#免費ARP解析
R1(config)#int e1/1
R1(config-if)#ip addr 192.168.1.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#end
Frame 8: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:05:11 (aa:bb:cc:00:05:11), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Address: Broadcast (ff:ff:ff:ff:ff:ff)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default) #全球標識
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
# IG位判斷是否接收,IG=1bit 爲組播/廣播;廣播則接收,單播比較接口mac
Source: aa:bb:cc:00:05:11 (aa:bb:cc:00:05:11)
Address: aa:bb:cc:00:05:11 (aa:bb:cc:00:05:11)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast) # IG=0bit 爲單播
Type: ARP (0x0806) # ARP協議接收數據包
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (reply/gratuitous ARP) # ARP協議 處理數據包
Hardware type: Ethernet (1)
Protocol type: IPv4 (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: reply (2)
[Is gratuitous: True] # Is gratuitous: True 爲免費ARP
Sender MAC address: aa:bb:cc:00:05:11 (aa:bb:cc:00:05:11)
Sender IP address: 192.168.1.1
Target MAC address: Broadcast (ff:ff:ff:ff:ff:ff)
Target IP address: 192.168.1.1
#免費ARP的報文發,用於查找自己的IP地址,只希望是起宣告作用;如果收到迴應,則證明對方也使用自 #己目前使用的IP地址。
# ping命令解析
R1#debug arp
ARP packet debugging is on
R1#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
*Aug 22 14:15:21.518: IP ARP: creating incomplete entry for IP address: 192.168.1.2 interface Ethernet1/1
*Aug 22 14:15:21.518: IP ARP: sent req src 192.168.1.1 aabb.cc00.0111,
dst 192.168.1.2 0000.0000.0000 Ethernet1/1 # 目的mac 地址標記爲 0000.0000.0000
*Aug 22 14:15:21.523: IP ARP: rcvd rep src 192.168.1.2 aabb.cc00.0211, dst 192.168.1.1 Ethernet1/1.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 3/5/7 ms
#wireshake抓包
# 1、查路由表,存在直連路由,則進行封裝;若無路由表,則丟棄
R1#sh ip route 192.168.1.2
Routing entry for 192.168.1.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via Ethernet1/1
Route metric is 0, traffic share count is 1
# 2、封裝
# 三層封裝:ICMP request請求 source ip address 爲出接口地址爲源地址(路由表決定); destination ip address: 192.168.12.2
# 二層封裝:source MAC aa:bb:cc:00:01:11,destination MAC(00.00.00.00.00.00),arp encapsulation失敗R1
# 3、ARP請求
# 有ARP表項,則轉發;
# 否則,創建arp imcomplete,然後arp request-B請求;
#sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.1.1 - aabb.cc00.0111 ARPA Ethernet1/1
#沒有arp表項,則創建arp imcomplete,然後broadcast arp request請求;
Frame 13: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Address: Broadcast (ff:ff:ff:ff:ff:ff)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
Source: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
Address: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
Hardware type: Ethernet (1)
Protocol type: IPv4 (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (1)
Sender MAC address: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
Sender IP address: 192.168.1.1
Target MAC address: 00:00:00_00:00:00 (00:00:00:00:00:00) #目的Mac 00:00:00:00:00:00
Target IP address: 192.168.1.2
# 192.168.1.2收到請求後,unicast響應攜帶mac地址 aa:bb:cc:00:02:11
Frame 14: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:02:11 (aa:bb:cc:00:02:11), Dst: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
Destination: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
Address: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: aa:bb:cc:00:02:11 (aa:bb:cc:00:02:11)
Address: aa:bb:cc:00:02:11 (aa:bb:cc:00:02:11)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (reply)
Hardware type: Ethernet (1)
Protocol type: IPv4 (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: reply (2)
Sender MAC address: aa:bb:cc:00:02:11 (aa:bb:cc:00:02:11) # 目的mac地址 aa:bb:cc:00:02:11
Sender IP address: 192.168.1.2
Target MAC address: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
Target IP address: 192.168.1.1
# 有ARP表項後,正常轉發
R1#sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.1.1 - aabb.cc00.0111 ARPA Ethernet1/1
Internet 192.168.1.2 21 aabb.cc00.0211 ARPA Ethernet1/1
Frame 15: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11), Dst: aa:bb:cc:00:02:11 (aa:bb:cc:00:02:11)
Destination: aa:bb:cc:00:02:11 (aa:bb:cc:00:02:11)
Address: aa:bb:cc:00:02:11 (aa:bb:cc:00:02:11)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
Address: aa:bb:cc:00:01:11 (aa:bb:cc:00:01:11)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 192.168.1.1, Dst: 192.168.1.2
Internet Control Message Protocol