↪️
ccie.nyquist.eu
  • Table of Contents
  • Layer 2 Technologies
    • Ethernet Switching
      • L2 Switch Operations
      • Spanning Tree
        • 802.1d – STP
        • 802.1w – RSTP
        • 802.1s – MSTP
      • VTP 101
      • Private VLANs
      • VLANs
      • EtherChannel 101
    • Layer 2 WAN Protocols
      • HDLC
        • HDLC 101
      • PPP
        • PPP 101
        • PPP Authentication - PAP
        • PPP Authentication – CHAP
        • PPP Authentication – EAP
        • PPP Multilink
        • PPPoFR – PPP over Frame Relay
        • PPPoE – PPP over Ethernet
      • Frame Relay
        • Frame Relay 101
        • Frame Relay 102
        • Frame Relay Encapsulations – IETF vs Cisco
        • Multilink Frame Relay
        • Frame Relay Switching
        • Routing over Frame Relay
      • Bridging
        • Bridging on a router
        • MTU 101
    • Wireless
      • Wireless Principles
      • Wireless Implementations
      • Wireless Roaming
      • Wireless Authentication
        • WPA2 PSK
        • WPA2 802.1X
  • IPv4
    • IPv4 Addressing
      • Backup Interfaces
      • FHRP 101
      • DHCP 101
      • DNS 101
      • ARP 101
      • IPv4 101
      • Tunnel Interfaces
        • GRE Tunnels
      • BFD – Bidirectional Forwarding Detection
    • IPv4 Routing
      • How the routing table is built
        • How CEF works
        • Routing Order of Operations
        • NSF – Non Stop Forwarding
      • RIP
        • RIP 101
      • EIGRP
        • EIGRP 101
        • EIGRP Metric
        • More EIGRP Features
      • OSPF
        • OSPF 101
        • OSPF Areas
        • OSPF LSAs
        • OSPF Mechanics
      • IS-IS
        • IS-IS 101
        • IS-IS Mechanics – CLNP
      • BGP
        • BGP 101
        • BGP Attributes
        • More BGP
      • Route Redistribution
      • Policy based Routing
      • PfR 101 – Perfromance Routing
      • ODR
  • IPv6
    • IPv6-101
    • IPv6 Routing
    • Interconnecting IPv6 and IPv4
  • MPLS
    • MPLS 101
    • MPLS L3 VPN
  • Multicast
    • Multicast 101
    • PIM 101
    • IGMP 101
    • Inter Domain Multicast
    • IPv6 Multicast
    • Multicast features on switches
  • Security
    • NAT 101
    • NAT for Overlapping Networks
    • ACLs 101
    • ACLs 102
    • Cisco IOS Firewall
    • Zone Based Firewall
    • AAA 101
    • Controlling CLI Access
    • Control Plane
    • Switch Security
      • Switchport Traffic Control
      • Switchport Port Security
      • DHCP Snooping and DAI
      • 802.1x
      • Switch ACLs
    • IPSec VPN 101
      • IKE / ISAKMP 101
      • IPSEC Crypto Maps 101
      • IPSEC VTI 101
      • DMVPN 101
    • EAP 101
  • Network Services
    • NTP 101
    • HTTP 101
    • File Transfer 101 – TFTP & FTP
    • WCCP 101
  • QoS
    • QoS 101
    • Classification and Marking
    • Congestion Management
      • Legacy Congestion Management
      • SPD – Selective Packet Discard
      • CBWFQ
      • IP RTP Priority
    • Congestion Avoidance – WRED
    • Policing and Shaping
      • CAR 101
    • Compression and LFI
      • Header and Payload Compression
      • LFI for MultiLink PPP
    • Frame Relay QoS
      • Per VC Frame Relay QoS
    • RSVP 101
    • Switching QoS
  • Network Optimization
    • NetFlow 101 – TNF – Traditional NetFlow
    • NetFlow 102 – FNF – Flexible NetFlow
    • IP SLA 101
    • IP Accounting 101
    • Logging 101
    • SNMP and RMON 101
    • Cisco CLI Tips and Tricks
    • AutoInstall
    • Enhanced Object Tracking
    • Troubleshooting 101
    • SPAN, RSPAN, ERSPAN
  • Network Architecture
    • Hierarchical Network Architecture
    • SD Access
    • SD WAN
Powered by GitBook
On this page
  • ARP
  • Authorized ARP
  • Inverse ARP
  • Reverse ARP
  • Proxy ARP
  • Local Proxy ARP

Was this helpful?

  1. IPv4
  2. IPv4 Addressing

ARP 101

ARP

ARP is a protocol used on broadcast networks such as Ethernet, Token Ring or FDDI that is used to map L3 Addresses (like IP) to layer 2 Addresses (like Ethernet MAC). When a host needs to send traffic to another host, it knows its Layer 3 address, but it needs to find out the Layer 2 address in order to encapsulate the frame. In order to find the Layer 2 Address, the host will send an ARP Request to the Layer 2 asking “Who has the IP Address x.x.x.x?”. All hosts in the broadcast domain will receive this message, but only the one that was assigned that specific L3 address should respond with a unicast ARP Reply.

When a host receive an ARP message, either ARP Request(broadcast) or ARP Reply(unicast) it updates its ARP Cache. This cache contains all the L3 to L2 mappings that the host knows about. When it needs to send a packet, the host will look in the ARP Cache to find the appropriate mapping. If there is no mapping for the destination IP Address it will send an ARP Request. If it doesn’t receive an ARP Reply, then L2 encapsulation will fail. Entries in the ARP Cache can be dynamic (with a limited lifetime) or static (permanent). To define static entries, use:

R(config)# arp IP-ADDRESS MAC ENCAPSULATION-TYPE ...
! For Ethernet, ENCAPSULATION-TYPE = arpa

To configure the timeout of dynamic ARP entries, use:

R(config)#arp timeout SEC
!default: 14400 sec = 4 hours

You can clear dynamic ARP entires using one of the following commands:

! per interface
R# clear arp interface INTERFACE
! all dynamic entires
R# clear arp-cache

To see the ARP cahce, use:

!All L3 protocols:
R# show arp
! Only IP
R# show ip arp

Authorized ARP

Authorized ARP disables the dynamic update of the ARP cache on an interface. This means that clients connecting to that interface will not be able to communicate with the router unless their MAC address was added to the cache by an authorized process. Authorized processes are static ARP entries and DHCP generated entries. To enable DHCP to update the arp-cache, use the following command inside the DHCP Pool:

R(dhcp-config)# update arp

Inverse ARP

Reverse ARP

Reverse ARP is used when a host doesn’t know its IP Address and works similar to DHCP. The host will send a RARP messages with its MAC Address and expects to receive a reply from a RARP server letting it know what IP Address should use.

Proxy ARP

Proxy ARP is used when a host needs to communicate with another host that is not in the same broadcast domain. A router can detect that the destination IP is not in the same broadcast domain and if it has a route to that destination it can respond with its own L2 address. The packets for the L3 destination will reach the router which will decapsulate and reencapsulate them before sending them over another interface. Proxy ARP is enabled by default on routed interfaces. You can disable proxy ARP per interface, using:

R(config-if)#no ip proxy-arp

or globally:

R(config)# ip arp proxy disable

Local Proxy ARP

Even when configured with proxy-apr, a router will not respond to ARP requests for destination that are on the same incoming interface. However, in some situations (like when having a router connect hosts in an isolated Private VLAN) you might need the router to respond to such ARP requests. To enable this, use:

R(config-if)# ip local-proxy-arp
PreviousDNS 101NextIPv4 101

Last updated 3 years ago

Was this helpful?

See for details.

Inverse ARP is used in Frame Relay or ATM networks and it is used to find the IP Address of the device connected at the other end of a Virtual Circuit. See

DHCP 101
Frame Relay