ARP

June 8, 2021
Address Resolution Protocol (ARP) is a network protocol used to identify MAC addresses of other network devices by their IP addresses.

How it works

Here is a common ARP use case scenario: two computers are on the same Ethernet network, they have each other’s IP addresses, but MAC addresses are unknown. However, Ethernet network can’t transmit data based on IP addresses.

To solve the problem one of the computers sends a broadcast request with the required IP address to all hosts on the same domain. The computer with the required IP address in its turn replies with its MAC address. This enables data transmission.

The use of IP networks built on top of Ethernet is really widespread, and ARP is always used in such cases. That is why it has become popular too.

Security

ARP cache is checked whenever a MAC address is requested to transmit data. This helps to avoid sending a request again if the needed MAC address has been resolved earlier, and it is still stored in the ARP cache. The ARP cache size is limited, usually it can store MAC addresses only for several minutes. The cache is also regularly flushed. This is necessary to ensure users privacy and security, as well as to prevent IP address spoofing and session hijacking attacks. Besides, all information about any unsuccessful attempts to contact hosts out of the network is deleted during the ARP cache flushing.

We use cookies to optimize site functionality and give you the best possible experience. To learn more about the cookies we use, please visit our Cookies Policy. By clicking ‘Okay’, you agree to our use of cookies. Learn more.