104 lines
3.7 KiB
Groff
104 lines
3.7 KiB
Groff
.Dd June 5, 2017
|
|
.Dt ARP 4
|
|
.Os
|
|
.Sh NAME
|
|
.Nm arp
|
|
.Nd address resolution protocol
|
|
.Sh SYNOPSIS
|
|
.In netinet/if_ether.h
|
|
.In netinet/in.h
|
|
.Sh DESCRIPTION
|
|
The Address Resolution Protocol (ARP) provides resolution of network layer
|
|
addresses to link layer addresses on the local network.
|
|
ARP requests asks for the link layer address of a network layer address and ARP
|
|
replies contains the link layer address of the requested network layer
|
|
address.
|
|
Requests are broadcast on the local network, while replies are unicast back to
|
|
the sending machine.
|
|
.Pp
|
|
The
|
|
.Xr kernel 7
|
|
uses the ARP to resolve Internet Protocol version 4 addresses
|
|
.Xr ( inet 4 )
|
|
to Ethernet addresses
|
|
.Xr ( ether 4 )
|
|
in order to transmit Internet Protocol version 4
|
|
.Xr ( ip 4 )
|
|
datagrams on Ethernet network interfaces
|
|
.Xr ( if 4 ) .
|
|
.Pp
|
|
The
|
|
.Xr kernel 7
|
|
maintains a cache of ARP replies for every network interface, which is actively
|
|
populated whenever there is a need to transmit to a network layer address, and
|
|
passively populated with the source addresses of ARP requests from other hosts.
|
|
Network layer datagrams are queued whenever a network layer address needs to
|
|
be resolved.
|
|
Queued datagrams are transmitted when the destination link layer address has
|
|
been resolved, or are discarded if the resolution times out.
|
|
.Sh IMPLEMENTATION NOTES
|
|
The transmission queue is limited to 16 packets for each network layer address.
|
|
.Pp
|
|
ARP requests are attempted three times, each attempt timing out after a second.
|
|
If each request fails, the cache entry is evicted.
|
|
.Pp
|
|
When an network address is resolved, its cache entry remains valid for 60
|
|
seconds.
|
|
Upon expiry, if the cache entry was unused, it is evicted.
|
|
Otherwise, its network address is renewed by resolving it again with three
|
|
attempts.
|
|
In the meanwhile, the entry cache continues to be used for routing.
|
|
If the renewal fails, the cache entry is evicted.
|
|
.Pp
|
|
The ARP cache can contain up to 256 entries.
|
|
If the cache is full,
|
|
the least recently used cache entry is evicted when a network address is resolved
|
|
that is not currently in the cache, and the source addresses from received ARP
|
|
messages are not passively added to the cache.
|
|
.Pp
|
|
The ARP cache uses a hash table with 256 entries, using a linked list in case
|
|
of hash collisions.
|
|
The hash is the bytewise xor (exclusive or) of every byte in the network
|
|
address.
|
|
This hash is perfect if the subnet contains no more than 256 addresses, and
|
|
degrades in quality for larger subnets, at worst needing to linearly scan the
|
|
whole ARP cache.
|
|
.Pp
|
|
The ARP cache is purged when the network interface's
|
|
.Xr ether 4
|
|
or
|
|
.Xr inet 4
|
|
configuration changes.
|
|
Packets in the ARP transmission queue are dropped.
|
|
.Sh SEE ALSO
|
|
.Xr ether 4 ,
|
|
.Xr if 4 ,
|
|
.Xr inet 4 ,
|
|
.Xr kernel 7
|
|
.Sh STANDARDS
|
|
.Rs
|
|
.%A D. Plummer
|
|
.%D November 1982
|
|
.%R STD 37
|
|
.%R RFC 826
|
|
.%T \&An Ethernet Address Resolution Protocol
|
|
.Re
|
|
.Sh BUGS
|
|
The ARP timeout is not configurable.
|
|
.Sh SECURITY CONSIDERATIONS
|
|
The source network layer and source link layer addresses of received ARP request
|
|
and replies are trusted.
|
|
If the router does not validate ARP messages on the network are consistent with
|
|
the DHCP leases, an attacker will be able to engage in an ARP spoofing attack
|
|
that would allow denial of service, man in the middle, and session hijacking
|
|
attacks.
|
|
.Pp
|
|
The cache is limited to 256 entries per interface and if the local subnet is
|
|
larger than 256 addresses, then if an attacker is capable of making the local
|
|
system concurrently transmit to 256 addresses on the local network not currently
|
|
in the ARP cache, then doing so would purge the whole transmission queue.
|
|
If the attacker can do this faster than the machines on the local network can
|
|
answer ARP requests, transmission service may be denied entirely, or at the
|
|
least be significantly degraded as the higher layers wait a little while before
|
|
they retransmit.
|