Lately I have been doing some research on the Address Resolution Protocol, and even though I know the idea behind it I still have some questions.
Q1: Are there more types of ARP messages that I am missing aside the following?:
- ARP Request
- ARP Reply
- Gratuitous ARP Request (ARP.Protocol_Source = ARP.Protocol_Target)
- Gratuitous ARP Reply (Reply without a Request)
- ARP Probe (ARP.Protocol_Source = 0.0.0.0)
Q2: Does ARP actually care about the Ethernet Header?
For as far as I know ARP doesn't really care about the Ethernet Header at all. It doesn't matter if you Unicast or Broadcast the Ethernet Header because ARP will still respond, and I wouldn't be surprised if the Ethernet.Source can be different from ARP.Hardware_Source too.
Q3: Which packets fill the ARP cache?
I always thought that ARP Requests and ARP Gratuitous Requests filled the ARP cache with , are there more packets that do this (Gratuitous ARP Replies?), and is it implementation dependent in some cases?
Q4: When are Gratuitous Replies and when Gratuitous Requests used?
If any official documentation could be quoted that would be extra helpful!
Best Answer
When in doubt, go to the source, RFC 826, An Ethernet Address Resolution Protocol
There are two type of ARP messages: REQUEST and REPLY.
The RFC specifies the ethernet header. An ARP request involves determining the ethernet address of the destination, so it uses the broadcast address since it doesn't know the unicast address. An ARP reply will know the ethernet address, so it will be a unicast.
The way the ARP cache works is OS-dependent, and there is nothing requiring a host to maintain an ARP cache.
The use of gratuitous ARP is not officially documented, but some hosts and OSes use it to do things like resolve address conflicts; Wireshark has a pretty good explanation (with examples): Gratuitous ARP