CIS 81 ARP Lab

Purpose

The purpose of this lab is to become familiar with the ARP protocol and the ARP command. Work in groups in order to discuss your questions and results. Feel free to come and discuss any of your thoughts with me.

Outcome

In an organized and professional manner, capture all output, answer all questions, and record and reflect on all results. All information must be typed.

Lab Percentage

This lab is worth 100 points.

Step 1 – Learning the ARP command

Open up a command/DOS window (get to the DOS prompt).

Record your:

  • IP address
  • Subnet mask
  • Default gateway

Type the command:

C:\> arp

View all of the options.

Type the command:

C:\> arp -a

1.1 What entries if any are in the ARP table?

1.2 Why are there entries or no entries?

Step 2 – ARP for a local host

Use a protocol analyzer such as Fluke’s Protocol Inspector or Ethereal to capture the following frames. Be sure to include all output in your lab report.

Ping: Use the ping command to ping one of the other computers on the network that is not currently in your ARP table.

ARP: View the ARP table again. You should now notice a new entry for the IP address that you just pinged.

2.1 Why might the first ping take longer than the rest?

Step 3 – Analyzing the results

Views the results captured using the protocol analyzer and do the following:

  • 3.1 For both the ARP request and ARP reply explain each field in the Ethernet frame and in the ARP packet.
  • 3.2 Explain why the ARP process needed to take place.
  • 3.3 Explain the reason why the ARP request is a broadcast and the ARP reply is a unicast.

Step 4 – ARP for a the default gateway

Use a protocol analyzer like Fluke’s Network Inspector or Ethereal to capture the following frames. Be sure to include all output in your lab report.

Use this command to delete all entries in your ARP table:

C:\> arp –d *

Verify that your ARP table is empty.

Ping: Use the ping command to ping a device outside of your network where the ping must be forwarded by the default gateway. You can use a URL instead of an actual IP address.

Step 5 – Analyzing the results

ARP: View the ARP table again. You should now notice an entry for the default gateway.

Views the results captured using the protocol analyzer and answer following questions:

  • 5.1 Explain why the ARP request was for the default gateway and not the IP address of the ping. How did the host decide this?

Step 6 – Odds and ends

6.1 What is the command to create a static ARP entry? Create a static ARP entry to another device on the local network. Show the commands and the outputs. What is the advantage of a static ARP entry?

6.2 How long does ARP entries stay in the ARP table? Is this dependent upon the Operating System?

6.3 Do routers have ARP tables? Do routers need to do ARP requests or ARP replies? Explain.

6.4 What are the advantages and disadvantages of ARP?

6.5 Explain why two hosts connected to the same switch or hub must have IP addresses that belong to the same subnet in order to communicate without using a router.

6.6 Does the host that issues the ARP reply store the other host’s IP address and MAC address (the sender of the ARP request) in its ARP table? How can you determine this using the protocol analyzer?

Sample Outputs