- Table of Contents
-
- H3C S3600 Series Ethernet Switches Operation Manual-Release 1510(V1.04)
- 00-1Cover
- 00-2Product Overview
- 01-CLI Operation
- 02-Login Operation
- 03-Configuration File Management Operation
- 04-VLAN Operation
- 05-IP Address and Performance Configuration Operation
- 06-Management VLAN Operation
- 07-Voice VLAN Operation
- 08-GVRP Operation
- 09-Port Basic Configuration Operation
- 10-Link Aggregation Operation
- 11-Port Isolation Operation
- 12-Port Security-Port Binding Operation
- 13-DLDP Operation
- 14-MAC Address Table Operation
- 15-Auto Detect Operation
- 16-MSTP Operation
- 17-Routing Protocol Operation
- 18-Multicast Operation
- 19-802.1x Operation
- 20-AAA-RADIUS-HWTACACS-EAD Operation
- 21-VRRP Operation
- 22-Centralized MAC Address Authentication Operation
- 23-ARP Operation
- 24-DHCP Operation
- 25-ACL Operation
- 26-QoS-QoS Profile Operation
- 27-Web Cache Redirection Operation
- 28-Mirroring Operation
- 29-IRF Fabric Operation
- 30-Cluster Operation
- 31-PoE-PoE Profile Operation
- 32-UDP Helper Operation
- 33-SNMP-RMON Operation
- 34-NTP Operation
- 35-SSH Terminal Service Operation
- 36-File System Management Operation
- 37-FTP and TFTP Operation
- 38-Information Center Operation
- 39-System Maintenance and Debugging Operation
- 40-VLAN-VPN Operation
- 41-HWPing Operation
- 42-DNS Operation
- 43-Access Management Operation
- 44-Appendix
- Related Documents
-
Title | Size | Download |
---|---|---|
23-ARP Operation | 337 KB |
Table of Contents
1.1.1 Necessity of the Address Resolution
1.1.4 ARP Implementation Procedure
1.1.5 Introduction to Gratuitous ARP
1.2.1 Adding a Static ARP Mapping Entry Manually
1.2.2 Configuring the ARP Aging Timer for Dynamic ARP Entries
1.2.3 Enabling the ARP Entry Checking Function
1.3 Gratuitous ARP Packet Configuration
1.3.1 Configuring Sending of Gratuitous ARP Packets
1.3.2 Configuring the Gratuitous ARP packet Learning Function
1.4 Displaying and Debugging ARP
Chapter 2 Resilient ARP Configuration
2.1 Introduction to Resilient ARP
2.2 Resilient ARP Configuration
2.4 Resilient ARP Configuration Example
Chapter 1 ARP Configuration
1.1 Introduction to ARP
Address resolution protocol (ARP) is used to map IP addresses to the corresponding MAC addresses so that packets can be delivered to their destinations correctly.
1.1.1 Necessity of the Address Resolution
After a packet is forwarded to the destination network, MAC address is necessary for the packet to reach the very device. So the destination IP address carried in a packet need to be translated into the corresponding MAC address.
1.1.2 ARP Packet Structure
ARP packets are classified as ARP request packets and ARP reply packets. Figure 1-1 illustrates the structure of these two types of ARP packets.
l As for an ARP request packet, all the fields except the hardware address of the receiver field are set. The hardware address of the receiver is what the sender request for.
l As for an ARP reply packets, all the fields are set.
Figure 1-1 Structure of an ARP request/reply packet
Table 1-1 describes the fields of an ARP packet.
Table 1-1 Description on the fields of an ARP packet
Field |
Description |
Hardware Type |
Identifies the type of the hardware interface. Refer to Table 1-2 for the information about the field values. |
Protocol type |
Type of protocol address to be mapped. 0x0800 indicates an IP address. |
Length of the hardware address |
Hardware address length (in bytes) |
Length of protocol address |
Protocol address length (in bytes) |
Operator |
Indicates the type of a data packets, which can be: l 1: ARP request packets l 2: ARP reply packets l 3: RARP request packets l 4: RARP reply packets |
Hardware address of the sender |
Hardware address of the sender |
IP address of the sender |
IP address of the sender |
Hardware address of the receiver |
l For an ARP request packet, this field is null. l For an ARP reply packet, this field carries the hardware address of the receiver. |
IP address of the receiver |
IP address of the receiver |
Table 1-2 Description on the values of the hardware type field
Value |
Description |
1 |
Ethernet |
2 |
Experimental Ethernet |
3 |
X.25 |
4 |
Proteon ProNET (Token Ring) |
5 |
Chaos |
6 |
IEEE802.X |
7 |
ARC network |
1.1.3 ARP Table
In an Ethernet, the MAC addresses of two hosts must be available for the two hosts to communicate with each other. Each host in an Ethernet maintains an ARP mapping table, where the latest used IP address-to-MAC address mapping entries are stored. Note that this manual only introduces the basic implementation of the mapping table. Different products of different manufactures may provide more information about the mapping table. S3600 series Ethernet switches provide the display arp command to display the information about ARP mapping entries. Figure 1-2 shows the structure of an ARP mapping table.
Figure 1-2 An ARP mapping table
Table 1-3 describes the APR mapping table fields.
Table 1-3 Description on the fields of an ARP table
Field |
Description |
IF index |
Index of the physical interface/port on the device owning the physical address and IP address contained in the entry |
Physical address |
Physical address of the device, that is, the MAC address |
IP address |
IP address of the device |
Type |
Entry type, which can be: l 1: An entry falling out of the following three cases l 2: Invalid entry l 3: Dynamic entry l 4: Static entry |
1.1.4 ARP Implementation Procedure
The ARP mapping table of a host is empty when the host is just started up. And when a dynamic ARP mapping entry is not in use for a specified period of time, it is removed from the ARP mapping table so as to save the memory space and shorten the interval for the switch to look up entries in the ARP mapping table. For details, refer to Figure 1-3.
l Suppose there are two hosts on the same network segment: Host A and Host B. The IP address of Host A is IP_A and that of Host B is IP_B. To send a packet to Host B, Host A checks its own ARP mapping table first to see if the ARP entry corresponding to IP_B exists. If yes, Host A encapsulates the IP packet into a frame with the MAC address of Host B inserted to it and sends it to Host B.
l If the corresponding MAC address is not found in the ARP mapping table, Host A adds the packet in the transmission queue, creates an ARP request packet and broadcasts it throughout the Ethernet. As mentioned earlier, the ARP request packet contains the IP address of Host B, the IP address of Host A, and the MAC address of Host A. Since the ARP request packet is broadcasted, all hosts on the network segment can receive it. However, only the requested host (namely, Host B) processes the request.
l Host B saves the IP address and the MAC address carried in the request packet (that is, the IP address and the MAC address of the sender, Host A) to its ARP mapping table and then sends back an ARP reply packet to the sender (Host A), with its MAC address carried in the packet. Note that the ARP reply packet is a unicast packet instead of a broadcasted packet.
l Upon receiving the ARP reply packet, Host A extracts the IP address and the corresponding MAC address of Host B from the packet, adds them to its ARP mapping table, and then transmits all the packets in the queue with their destination being Host B.
Normally, a device automatically triggers the ARP calculation in the IP addressing process.
1.1.5 Introduction to Gratuitous ARP
The following are the characteristics of gratuitous ARP packets:
l Both source and destination IP addresses carried in a gratuitous ARP packet are the local addresses, and the source MAC address carried in it is the local MAC addresses.
l If a device finds that the IP addresses carried in a received gratuitous packet conflict with those of its own, it returns an ARP response to the sending device to notify of the IP address conflict.
By sending gratuitous ARP packets, a network device can:
l Determine whether or not IP address conflicts exist between it and other network devices.
l Trigger other network devices to update its hardware address stored in their caches.
The gratuitous ARP packet learning function:
When the gratuitous ARP packet learning function is enabled on a switch and the switch receives a gratuitous ARP packet, the switch updates the existing ARP entry (contained in the cache of the switch) that matches the received gratuitous ARP packet using the hardware address of the sender carried in the gratuitous ARP packet. A switch operates like this whenever it receives a gratuitous ARP packet.
1.2 ARP Configuration
ARP entries in an S3600 series Ethernet switch can either be static entries or dynamic entries, as described in Table 1-4.
ARP entry |
Generation Method |
Maintenance Mode |
Static ARP entry |
Manually configured |
Manual maintenance |
Dynamic ARP entry |
Dynamically generated |
ARP entries of this type age with time. The aging period is set by the ARP aging timer. |
1.2.1 Adding a Static ARP Mapping Entry Manually
Table 1-5 Add a static ARP mapping entry manually
Operation |
Command |
Description |
Enter system view |
system-view |
— |
Add a static ARP mapping entry manually |
arp static ip-address mac-address [ vlan-id interface-type interface-number ] |
Required By default, the ARP mapping table is empty, and the address mapping entries are created dynamically by ARP. |
Caution:
l Static ARP mapping entries are valid as long as the Ethernet switch operates. But some operations, which make the ARP entries invalid, result in ARP entries being removed, such as changing/removing a VLAN interface, removing a VLAN, or removing a port from a VLAN.
l As for the arp static command, the value of the vlan-id argument must be the ID of an existing VLAN, and the port identified by the interface-type and interface-number arguments must belong to the VLAN.
l Currently, static ARP mapping entries cannot be configured on aggregation ports.
1.2.2 Configuring the ARP Aging Timer for Dynamic ARP Entries
The ARP aging timer applies to all dynamic ARP mapping entries.
Table 1-6 Configure the ARP aging timer for dynamic ARP entries
Operation |
Command |
Description |
Enter system view |
system-view |
— |
Configure the ARP aging timer |
arp timer aging aging-time |
Optional By default, the ARP aging timer is set to 20 minutes. |
1.2.3 Enabling the ARP Entry Checking Function
When multiple hosts share one multicast MAC address, you can specify whether or not to create ARP entries for the multicast MAC address by performing the operations listed in Table 1-7.
Table 1-7 Enable the ARP entry checking function
Operation |
Command |
Description |
Enter system view |
system-view |
— |
Enable the ARP entry checking function (that is, disable the switch from creating ARP entries for multicast MAC addresses) |
arp check enable |
Optional By default, the ARP entry checking function is enabled. |
1.3 Gratuitous ARP Packet Configuration
1.3.1 Configuring Sending of Gratuitous ARP Packets
Sending of gratuitous ARP packets is enabled as long as an S3600 series switch operates. And no command is needed for this function.
1.3.2 Configuring the Gratuitous ARP packet Learning Function
Table 1-8 lists the operations to configure the gratuitous ARP packet learning function.
Table 1-8 Configure the gratuitous ARP packet learning function
Command |
Description |
|
Enter system view |
system-view |
— |
Enable the gratuitous ARP packet learning function |
gratuitous-arp-learning enable |
Required By default, the gratuitous ARP packet learning function is enabled. |
1.4 Displaying and Debugging ARP
After the above configuration, you can execute the display command in any view to display the running of the ARP configuration, and to verify the effect of the configuration.
You can execute the reset command in user view to clear ARP mapping entries.
Table 1-9 Display and debug ARP
Operation |
Command |
Description |
Display specific ARP mapping table entries |
display arp [ static | dynamic | ip-address ] |
These commands can be executed in any view. |
Display the ARP mapping entries related to a specified string in a specified way |
display arp [ dynamic | static | { begin | include | exclude } text |
|
Display the number of the ARP mapping entries of a specified type |
display arp count [ [ dynamic | static ] [ | { begin | include | exclude } text ] | ip-address ] |
|
Display the setting of the ARP aging timer |
display arp timer aging |
|
Clear specific ARP mapping entries |
reset arp [ dynamic | static | interface interface-type interface-number ] |
Execute this command in user view. |
Chapter 2 Resilient ARP Configuration
2.1 Introduction to Resilient ARP
In intelligent resilient framework (IRF) network application, normally you need to connect redundancy links between the fabric and other devices to support the resilient network. But if the connections inside the fabric break off, the fabric splits. In this case, the redundancy link may connect with two or more Layer 3 devices with the same configurations in the same network. Thus these devices operate the same routing function. Adopting the Resilient ARP function can avoid this. Resilient ARP can find whether there are the same Layer 3 devices in the network. If so, it keeps one device as the Layer 3 device, and changes the other devices to be the Layer 2 devices.
The state machine of Resilient ARP has six states which are Initialize, LisentForL3Master, L3Master, L3slave, L2Master, and L2slave. L3Master sends Resilient ARP packets periodically to notify other fabrics that the local fabric is in the Layer 3 state.
Resilient ARP implements the system state switching by sending/receiving Resilient ARP packets periodically, so as to determine a device to work as a Layer 3 device or a Layer 2 device.
2.2 Resilient ARP Configuration
Resilient ARP configuration includes:
l Enable/disable the Resilient ARP function.
When Resilient ARP function is enabled, the system can deal with the devices according to the current state. When the connections inside a fabric break off, Resilient ARP can send Resilient ARP packets through the VLAN interface where the redundancy link resides, so as to determine a device to work as a Layer 3 device or as a Layer 2 device.
l Configure the VLAN interface through which Resilient packets are sent.
You can use the following commands to configure the VLAN interface through which Resilient packets are sent. When no VLAN interface is specified, Resilient packets are sent through the default VLAN interface.
Table 2-1 Configure the Resilient ARP function
Operation |
Command |
Description |
Enter system view |
system-view |
— |
Enable the Resilient ARP function |
resilient-arp enable |
Required By default, the Resilient ARP function is enabled. |
Configure the VLAN interface through which Resilient packets are sent |
resilient-arp interface vlan-interface vlan-id |
Optional By default, Resilient ARP packets are sent through the interface of VLAN 1(VLAN-interface1). |
Note that the above configuration specifies the VLAN interface through which Resilient packets are sent, whereas all the VLAN interfaces can receive Resilient ARP packets.
2.3 Displaying Resilient ARP
After the above configuration, you can use the display command in any view to display the operation status, and verify the configuration effect through the displayed information.
Table 2-2 Display Resilient ARP
Operation |
Command |
Description |
Display information about the Resilient ARP state |
display resilient-arp [ unit unit-id ] |
The display command can be executed in any view |
2.4 Resilient ARP Configuration Example
I. Network requirements
There are four units in an IRF network: unit 1 to unit 4. Unit 1 and unit 3 connect to another switch (Switch) through link aggregation. If the connection between unit 1 and unit 3 and the connection between unit 2 and unit 4 break off, there will be two Layer 3 switches with the same configuration in the network. In this case, problems occur in packets forwarding between the fabric and the Switch. You can enable the Resilient ARP function for the fabric to avoid the problems. For security concerns, you need to enable MD5 authentication function. The ports through which unit 3 and unit 4 connect to the Switch belong to VLAN 2.
II. Network diagram
Figure 2-1 Network diagram for Resilient ARP
III. Configuration procedure
# Enable the Resilient ARP function.
<H3C> system-view
[H3C] resilient-arp enable
# Configure the Resilient ARP packets to be sent through the VLAN-interface2.
[H3C] resilient-arp interface Vlan-interface 2