11

What will happen when an ARP Request packet is sent from router1 to router2 in the following two cases? Will an ARP Reply be generated or the ARP Request packet be dropped?

  1. [router1]Intf1(20.0.0.1/24) ======== (40.0.0.1/24)Intf2[router2]
  2. [router1]Intf1(20.0.0.1/24) ======== (20.0.0.2/8) Intf2[router2]

The topology above have a port "Intf1" on router "router1" connected a port "Intf2" on another router "router2" via a direct link(eg, a 1 Gbps cable).

gsinha
  • 323
  • 1
  • 3
  • 15
  • You should try and revise your question to be more clear. ARPS are by nature broadcast so Router1 would never send one "to" Router 2 but rather use FF:FF:FF:FF:FF:FF as the MAC. This adds complexity because you have not given information we need to answer. Is the ARP simply sent down the interface leading to Router2 but has a diffrent IP, or is the ARP destined for the IP of router2? – Nick Young Jan 13 '16 at 00:13
  • in the case of proxy arp, arp request can reach another subnet. have a look at this topology http://www.cisco.com/c/en/us/support/docs/ip/dynamic-address-allocation-resolution/13718-5.html – user4250084 Jan 12 '16 at 23:07

4 Answers4

29

ARP only works between devices in the same IP subnet.

When device A with IP address A needs to send a packet to device B with IP address B, the first thing it does is consulting its routing table to determine if IP address B belongs to a subnet it can directly reach through its network interface(s); if it does, then devices A uses ARP to map IP address B to a physical Ethernet address, and then sends an Ethernet frame to that address.

But if the two IP Addresses are on different subnets, the device will follow a completely different logic: it will look in its routing table for a route to the destination network, and then it will send its packet to the appropriate router (or to its default gateway if no more specific route is present); in this scenario, ARP will be used to find the hardware address of the router, because the destination IP address has already be deemed to not be directly reachable, so the packet must be delivered to a router which can take care of it.

Massimo
  • 68,714
  • 56
  • 196
  • 319
  • 1
    Thanks for your reply Massimo. But an ARP packet will never be routed(no proxy ARP configured). So, in the first case, the ARP Request will get discarded. In second case, ARP Reply will be sent back. Please correct me if i am wrong. – gsinha Jun 11 '12 at 15:23
  • In the first case, there will be no ARP request at all, because Router1 will not even try to contact Router2, since its IP address is on a different subnet. – Massimo Jun 11 '12 at 16:16
  • 1
    ``But if the two IP Addresses are on different subnets, the device will follow a completely different logic``: Not necessarily, you could add a static route (``40.0.0.0/24 0.0.0.0 Intf1`` for router 1 in the first example). In that case router 1 will issue an ARP query to find out the MAC address of ``40.0.0.1`` on its ``20.0.0.1`` interface. – Flavien Apr 01 '17 at 13:16
  • @Massimo, Is what Flavien said true? – Pacerier Jun 17 '17 at 06:48
  • @Massimo, Also what d you think of https://serverfault.com/questions/397350/what-happens-when-arp-request-comes-from-a-different-subnet#comment939024_397350 ? – Pacerier Jun 17 '17 at 06:49
  • @Pacerier That's technically possible, but it would not make any sense at the TCP/IP level. You *can* tell a device to reach a target IP address via a network interface which doesn't have any relationship with it, but my best bet would be that the network stack wouldn't know how to handle that. Never tested it, but my gut feeling it's that it would fail. – Massimo Sep 06 '20 at 23:54
  • @Pacerier Also, proxy ARP is a completely different thing, where a router behaves like it's not actually doing any routing and just appears on the local network as if the remote MAC addresses are its own. This is quite wrong, but in some scenarios it can be useful. Not in this one, though. – Massimo Sep 06 '20 at 23:57
5

In SOME cases (I know Linux can behave this way, not sure of others), but a host can respond to ARP's on the "wrong" interface. Take this network:

10.0.0.0/24  ==== Host A ==== 192.168.0.0/24

Host A has an address on both networks; let's say 10.0.0.1 and 192.168.0.1

If Host A receives an ARP for 192.168.0.1 via the 10.0.0.1 interface, it will respond with the MAC address of the 10.0.0.1 interface.

This behaviour is controlled by the arp_ignore kernel tunable (Source: http://blog.steve-miller.org/2010/03/tweaking-arp-behavior-in-linux.html):

arp_ignore - Define different modes for sending replies in response to received ARP requests that resolve local target IP addresses:
0 - (default): reply for any local target IP address, configured on any interface.
1 - reply only if the target IP address is local address configured on the incoming interface.
2 - reply only if the target IP address is local address configured on the incoming interface and both with the sender's IP address are part from same subnet on this interface.
3 - do not reply for local addresses configured with scope host, only resolutions for global and link addresses are replied.
4-7 - reserved
8 - do not reply for all local addresses.

As above, the default is to respond for any local address (ie, an address configured on Host A) regardless of the interface the ARP is received on.

fukawi2
  • 5,327
  • 3
  • 30
  • 51
1

your topology is not clear for me. do you have one ip address on router1/intf1 and 2 ip addresses on router2/intf2? however when router1/intf1 sends an arp request to router2/intf2, router2 will send an arp reply and router1 will store the mac address for the ip address 20.0.0.2 in his arp table. this will work because 20.0.0.1/24 is included in the network 20.0.0.2/8. why do you configure the ip addresses that way it's a little bit strange

user1008764
  • 1,176
  • 2
  • 8
  • 12
  • Bullet points 1 and 2 represent two different network scenarios(or topology). In topology 1(bullet point 1), – gsinha Jun 10 '12 at 15:56
  • 1
    ok then scenario 1 will not work. the routers can't communicate in Layer 3 (IP) because they are in differend subnets. – user1008764 Jun 10 '12 at 16:00
1

There are two possible answers neither of which have to do with arp, but instead the forwarding table.

If there is a route statement on R1 forwarding traffic destined for all networks (default route) out of Intf1 then the ARP replies will be generated by R2 and will be received by R1, in both scenarios.

ARP is a Link Layer Protocol which uses the hardware address to communicate. It has no dependencies nor is it restricted by higher layer protocols such as IP.

GhostRyder
  • 111
  • 1