19.16 Summary

To provide the illusion of a single, Seamless internet, each computer is assigned a high-level protocol address. Because network hardware does not understand protocol addresses, a network cannot locate a computer from its protocol address. Instead, software must translate the protocol address to an equivalent hardware address before sending a packet; the translation is called address resolution.
Three general methods are used for address resolution; the method used depends on the underlying hardware. Table lookup is most often used with wide area networks, closed form computation is used with configurable networks, and message exchange is used with LANs that have static addressing.
The TCP/IP suite contains a standard Address Resolution Protocol (ARP). ARP defines the format of messages that computers exchange as well as the rules for handling ARP messages. The standard specifies that a computer should broadcast an ARP request message, but that a response should be directed. Although the ARP message format is sufficiently general to be used with arbitrary protocol and hardware addresses, the protocol is used most often to resolve an IP address into an Ethernet address.
19.1 Which type or types of address resolution do computers at your site use?
19.2 Can dynamic address resolution be used on a point-to-point network? on a token ring
network? on a network that does not provide broadcast? Why or why not?
19.3 How does a computer know whether an arriving frame contains an IP datagram or an
ARP message?
19.4 How many responses does a computer expect to receive when it broadcasts an ARP re
quest? Why?
19.5 Suppose a computer receives two ARP replies for a single request. The first reply claims that the hardware address is H, and the second reply claims that the hardware address is H. How does ARP software handle the replies?
19.6 How can a computer use ARP to break security? Hint: think about the previous exer
19.7 ARP only permits address resolution to occur on a single network. Could ARP send a
request to a remote server in an IP datagram? Why or why not?

19.15 Layering, Address Resolution, Protocol Addresses

Recall that the lowest layer of the TCP/IP layering model corresponds to the physical network hardware, and the next layer corresponds to the network interface software used to transmit and receive packets. Address resolution is an example of a function associated with the network interface layer. Address resolution software hides the details of physical addressing, allowing software in higher layers to use protocol addressing. Thus, there is an important conceptual boundary imposed between the network interface layer and all higher layers: applications as well as higher-layers of protocol software are built to use protocol addresses only.)
The next chapters will explain the advantages of using protocol addresses for functions such as routing. For now, it is sufficient to understand where the details of physical addressing are hidden. Figure 19.9 illustrates the addressing boundary.
protocol addresses used
higher layers of protocol software
protocol address
bound address resolution оипаary
m device driver
hardware addresses used
network hardware
Figure 19.9 Layered protocol software in a computer and the conceptual boundary between the network interface layer and higher layers. Software above the boundary uses protocol addresses; software below the boundary translates each protocol address to an equivalent hardware address.

19.14 Processing An incoming ARP Message

When an ARP message arrives, the protocol specifies that the receiver must perform two basic steps. In the first step, the receiver extracts the sender’s address binding and checks to see if the sender’s address is present in the cache. If so, the receiver uses the binding in the incoming ARP message to replace the previously stored binding. Updating a stored binding is an optimization that is especially useful in cases where the sender’s hardware address has changed. In the second step, the receiver examines the OPERATION field of the message to determine whether the message is a request or a response. If the message is a response, the receiver must have previously issued a request, and is waiting for the binding. If the message is a request, the receiver compares field TARGET PADDR with the local protocol address. If the two are identical, the computer is the target of the request, and must send an ARP response. To form the response, the computer begins with the incoming message, reverses the senders and
target’s bindings, inserts its hardware address in field SENDER HADDR, and changes the OPERATION field to 2.
ARP contains a further optimization: after a computer replies to an ARP request, the computer extracts the sender’s address binding from the request and adds the binding to its cache for later use. To understand the optimization, it is necessary to know two facts:
O Most computer communication involves two-way traffic – if a
message travels from one computer to another, probability is high that a reply will travel back.
O Because each address binding requires memory, a computer cannot
store an arbitrary number of address bindings.
The first fact explains why extracting the sender’s address binding optimizes ARP performance. To understand the optimization, recall that a computer only sends an ARP request for a given target when it has a packet to deliver to that target. Thus, when computer W sends an ARP request for computer Y, W must have a message to deliver to Y. It is likely that once the packet has been delivered, a packet will be sent back from Y to W. If Y does not have an address binding for W, Y will need to broadcast an ARP request (and W will need to reply).
The second fact explains why the optimization is only performed by the computer that is the target of an ARP request.) Because all computers on the net receive each ARP broadcast, it would be possible for all computers to extract the sender’s binding and store it locally. However, doing so wastes CPU time and memory because it is unlikely that all pairs of computers will need to communicate. Thus, ARP has been optimized so it prerecords only those address bindings that are likely to be needed.

19.13 Caching ARP Responses

Although message exchange can be used to bind addresses, sending a request for each binding is hopelessly inefficient. To see why, consider the network traffic ARP generates. When computer W has a packet to deliver to computer Y, W first broadcasts an ARP request to find Y’s hardware address. After Ysends a reply, W can deliver the Original packet to Y. Thus, three packets traverse the network for each ARP transmission. More important, because most computer communication involves a sequence of packets, W is likely to repeat the exchange many times.
To reduce network traffic, ARP software extracts and saves the information from a response so it can be used for subsequent packets. The software does not place the information in permanent storage, nor does it attempt to save the bindings forever. Instead, ARP maintains a small table of bindings in memory. ARP manages the table as a cache – an entry is replaced whenever a response arrives, and the oldest entry is removed whenever the table runs out of space or after an entry has not been updated for a long period of time (e.g., 20 minutes).
Whenever AKP periorms acucuress bindung, ut searches the cache before using the etwork. If the binding is present, ARP uses the binding without transmitting a request. f the binding is not present in the cache, ARP broadcasts a request, waits for a
response, updates the cache, and then proceeds to use the binding. The next section describes the algorithm in more detail.