Q: Which ARP and Where
Are you an #ARP pretender? ARP is simple. At the same time, ARP can be used as both a testing tool and interview tool determine whether someone really knows how networks work, or if they just read the basics in a book. Questions that require you to figure out where ARP is used, and what addresses it learns, proves you truly understand some of the basics of how LANs work, how IP routing works, and how the pieces of the networking puzzle fit together. Today’s question lets you practice those applied ARP skills one more time.
Question
All hosts in the network work. All hosts on the left sit in one VLAN off switches SW1 and SW2. All hosts have been configured with, or have leased, an IP address, mask, and working default gateway address.
Host A has not yet sent any traffic, so that its ARP cache is empty. Then host A connects to the web server PC E using its web browser. PC A had sent no other traffic into the network before connecting to this server. Which of the following is true about what should occur in this scenario?
A. PC A will send an ARP request looking for server E’s MAC address
B. PC A will receive an ARP reply from R1, listing R1’s MAC address
C. Server E may be in the same subnet as PC A
D. PC A must know a route for server E’s subnet before the successful web connections was made
E. Server E will need to send an ARP to learn host A’s MAC address
B
B, the client has to resolve the MAC address of the default gateway IP that’s been configured in its network configuration.
Two votes B so far – thanks to you both! Explanation for all in a few days…
Wendell
You’re most welcome! Thank you for posting all these questions!
B, Since crossing routers the subnets are different. Since it’s being sent to it’s default gateway, it would need to know the layer two mac of router 1 with the IP of server E
I think that is B because Router don’t send or forward broadcast L2 .. R1. has the default gateway who as the mac or ARP inside the network .. because PC A will not send an ARP request looking for server E’s MAC address .. they’re in different network ,
..Server E is not in the same subnet as PC A ..
and Server E will not need to send an ARP to learn host A’s MAC address because they’re in different network
Hi Erick
I won’t reply directly on this post… instead, click the link at the bottom of the post to go to the answers post, which lists a letter answer and an explanation – and compare your answer to that one!
Wendell
B. PC A has no layer 2 knowledge of Host E. It knows however that Host E is not on its network. Therefore, it will have sent out an ARP request for the MAC address to its Default router(because it did not know that ether and it has to have a Destination MAC to complete a frame). Next, the router will send a RARP to the PC. The first step is not listed so, B is the best answer.
Contestacion B, primero tengo el ARP Table vacio, por lo tanto le solicito al R1 el Mac por Arp para encapsular el paquete y enviar. Despues que tengo el MAC de R1 entonces solicito el MAC de E para verificar el FCS.
Manuel,
If Google Translate worked correctly… 🙂
I agree with the first 1/2 of your comment, but not the 2nd 1/2. PC A won’t request PC E’s MAC.
Wendell
Hola Manuel. La PC A va a solicitar un request de ARP para el MAC del R1 (interfaz Gi0/0) ya que es su default Gateway. Luego el R1 le responde a PC A con una respuesta ARP indicándole su MAC. La PC A nunca aprende el MAC de la PC E ya que ésta se encuentra en otra subred y tampoco tiene que aprenderlo ya que cada vez que envía un paquete a un equipo en otra subred, la PC A sabe que lo que tiene que enviar al default Gateway y el se encarga de dirigirlo hacia la subred donde se encuentra.
Answer is A.
Pc A arp request would be something like this: ” if this is your ip address (server E) send me your mac address (server E) ” while R1 and R2 obviously don’t have the required mac address but they know the path to deliver the request.
Hi Folu,
Thanks for the post! Check out the next post (the answers post) linked at the bottom of this post (just above the comments) for my answer and the related explanation.
Wendell
The problem statement said all hosts have a “working default router address”. Shouldn’t “working” mean “an IP packet has been successfully sent”? In that case host A already has an ARP entry for R1.
Hi Peter,
Well, that’s not what I meant by the word “working”. If you prefer to think that deeply about the phrasing, and infer certain facts, then think: the IP address/interface has worked, it has arp’ed, and the ARP cache has timed out. I believe that would then match the scenario.
Wendell
Hi
I’m wondering
What happens to an arp table entry that there hasn’t been any activity for 241 minutes, considering that the default timer is 240 minutes.
Is the entry still in the table or is it dispearing from the table when doing ‘show arp’ ?
thanks
Hi Jason,
It disappears. But honestly, that’s after 240 minutes of non-use, and takes a single ARP Request/Reply to learn again. So seems like a reasonable behaviour.
Hi M. Odom
I’ve read that there might exist a kind of an additional random jitter after the 240 minutes that might extend a little bit that timer ?
Hi Jason,
Yep, ARP and many other protocols include a random timer to attempt to avoid synchronization of the protocols amongst devices. Sometimes snychronizing the timers would cause bad effects, like too much re-learning or messages all at once.
Thank you very much
Happy Holidays,
B) PC A will receive an ARP reply from R1, listing R1’s MAC address