- Posts: 4
- Thank you received: 0
ARP
18 years 2 weeks ago #17850
by monavy
Reagrding ARP
if a host has to send a packet for which it does not have the cache, then it will broadcast an ARP request for the host on the same network.
but in case we have created multiple vlans and the destination host is in other vlan, what will the host request a broadcast for? the default gateway, or the destination?
please throw some light on it in details
if a host has to send a packet for which it does not have the cache, then it will broadcast an ARP request for the host on the same network.
but in case we have created multiple vlans and the destination host is in other vlan, what will the host request a broadcast for? the default gateway, or the destination?
please throw some light on it in details
18 years 2 weeks ago #17853
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Hi there,
this will depend on if you have intervlan routing enabled. The way ARP works is that it is used to communicate on the Layer 2 of the OSI Model. Layer 3's IP Addressing is there for us so we can easily remember the addresses (and then DNS was brought out to make it easier so we don't need to remember the IP Addresses).
Anyhow, if machines are on the same subnet, a ARP broadcast would go out for the machine (because its in the same subnet), this would mean that they are also in the same VLAN. If the machine is in a different VLAN, then in order for it to communicate there must be some sort of routing between the VLAN's (either intervlan routing via a layer 3 switch or using a router to route between the VLAN's). If this is the case, then the machine would know its on a different subnet (because of its subnet mask) and would then have to go to the default gateway. If thats not in the ARP cache it would then ARP For the default gateway.
Hope that answers ya question
Cheers
this will depend on if you have intervlan routing enabled. The way ARP works is that it is used to communicate on the Layer 2 of the OSI Model. Layer 3's IP Addressing is there for us so we can easily remember the addresses (and then DNS was brought out to make it easier so we don't need to remember the IP Addresses).
Anyhow, if machines are on the same subnet, a ARP broadcast would go out for the machine (because its in the same subnet), this would mean that they are also in the same VLAN. If the machine is in a different VLAN, then in order for it to communicate there must be some sort of routing between the VLAN's (either intervlan routing via a layer 3 switch or using a router to route between the VLAN's). If this is the case, then the machine would know its on a different subnet (because of its subnet mask) and would then have to go to the default gateway. If thats not in the ARP cache it would then ARP For the default gateway.
Hope that answers ya question
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
- ashok_nitc
- Offline
- Junior Member
Less
More
- Posts: 64
- Thank you received: 0
17 years 7 months ago #21136
by ashok_nitc
Replied by ashok_nitc on topic Re: ARP
hi Smurf, i didn't get fully whatever you tried to say...!! according to the question i guess as cache entry is not there so it will broadcast for the destination.... and as destination is in different subnet so default gateway will come in to the picture!
17 years 7 months ago #21151
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Hi,
The way a VLAN works is that it seperates the Broadcast Domain in order to reduce Broadcast traffic. In olden days, large networks suffered from broadcast traffic and once the number of machines hit a critical mass, the number of broadcasts started to impact the performance of the network.
VLAN's are a way of splitting this broadcast traffic down into seperate broadcast domains (usually setting differing network segments in the process).
If you have VLAN 2 with subnet 10.10.10.0/24 and VLAN 4 with subnet 10.10.11.0/24 then this is fine and all broadcast traffic on VLAN 4 will not be seen by VLAN 2 and vica versa.
Right, so whats my point. VLAN 4 and VLAN 2 cannot see broadcast traffic (or unicast traffic) or infact any traffic for each other. i.e. VLAN 4 cannot see ANY traffic on VLAN 2 and vica versa.
If we have a machine in VLAN 2 wanting to talk to a machine in VLAN 4, it would generally know that its a different Network ID using the Subnet Mask and realise that the traffic needs to be sent to a router to get to the other subnet. Thats basically what happens, if a Layer 3 switch wasn't used, a "Router on a stick" would probably be used to route between the vLANS.
Now, if you had setup two VLAN's within the same Network Segment (no idea why one would do this ?) it is still possible for this to work by using Proxy ARP but not really advisable as you are loosing the benefits of the VLAN in the first place.
Hope it answers the question better ?
Cheers
Wayne
The way a VLAN works is that it seperates the Broadcast Domain in order to reduce Broadcast traffic. In olden days, large networks suffered from broadcast traffic and once the number of machines hit a critical mass, the number of broadcasts started to impact the performance of the network.
VLAN's are a way of splitting this broadcast traffic down into seperate broadcast domains (usually setting differing network segments in the process).
If you have VLAN 2 with subnet 10.10.10.0/24 and VLAN 4 with subnet 10.10.11.0/24 then this is fine and all broadcast traffic on VLAN 4 will not be seen by VLAN 2 and vica versa.
Right, so whats my point. VLAN 4 and VLAN 2 cannot see broadcast traffic (or unicast traffic) or infact any traffic for each other. i.e. VLAN 4 cannot see ANY traffic on VLAN 2 and vica versa.
If we have a machine in VLAN 2 wanting to talk to a machine in VLAN 4, it would generally know that its a different Network ID using the Subnet Mask and realise that the traffic needs to be sent to a router to get to the other subnet. Thats basically what happens, if a Layer 3 switch wasn't used, a "Router on a stick" would probably be used to route between the vLANS.
Now, if you had setup two VLAN's within the same Network Segment (no idea why one would do this ?) it is still possible for this to work by using Proxy ARP but not really advisable as you are loosing the benefits of the VLAN in the first place.
Hope it answers the question better ?
Cheers
Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
- ashok_nitc
- Offline
- Junior Member
Less
More
- Posts: 64
- Thank you received: 0
17 years 7 months ago #21156
by ashok_nitc
Replied by ashok_nitc on topic Re: ARP
hea its clear!
17 years 7 months ago #21176
by krik
I'm not sure about that...
If you have configured two subnets on the same segment, your devices will still use the normal ARP behavior. Devices in subnet1 wanting to communicate with devices in subnet2 will still do ARP request for their default gateway to reach subnet2.
Proxy ARP is used when a device believe that the destination is on the same subnet because of a wrong netmask. For example, you have two subnets connected to a router. Subnet1 is 10.10.10.0/24 and subnet2 is 10.10.11.0/24. But a device in subnet1 has a wrong netmask (let's say /16). When this device want to communicate with a device in subnet2, it will send an ARP request for the destination because it believe it's on the same segment... And here the router will perform proxy ARP by answering to the ARP request with its own MAC address.
Christophe Lemaire
www.exp-networks.be/blog/
Now, if you had setup two VLAN's within the same Network Segment (no idea why one would do this ?) it is still possible for this to work by using Proxy ARP but not really advisable as you are loosing the benefits of the VLAN in the first place.
I'm not sure about that...
If you have configured two subnets on the same segment, your devices will still use the normal ARP behavior. Devices in subnet1 wanting to communicate with devices in subnet2 will still do ARP request for their default gateway to reach subnet2.
Proxy ARP is used when a device believe that the destination is on the same subnet because of a wrong netmask. For example, you have two subnets connected to a router. Subnet1 is 10.10.10.0/24 and subnet2 is 10.10.11.0/24. But a device in subnet1 has a wrong netmask (let's say /16). When this device want to communicate with a device in subnet2, it will send an ARP request for the destination because it believe it's on the same segment... And here the router will perform proxy ARP by answering to the ARP request with its own MAC address.
Christophe Lemaire
www.exp-networks.be/blog/
Time to create page: 0.130 seconds