1.3.3 ARP
- <Structure of this section>
(1) Packet format of ARP
The formats and settings of ARP packets sent by the Switch conform to RFC826.
(2) ARP Packet-Validity Checking
The Switch checks the validity of received ARP packets. The following tables show the items checked for ARP packets.
|
ARP packet-field |
Check item |
When a check error occurs Packet discard |
|---|---|---|
|
Hardware type |
Hardware type = 1 (Ethernet) |
OK |
|
Protocol type |
Protocol =0800H(IP) 1000H(Trailer packet) Must be |
OK |
|
Hardware address length |
Must be 6 |
OK |
|
Protocol address length |
Must be 4 |
OK |
|
Operation code |
Handle operation codes other than 1 (REQUEST) and 1 as 2 (REPLY). |
- |
|
Sender hardware address |
The value must be a value other than the following:
|
OK |
|
Sender protocol address |
Must be one of the following
|
OK |
|
Target hardware address |
Not checked. |
- |
|
Target protocol address |
The value must be a value other than the following:
|
OK |
(Legend) OK: Discard-: Not applicable
- #
-
Trailer packet is not sent spontaneously, but it is learned by returning a reply when requested.
(3) Operation in ARP Reception
The Switch learns new ARP entries or refreshes learned ARP entries based on received ARP packets. It also responds with ARP packets as needed. The following tables show the operations when ARP is received.
|
ARP type |
Target protocol address |
Sender protocol address |
ARP reply |
To learn new ARP |
ARP updating |
|---|---|---|---|---|---|
|
ARP Request |
Address of the local device |
0.0.0.0 Address of the local device |
OK |
- |
- |
|
Other cases |
OK |
OK |
OK |
||
|
Other cases |
Address of the local device |
OK |
- |
- |
|
|
Other cases |
- |
- |
- |
||
|
ARP Reply |
Address of the local device |
Address of the local device |
- |
- |
- |
|
Other cases |
- |
OK |
OK |
||
|
Other cases |
Address of the local device |
- |
- |
- |
|
|
Other cases |
- |
- |
OK # |
(Legend) OK: Working-: Does not work
#: When ARP Reply is broadcast or multicast
(4) ProxyARP
You can run Proxy ARP on all interfaces in the Switch. Set whether to enable local Proxy ARP in the configuration. When the Switch receives an ARP request packet that satisfies all of the following conditions, it sends an ARP reply packet on behalf of the target protocol.
-
The target protocol address in the ARP request packet is not a broadcast address.
-
The subnetwork number in the sender protocol address of the ARP request packet differs from the subnetwork number in the target protocol address.
-
The target protocol address in the ARP request packet exists in the routing table and the packet can reach the destination.
(5) Local ProxyARP
You can run local Proxy ARP on all interfaces in the Switch. Set whether to enable local Proxy ARP in the configuration.
The differences between Proxy ARP and local Proxy ARP are as follows:
-
Proxy ARP mainly responds to ARP requests directed to subnets connected to interfaces that differ from the ARP receiving interface for terminals that do not support routing.
-
Local Proxy ARP responds to ARP requests directed to subnets connected to the receiving interface.
Use local Proxy ARP for subnets containing terminals that cannot directly communicate with one another for security reasons or for subnets where broadcast is prohibited. To provide an environment for running local Proxy ARP on the Switch, execute the l2-isolation configuration command. Local Proxy ARP allows the Switch to forward traffic between terminals on the same subnet. Note that using local Proxy ARP increases the number of ICMP Redirect messages. We therefore suggest that you disable ICMP Redirect messages.
The Switch sends an ARP reply packet on behalf of the target protocol when it receives an ARP request packet that satisfies all of the following conditions:
-
The target protocol address in the ARP request packet is not a broadcast address.
-
The subnetwork number in the target protocol address in the ARP request packet matches the subnetwork number of the receiving interface.
-
The sender protocol address and the target protocol address are different.
(6) Aging timer
You can specify the aging time for ARP information for each interface in minutes. The minimum specifiable value is one minute and the maximum specifiable value is 24 hours. The default is four hours.
(7) ARP settings
To connect the Switch to a product that does not use the ARP protocol, use the arp configuration command to associate MAC addresses and IP addresses (the ARP information).
(8) Viewing ARP Info
You can execute the show ip arp command on an operation terminal to check the ARP information. By checking the ARP information, you can determine the association between the IP address and MAC address for a specific interface.
(9) Hardware discard of unresolved address packets
If you continue to communicate with a non-existent terminal or via a non-existent router for a reason related to network configuration, packets with unresolved addresses are forwarded to the CPU, which might result in an increased CPU load. In such a case, you can reduce the CPU load by setting the arp discard-unresolved-packets configuration command to use the hardware to discard forwarding packets with unresolved addresses.
The following shows how the hardware discard functionality is performed for packets with unresolved addresses.
|
|
![[Figure Data]](./GRAPHICS/ZU302025.GIF)
When an interface with the arp discard-unresolved-packets command set fails to resolve an address for the first time, the ARP entry is temporarily registered to the hardware as an entry to be discarded. Because forwarding packets sent to the ARP entry or forwarding packets that use the ARP entry as the next hop are discarded by the hardware after address resolution attempts fails as many times as the number specified by the arp max-send-count configuration command until the time specified by the arp discard-unresolved-packets command has elapsed, the CPU load is reduced. If the next address resolution attempt is successful, normal communication is possible thereafter.
Use this functionality only in an abnormal situation where unresolved addresses persist.