Network stations using the IP protocol need both a physical address and an IP address to transmit a packet. In situations where the station knows only the network host IP address, the network station uses Address Resolution Protocol (ARP) to determine the physical address for a network host by binding a 32-bit IP address to a 48-bit MAC address. A network station can use ARP across a single network only, and the network hardware must support physical broadcasts.
The network station uses ARP to determine the host physical address as follows:
The network station broadcasts a special packet, called an ARP request, that asks the host at the specified IP address to respond with its physical address.
All network hosts receive the broadcast request.
Only the specified host responds with its hardware address.
The network station then maps the host IP address to its physical address and saves the results in an address-resolution cache for future use.
The network station ARP table displays the associations of the known MAC address to IP address.
You can create ARP entries, and you can delete individual ARP entries.
The switch accepts and processes ARP traffic, spanning tree bridge packet data units (BPDU), and Topology Discovery Protocol packets on port-based VLANs with the default port action of drop. If a filter port action is drop for a packet, ARP packets are also dropped. As a result, ARP entries on that port are cleared and are not relearned when the ARP aging timer expires.
To prevent dropped ARP packets, configure the following options:
A user-defined protocol-based VLAN for ARP EtherType (byprotocol usrDefined 0x0806).
Ports as static members to this VLAN with the default port action of drop.
The port default VLAN ID to the correct port-based VLAN where the ARPs are processed.
You do not need to make configuration changes for the BPDU and Topology Discovery Protocol packets.
Only one user-defined protocol-based VLAN for ARP is allowed for each Spanning Tree Group (STG). If the ports with the default port action of drop are in different STGs, you must create additional user-defined protocol-based VLANs.
A network station uses proxy ARP to respond to an ARP request from a locally attached host or end station for a remote destination. The network station sends an ARP response back to the local host with its own MAC address of the network station interface for the subnet on which the ARP request was received. The reply is generated only if the device has an active route to the destination network.
The following figure shows an example of proxy ARP operation. In this example, the system displays host C with mask 24 to be locally attached to host B with mask 16, so host B sends an ARP request for host C. However, the switch is between the two hosts. To enable communication between the two hosts, the switch responds to the ARP request with the IP address of host C but with its own MAC address.
To prevent cases of ARP looping, configure the ARP loop detection flag to detect this situation. When a loop is detected, the port is shut down.
For administrative or troubleshooting purposes, sometimes you must flush the routing tables. Flush routing tables either by VLAN or by port. In a VLAN context, all entries associated with the VLAN are flushed. In a port context, all entries associated with the port are flushed.