EasyManua.ls Logo

D-Link DES-3028 - Arp Packet Content Acl

D-Link DES-3028
358 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Switch CLI Reference Manual
344
Appendix B
ARP PACKET CONTENT ACL
Address Resolution Protocol (ARP) is the standard method for finding a host's hardware address (MAC address) when only its IP
address is known. This protocol is vulnerable so hackers can spoof the IP and MAC information in the ARP packets to attack a
LAN (known as ARP spoofing). This document is intended to introduce ARP protocol, ARP spoofing attacks, and the
countermeasure devised by D-Link to put an end to ARP spoofing attacks.
How Address Resolution Protocol works
In the process of ARP, PC A will, firstly, issue an ARP request to query PC B’s MAC address. The network structure is shown in
Figure-1.
Figure – 1
In the mean time, PC A’s MAC address will be written into the “Sender H/W Address” and its IP address will be written into the
“Sender Protocol Address” in ARP payload. As PC B’s MAC address is unknown, the “Target H/W Address” will be “00-00-00-
00-00-00” while PC B’s IP address will be written into the “Target Protocol Address”, shown in Table-1.
H/W
type
Protocol
type
H/W
address
length
Protocol
address
length
Operation
ARP request
Sender
H/W address
00-20-5C-01-11-11
Sender
protocol
address
10.10.10.1
Target
H/W address
00-00-00-00-00-00
Target
protocol
address
10.10.10.2
Table – 1 (ARP Payload)
The ARP request will be encapsulated into the Ethernet frame and sent out. As can be seen in Table-2, the “Source Address” in
the Ethernet frame will be PC A’s MAC address. Since the ARP request is sent via a broadcast method, the “Destination address”
is in the format of Ethernet broadcast (FF-FF-FF-FF-FF-FF).
Destination
address
FF-FF-FF-FF-FF-FF
Source address
00-20-5C-01-11-11
Ether-type ARP FCS
Table – 2 (Ethernet frame format)
When the switch receives the frame, it will check the “Source Address” in the Ethernet frame’s header. If the address is not in its
Forwarding Table, the switch will learn PC A’s MAC and the associated port and enter them in its Forwarding Table.
Port 4
Sender
Port 2
Port 1
Port 3
D
C
00-20-5C-01-33-33
10.10.10.3
00-20-5C-01-44-44
10.10.10.4
00-20-5C-01-11-11
10.10.10.1
00-20-5C-01-22-22
10.10.10.2
B
A
Target

Table of Contents

Other manuals for D-Link DES-3028

Preview: User Manual
User Manual333 pages
Preview: Specifications
Specifications4 pages

Related product manuals