When you work in an office environment, you already know that computers will be added and removed from the network all the time. It’s par for the course in this networking game.

Whether you add another computer to the network, or fix a computer that is already on the network, the network you are working on needs to be able to find each device that’s located on it. One way to do that is though ADDRESS RESOLUTION PROTOCOL.

PHYSICAL AND IP ADDRESSES

Before we discuss Address Resolution Protocol (ARP) and what it does, we need to clarify the subject of physical and IP addresses.

There are two things that every device on a network has:

• A physical address.
• An IP address

The physical address is called the MAC address, and it is assigned by the device’s manufacturer.

As you can see in the photo above, the physical address of a device can be located though command prompt. The Mac address (or the physical address) is unique because:

• It contains letters and numbers. This is called HEXADECIMAL NOTATION
• It is 6 bytes in length
• It uniquely ID’s a device on a network from a Network Interface Card perspective, and an IP address perspective.

What’s also important is that both the MAC address and the IP address of a device is included in a packet.

WHAT IS ADRESS RESOLUTION PROTOCOL (ARP)?

ARP allows systems to dynamically discover a device’s MAC address (or physical address) on a network. But it’s a little more than that, according to IBM.

All hosts on a network are located by their IP address, but NICs do not have IP addresses, they have MAC addresses. ARP is the protocol used to associate the IP address to a MAC address.

When a host wants to send a packet to another host, say IP address 10.5.5.1, on its local area network (LAN), it first sends out (broadcasts) an ARP packet. The ARP packet contains a simple question: What is the MAC address corresponding to IP address 10.5.5.1? The host that has been configured to use the IP address responds with an ARP packet containing its MAC address.

IBM

ARP IN ACTION

I tried to make up an ARP lab, where I configured some device addresses, and got a network running perfectly. I failed so badly.

But it was only a partially epic fail. I found some value in configuring my failed network, as I was still able to use the arp command to locate one or two devices on my network, which helped me (kind of) troubleshoot my failed packet issues.

Here were the devices on my network.

We have:

• One switch
• Three PC’s

As you can see, the switch has a VLAN interface and three fast Ethernet interfaces (FA0/1; FA0/2; FA0/3). The fast Ethernet interfaces indicates how the cables are connected to and from each device.

From the topology pictured, we can tell that PC1 has a straight through cable that is connected at interface FA0, and it is connected to the switch at interface FA0/1.

PC2 is connected at FA0, and is connected to the switch at FA0/2 using a straight through cable. PC3 is connected at FA0 and connected to the switch at FA0/3 with a straight through cable too.

If you need to revisit the subject, my chart below spells out which kinds of cables to use in which kind of situation. This situation called for straight through cables.

As you can see, all of my packets failed in simulation mode.

From PC1 I pinged the switch and the other two PCs, and I was getting packet losses.

Using the arp -a command, PC1 could only see PC4. That sucks.

And PC3 can only see PC1 when using the arp -a command. PC2 and the switch gets no love in the arp table.

More importantly, an arp table will tell you the physical address for your devices on your network, as well as the device’s IP address, and whether arp us maintaining the entry dynamically (that’s what the TYPE listing means).

But after a lot of research on Stack Exchange, I finally figured out how to get all of the devices on my bootleg network listed in the arp table.

First, a technician on Stack Exchange pointed out that a Cisco 2960 switch (the switch that I am using in this lab) is a Layer 2 switch.

In order for the devices to communicate with each other, we need to configure the fast ethernet interface ports. To do that, we need to assign them an IP address. We can not assign an IP address (Layer 3) to a Layer 2 interface.

This was my face when I figured this out. I felt so clueless.

So in order to assign the IP addresses you need a router and some more VLANs.

Regardless, I was able to use the arp command so that I could see what devices could are visible on the network.

I’m sure with the right set up I would be able to get this thing running. And honestly, I’ve learned a great deal from this failed lab. So it was only half terrible, like Carlton’s half court shot. I had so much hope.

To read more about arp, check out this tutorial, and take a look at the arp syntax below.

You can also visit Chegg, and test out the arp command in the activity below.