Difference between revisions of "Manual:IP/ARP"
m (Protected "IP/ARP": manual [edit=sysop:move=sysop])
|Line 1:||Line 1:|
Revision as of 06:57, 21 October 2009
ARP RFC 826
Even though IP packets are addressed using IP addresses, hardware addresses must be used to actually transport data from one host to another. Address Resolution Protocol is used to map OSI level 3 IP addreses to OSI level 2 MAC addreses. Router has a table of currently used ARP entries. Normally the table is built dynamically, but to increase network security, it can be partialy or completely built statically by means of adding static entries.
|address (IP; Default: )||IP address to be mapped|
|interface (name; Default: )||Interface name the IP address is assigned to|
|mac-address (MAC; Default: 00:00:00:00:00:00)||MAC address to be mapped to|
Read only properties
|DHCP (yes | no)||True if arp entry is added by DHCP server|
|dynamic (yes | no)||True if entry is dynamically created|
|invalid (yes | no)||True if entry is not valid|
Maximal number of ARP entries is 8192.
It is possible to set several ARP modes in interface configuration .....
If ARP feature is turned off on the interface, i.e., arp=disabled is used, ARP requests from clients are not answered by the router. Therefore, static arp entry should be added to the clients as well. For example, the router's IP and MAC addresses should be added to the Windows workstations using the arp command:
C:\> arp -s 10.5.8.254 00-aa-00-62-c6-09
This mode is enabled by default on all interfaces. ARPs will be discovered automatically and new dynamic entries will be added to ARP table.
A router with properly configured proxy ARP feature acts like a transparent ARP proxy between directly connected networks.
This behaviour can be usefull, for example, if you want to assign dial-in (ppp, pppoe, pptp) clients IP addresses from the same address space as used on the connected LAN.
If arp property is set to
reply-only on the interface, then router only replies to ARP requests. Neighbour MAC addresses will be resolved using /ip arp statically, but there will be no need to add the router's MAC address to other hosts' ARP tables like in case if arp is disabled.