an ARP question and one more

kobem

hi everyone , i returned .

i ask a question related to ARP first , we have one host for example hostA
and another host for ex. hostB and between them a router exists
i want to send a packet from hostA but router (gateway i mean) doesn't know the MAC(hardware)address of hostB but knows its IP address (logical)

in this situation ARP broadcast is sent to the local things and from IP
address we find MAC address with ARP ok!

the thing i didn't solve is ,if we know the IP address of hostB , we
make our processes due to IP address , why do we have to convert IP
to MAC? (and ARP is for layer 3 ?)


second one about console cable of router
if we can telnet to remote devices easily , why do we use console cable
between PC and router and if we are not connected to any network?

sprkymrk

kobem wrote:

in this situation ARP broadcast is sent to the local things and from IP
address we find MAC address with ARP ok!

HostA won't even bother with an arp broadcast because it knows HostB is on a different subnet. The determination is made by examining it's own IP and mask, if it's on the same subnet it will arp, otherwise it will just send a unicast packet to it's default gateway. Remember an arp broadcast says "Who has 1.2.3.4, tell 1.2.3.5" (or whatever). It already knows the IP, now it wants the mac. It's not going to ask for the mac if HostB is known to be on another subnet. How it determines the IP address is dependant on the OS and configuration. For example, in a Windows network, it will usually check it's own cache (dns or netbios), then query either a WINS or DNS server, then check it's host/lmhost file, etc. Notice it's not even concerned about the mac address until it knows the IP address.

kobem

more comment please , i couldn't exactly understand.

sprkymrk

Arp is only used to find the mac of a computer on the same subnet.
If it has to cross a router or other network device it will never make an arp broadcast anyway.

kobem wrote:

the thing i didn't solve is ,if we know the IP address of hostB , we
make our processes due to IP address , why do we have to convert IP
to MAC? (and ARP is for layer 3 ?)

ARP is layer 2, not 3. Communication eventually comes down to the hardware address.

kobem

sorry but ARP is layer 3 , look at www.en.wikipedia.org and layer scheme
ARP is at layer 3

kobem

kobem wrote:

hi everyone , i returned .



the thing i didn't solve is ,if we know the IP address of hostB , we
make our processes due to IP address , why do we have to convert IP
to MAC? (and ARP is for layer 3 ?)


second one about console cable of router
if we can telnet to remote devices easily , why do we use console cable
between PC and router and if we are not connected to any network?

please answer directly these

EdTheLad

You could say arp works between layer 2 and 3, the network layer uses arp to find an mac address and the datalink layer encapsulates the arp frame.
Kobem, i will not answer your questions directly as that would be too easy, but how do you think IP can work on top of ethernet without ARP?Have you learned the OSI/TCP stack and about encapsulation layers? If IP runs on top of ethernet what do you imagine the encapsulation will be like and how are the address fields in the frame filled? How does ethernet work? How does one machine communicate with another?

sprkymrk

kobem wrote:

sorry but ARP is layer 3 , look at www.en.wikipedia.org and layer scheme
ARP is at layer 3

Hi kobem:

Your link only goes to the wikipedai main page, so I don't know what you are trying to reference.

Here is a link to Cisco's implementation of the OSI (it's a PDF document) that clearly shows arp at layer 2:
http://www.cisco.com/warp/public/535/tcpip_pc/fig_1.pdf

I won't disagree with ed on the idea that arp can work at both layers, but remember that switches are considered a layer 2 device, mac addresses (or BIA's - burned in addresses) are layer 2, etc. The router (layer 3) only gets involved if the mac address is not on the same subnet, and then the Host will send the arp (layer 2) request to the router who then forwards that request on to the remote network. Arp itself still operated at layer 2.

Also keep in mind that a host had to first know the IP Address (through some other name resolution protocol) before it can send the arp request, so it didn't use arp to determine the IP, it uses arp to map that IP to a mac address.

Here is another good reference from Cisco's site:
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/introint.htm

And here is an excerpt:

Address Resolution Protocol (ARP) is the method used in the TCP/IP suite. When a network device needs to send data to another device on the same network, it knows the source and destination network addresses for the data transfer. It must somehow map the destination address to a MAC address before forwarding the data. First, the sending station will check its ARP table to see if it has already discovered this destination station's MAC address. If it has not, it will send a broadcast on the network with the destination station's IP address contained in the broadcast. Every station on the network receives the broadcast and compares the embedded IP address to its own. Only the station with the matching IP address replies to the sending station with a packet containing the MAC address for the station. The first station then adds this information to its ARP table for future reference and proceeds to transfer the data.

When the destination device lies on a remote network, one beyond a router, the process is the same except that the sending station sends the ARP request for the MAC address of its default gateway. It then forwards the information to that device. The default gateway will then forward the information over whatever networks necessary to deliver the packet to the network on which the destination device resides. The router on the destination device's network then uses ARP to obtain the MAC of the actual destination device and delivers the packet.

Here is one more good reference:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios103/rpcg/78986.htm#xtocid8

kobem

same subnet means same network everytime?

loboernesto

A subnet is a subset of mayor network which will be defined by the subnet mask. For example the network 10.0.0.0 255.255.0.0 will give you 256 subnets, so 10.64.0.0 /16 is a subnet of the mayor network 10.0.0.0 /8.
So when you say that a host A is in the same subnet as host B it does mean in a way that they are in the same network but technically the term that should be used is subnet.

kobem

hey lobo can you tell me about arp ?
guyz answered to me and i also looked at books and some kind of
materials but still confusing.

ARP is in layer 3 i think if it maps IP to MAC .
if two hosts are in the same network do we use ARP ?

and important one for example 192.168.1.0/24 and 172.16.1.0/24
are these same subnets because of /24 ?

loboernesto

The answers you received previously are correct so what I'm going to write is the same but in different words to see if it is easier for you to understand.

and important one for example 192.168.1.0/24 and 172.16.1.0/24
are these same subnets because of /24 ?

first the easy one: the 192.168.1.0 /24 is a mayor network so there is not subnet there.
172.16.1.0 /24 is the first subnet of the 256 that you can get form a class B network and a subnet mask /24.
They have the same subnet mask yes, but they are not the same subnet.

regarding ARP... ARP is layer two, if you want to do well in the ccna exam you better trust cisco information rather than information from some other source.
have a look again at the graphic posted by sprkymrk:
http://www.cisco.com/warp/public/535/tcpip_pc/fig_1.pdf

now what ARP does is the next (for this example we have ethernet and IP as the layer two and layer three protocols used):
an ARP message is created with the next information (there's more in it but this is only what we want to know for now)
there's a field that determines if the message is a request or a reply and another one that defines what layer 2 and layer 3 protocols are being used and also the following fields containing:
Sender MAC address and IP address
Destination MAC address (it will be nothing when is a request message) and IP address

This message is encapsulated with a layer 2 header and trailer.
the header will have a source address (the sender hardware address, in this case the MAC) and a destination address (a layer two broadcast for an ARP request).
The packet is sent and every node receives it, every node takes the encapsulation off and looks at the ARP message but only the node matching the destination IP address in the ARP message will respond with an ARP reply message. you can now figure out what the ARP reply message will be: in short the field defining reply or request will be set to reply and the addresses will be swapped with the respective fields filled with the proper information.
this packet will be encapsulated again in a layer two header and trailer and this time the destination address won't be broadcast but unicast (based on the destination address found in the ARP reply message)directed to the node that initiated the ARP request

You can try to find a example of a ARP message to help you follow my explanation.

hope that helps, and please understand that english is not my native language!!.
cheers

kobem

thanks for your patience to me , i am trying to understand

last one , 192.168.1.0/26 221.168.1.0/26 same question ?

i asked this because they are both class C

loboernesto

if two hosts are in the same network do we use ARP ?

I missed that one:

ARP is used only with nodes in the same network, you can't use ARP to get the MAC of a host in another network, again another example that ARP layer 2. As you were explained before, if a host needs to communicate with a host in another network it will use its default gateway and won't care about the hardware address of the other host (the one in the different network). Every host in a network will fill a table called ARP cache with information contained in the ARP messages and every time a host needs to communicate with another host in the same network it will look at the ARP cache for the MAC address matching the IP destination address, if it doesn't find it in the ARP cache it will send an ARP request.
cheers.

dissolved

kobem wrote:

hi everyone , i returned .

i ask a question related to ARP first , we have one host for example hostA
and another host for ex. hostB and between them a router exists
i want to send a packet from hostA but router (gateway i mean) doesn't know the MAC(hardware)address of hostB but knows its IP address (logical)

in this situation ARP broadcast is sent to the local things and from IP
address we find MAC address with ARP ok!

the thing i didn't solve is ,if we know the IP address of hostB , we
make our processes due to IP address , why do we have to convert IP
to MAC? (and ARP is for layer 3 ?)


second one about console cable of router
if we can telnet to remote devices easily , why do we use console cable
between PC and router and if we are not connected to any network?

Here's your simple, direct answer:

Host A

---

ROUTER

---

ROUTER

---

Host B

When host A wants to send Host B, a packet...host A will do the following:

1. Perform an ARP request to get the MAC of it's gateway router
2. Send the packet to it's gateway router
The destination IP address will be HOST B, where the destination MAC address will be HOST A's gateway router


To answer your other question
We use a console cable to configure a router or other network device. Some people have security policies within their network, that permit them to use local access only (read: Not telnetting over the network). Hence why we use the console cable. The other reason is when the router is not on the network

kobem

dissolved wrote:

kobem wrote:

To answer your other question
We use a console cable to configure a router or other network device. Some people have security policies within their network, that permit them to use local access only (read: Not telnetting over the network). Hence why we use the console cable. The other reason is when the router is not on the network

do you mean restriction? so if am in Paris and trying to connect
hong kong and using a console cable here is this reasonable?

sprkymrk

kobem wrote:

dissolved wrote:

kobem wrote:

To answer your other question
We use a console cable to configure a router or other network device. Some people have security policies within their network, that permit them to use local access only (read: Not telnetting over the network). Hence why we use the console cable. The other reason is when the router is not on the network

do you mean restriction? so if am in Paris and trying to connect
hong kong and using a console cable here is this reasonable?

No, a console cable is called a console cable because it assumes you are there locally at the "console". A little decieveing since a router doesn't really have a console like a monitor, but either way it assumes local/physical access directly to the router. It's useful for configuring a router offline, before you place it in production, for one example.

kobem

so , if i want to reach a router remotely , i don't use
a console cable, i will telnet

sprkymrk

kobem wrote:

so , if i want to reach a router remotely , i don't use
a console cable, i will telnet

Correct. Telnet or SSH.

Danman32

I suppose it is called a console cable to connect a console, typically a PC, to the router, since the router doesn't have its own console.
In olden days, there were things called dumb terminals. They had no real intelligence, they could only display what they received on their serial port, and output to their serial port what was typed on their keyboard. Such a device could be connected to the console port of a Cisco router. Nowadays, that dumb terminal is emulated by a PC.

Why a console port? As stated for potential security, if telnet is restricted to the router. However, suppose the router config is wrong, corrupt or even unknown? Without the console cable, how could you telnet to the router to reconfigure it? With the console cable, one can reconfigure the router, reset to factory defaults, or fix corruptions that prevent it from fully booting.