Mapping Internet Addresses to Physical Addresses

1
Mapping Internet Addresses to Physical Addresses

• Chapter 5

2
Packet Delivery

• Packets must be delivered by means of a hardware
  address
• From the sender to the destination or to a router
• From one router to another
• Eventually, to their final destination

3
The Address Resolution Problem

• Translating from a protocol, eg, IP, address to a
  hardware address
• Techniques
• Table lookup
• Closed-form computation
• Message exchange

4
Table Lookup
5
Closed Form Computation

• Configurable addresses
• Make the host portion of an IP address the
  hardware address
• Mask the less significant bits of the IP address
  to get the MAC address

6
Address Resolution Protocol

• Host A wants to talk to host B whose IP address
  is known but whose hardware address is not known
• Host A broadcasts an ARP request which includes
  the targets IP address and leaves room for its
  hardware address

7
ARP (continued)

• http//www.calvin.edu/lave/figure-5.1.pdf

8
ARP (continued)

• Is the message a request or a response?
• Request for your hardware address
• Send a response with your hardware address to
  10.10.10.2 only. Why?
• Add 10.10.10.2s hardware address to your cache.
  Why?

9
ARP Cache Timeout

• Soft state
• Data can become stale without warning (computer
  crash)
• Set timers
• After that time flush the information
• Comer says 20 minutes
• Windows NT default is 2 minutes

10
Soft State Advantages

• Autonomy
• Each computer worries about its own cache
• No communication is required to determine that a
  host is down
• It simply will not reply to an ARP request
• No network hardware needed

11
Soft State Disadvantage

• Depends on the timer interval
• For N seconds the host thinks it knows how to
  reach the destination

12
ARP Refinements

• A includes its IP to MAC binding in the request,
  not just its MAC address. Why?
• Any host can use the ARP request to update its
  information about A. Update, not add. Why?
• New NIC? Send gratuitous ARP request for its own
  IP address. Why?

13
ARP Implementation

• Map an IP address to a MAC address
• Consult cache. Not present? Use ARP.
• No response? Hold original data and resend the
  ARP request. Other apps may want to send to the
  same host.

14
ARP Implementation (continued)

• A has a binding for B, but Bs hardware changes.
  Cache timer.
• Software must not send multiple ARP requests.
• Place additional packets in a queue

15
ARP Protocol Format
16
Automatic ARP Cache Revalidation

• Jitter
• Variation in delivery times
• The first packet after a timer expires will take
  extra time
• Use a second timer for early validation. Send an
  arp request but use the cache entry in the
  meantime

17
RARP

• Reverse ARP
• Heres my MAC address. Whats my IP address?

18
A Security Issue - I

• The recipient of an ARP message examines the
  OPERATION field
• On page 316 of CNAI Comer writes, If the message
  is a response, the receiver must have previously
  issued a request, and is waiting for the binding.

19
A Security Issue - II

• Note the word must
• Gratuitous ARP a host repeatedly sends ARP
  responses with its own hardware address
• Hosts are fooled into sending important traffic
  to the attacker
• It works like a charm!

20
A Security Issue - III

• In fairness Comer writes on page 63 of the text
• the receiver tries to match the reply with a
  previously issued request
• Usually, replies arrive in response to a request