.4-3 shows what an ARP table in node 222.222.222.220 might look like.
For each address mapping the table also contains a time-to-live (TTL) entry,
which indicates when the entry will be deleted. Note that the table
does not necessarily contain an entry for every node on the LAN; some nodes
may have had entries that expired over time, whereas other nodes may have
never been entered into the table. We note that a typical expiration time
for an entry is 20 minutes from when an entry is placed in an ARP table.
|
|
|
|
|
|
|
|
|
|
|
|
Now suppose that node 222.222.222.220 wants to send a datagram that is IP-addressed to another node on that LAN. As we indicated above, the sending node needs to obtain the LAN address of the destination node, given the IP address of that node. This task is easy if the destination node has an entry in the sending node's ARP table. But what if the destination node does not currently have an entry in the ARP table? In particular, suppose node 222.222.222.220 wants to send a datagram to node 222.222.222.222. In this case, the sending node uses the ARP protocol to resolve the address. First, the sending node constructs a special packet called an ARP packet. An ARP packet has several fields, including the sending and receiving IP and LAN addresses. Both ARP query and response packets have the same format. The purpose of the ARP query packet to is to query all the other nodes on the LAN to determine the LAN address corresponding to the IP address that is being resolved.
Returning to the example, node 222.222.222.220 passes an ARP query packet to the adapter along with an indication that the adapter should send the packet to the LAN broadcast address, namely, FF-FF-FF-FF-FF-FF. The adapter encapsulates the ARP packet in a data link frame, uses the broadcast address for the frame's destination address, and transmits the frame into the LAN. Recalling our social security number / postal address analogy, note that an ARP query is equivalent to a person shouting out in a crowded room of cubicles in some company (say, AnyCorp): "What is the social security number of the person whose postal address is cubicle 13, Room 112, AnyCorp, Palo Alto CA?". The frame containing the ARP query is received by all the other adapters on the LAN, and (because of the broadcast address) each adapter passes the ARP packet within the frame up to its parent node. Each node that receives the ARP packet checks to see if its IP address matches the destination IP address in the ARP packet. The one node with a match sends back to the querying node a response ARP packet with the desired mapping. The querying node (222.222.222.220) can then update its ARP table and send its IP datagram.
There are a couple of interesting things to note about the ARP protocol. First, the query ARP message is sent within a broadcast frame whereas the response ARP message is sent within a standard frame. Before reading on you should think about why this is so. Second, ARP is plug-and-play, that is, a node's ARP table gets built automatically -- it doesn't have to be configured by a systems administrator. And if a node is disconnected from the LAN, its entry is eventually deleted from the table.
Sending a Datagram to a Node Off the LAN
It should now be clear how ARP operates when a node wants to send a datagram to another node on the same LAN. But now let's look at the more complicated situation when a node on a LAN wants to send a network-layer datagram to a node off the LAN. Let us discuss this issue in the context of Figure 5.4-4, which shows a simple network consisting of two LANs interconnected by a router.
There are several interesting things to note about Figure 5.4-4. First, there are two types of nodes: hosts and routers. Each host has exactly one IP address and one adapter. But, as discussed in Section 4.4, a router has an IP address for each of its interfaces. Each router interface also has its own ARP module (in the router) and its own adapter. Because the router in Figure 5.4-4 has two interfaces, it has two IP addresses, two ARP modules and two adapters. Of course, each adapter in the network has its own LAN address.
Also note that all of the interfaces connected to LAN 1 have addresses of the form 111.111.111.xxx and all of the interfaces connected to LAN 2 have the form 222.222.222.xxx . Thus, in this example, the first three bytes of the IP address specifies the "network" whereas the last byte specifies the specific interface on a network.
Now suppose that host 111.111.111.111 wants to send an IP datagram to host 222.222.222.222. The sending host passes the datagram to its adapter, as usual. But the sending host must also indicate to its adapter an appropriate destination LAN address. What LAN address should the adapter use? One might venture to guess that the appropriate LAN address is the address of the adapter for host 222.222.222.222, namely, 49-BD-D2-C7-58-2A. This guess is, however, wrong. If the sending adapter were to use that LAN address, then none of the adapters on LAN 1 would bother to pass the IP datagram up to its network layer; the datagram would just die and go to datagram heaven.
If we look carefully at Figure 5.4-4, we see that in order for a datagram to go from 111.111.111.111 to a node on LAN 2, the datagram must first be sent to the router interface 111.111.111.110. Thus, the appropriate LAN address for the frame is the address of the adapter for router interface 111.111.111.110, namely, E6-E9-00-17-BB-4B. How does the sending host acquire the LAN address of 111.111.111.110? By using ARP, of course! Once the sending adapter has this LAN address, it creates a frame and sends the frame into LAN 1. The router adapter on LAN 1 sees that the data link frame is addressed to it, and therefore passes the frame to the network layer of the router. Hooray, the IP datagram has successfully been moved from source host to the router! But we are not done. We still have to move the datagram from the router to the destination! The router now has to determine the correct interface on which the datagram is to be forwarded. As discussed in Section 4.4, this is done by consulting a routing table in the router. The routing table tells the router that the datagram is to be forwarded router interface 222.222.222.220. This interface then passes the datagram to its adapter, which encapsulates the datagram in a new frame and sends the frame into LAN 2. This time, the destination LAN address of the frame is indeed the LAN address of the ultimate destination. And how does the router obtain this destination LAN address? From ARP, of course!
ARP for Ethernet is defined in [RFC 826]. A
nice introduction to ARP is given in the TCP/IP tutorial, [RFC
1180]. We shall explore ARP in more detail in the homework problems.
[RFC 826] D.C. Plummer, "An Ethernet
Address Resolution Protocol," RFC
826, November 1982.
[RFC 1180] T. Socolofsky and C. Kale,
"A TCP/IP Tutorial," RFC
1180, January 1991.
If you are interested in an Internet Draft relating to a certain subject or protocol enter the keyword(s) here.