Using your original diagram:
When Computer A tries to communicate with Computer C, the following steps resolve Router 1's software-assigned address to its hardware-assigned media access control address:
Based on the contents of the routing table on Computer A, IP determines that the forwarding IP address to be used to reach Computer C is through Router 1, the IP address of its default gateway. Host A then checks its own local ARP cache for a matching hardware address for Router 1.
If Computer A finds no mapping in the cache, it broadcasts an ARP request frame to all hosts on the local network with the question "What is the hardware address for Router 1?" Both hardware and software addresses for the source, Host A, are included in the ARP request.
Each host on the local network receives the ARP request and checks for a match to its own IP address. If a host does not find a match, it discards the ARP request.
Router 1 determines that the IP address in the ARP request matches its own IP address and adds a hardware/software address mapping for Host A to its local ARP cache.
Router 1 then sends an ARP reply message containing its hardware address directly back to Host A.
When Host A receives the ARP reply message from the router, it updates its ARP cache with a hardware/software address mapping for Router 1.
Once the media access control address for Router interface 1 has been determined, Host A can send IP traffic to Router 1 by addressing it to the Router interface 1 media access control address. The router then forwards the traffic to Host C through the same ARP process as discussed in this section.
This was updated from a Microsoft Technet article to match your example. Another reference with a good example is Juniper networks description.
In a nutshell Host A when communicating with external IP addresses/hosts will look to its default gateway for external IP resolution and assume traffic to Host C will be forwarded by this gateway.
You're almost 100% correct. Slight corrections bolded below:
- HostE will send an ARP Request with a target address of Router2's IP address. The destination MAC address of the ARP packet will be
ffff.ffff.ffff, which would indeed make it a broadcast. Router2 responds unicst with its MAC address, and HostE generates the packet with a Source and Destination IP of 192.168.3.1 and 192.168.1.1, and a Source and Destination MAC of 7777.7777.7777 and 8888.8888.8888 (respectively).
- Router 2 will receive the packet, and consult its Route Table to determine the Next Hop for the 192.168.1.0/24. If Router2 doesn't already know Router1's MAC address, it will issue a broadcast ARP Request for it. Once it learns it, it will then forward the packet leaving the Source/Destination IP unchanged, and encapsulating the IP packet with a Layer 2 header with a Source and Destination MAC of 5555.5555.5555 and 3333.3333.3333.
- Router1 receives the packet and consults its Route Table to determine the destination Network is directly connected. Router1 sends a Broadcast ARP Request for the IP 192.168.1.1 to learn HostA's MAC address, and then finally forward the packet to the final destination.
And to answer your last question. Whether HostE gets its address from DHCP or not, the process flow would appear as above if HostE did not have an entry in its ARP Cache for Router2's MAC address.
IF, Router2 was the DHCP Server (which it doesn't have to be). And Router2 just assigned HostE its address. Then theoretically, HostE would know Router2's MAC address. But ARP entries don't last forward, particularly on clients. For example, my Windows 7 laptop keeps ARP entries for only 34.5 seconds (see below).
So even if Router2 was the DHCP server, and gave HostE its IP address, sooner or later HostE's ARP cache would time out, and it would have to run the broadcast ARP request all over again, just like if HostE had always only had a static IP assigned.
C:\Users\eddie>netsh interface ipv4 show interfaces 20
Interface Local Area Connection Parameters
----------------------------------------------
IfLuid : ethernet_11
IfIndex : 20
State : connected
Metric : 20
Link MTU : 1500 bytes
Reachable Time : 34500 ms <-----
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 3
Site Prefix Length : 64
Site Id : 1
Forwarding : disabled
Advertising : disabled
Neighbor Discovery : enabled
Neighbor Unreachability Detection : enabled
Router Discovery : dhcp
Managed Address Configuration : enabled
Other Stateful Configuration : enabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabled
Best Answer
I am assuming you're using "bridge-mode" for networking (your internal, virtual adapter is bridged to your host's physical adapter).
In any case (unless you explicitlly manually set them to the same address, which causes a lot of other problems), your guest (WinXP) machine will have a different MAC address than your host (CentOS). Due to bridge-mode, your host acts as an ethernet switch, and forwards packets to the guest.
So when an ARP broadcast comes, your host gets the packet and also forwards it to your guest machine. When packets for your host come, they are processed by your host's network stack. When packets for your guest come, the host forwards them to your guest, which then processes them as needed.