ARP跨Router運作

ARP要如何跨Router/NAT運作？

先簡單解釋一下ARP(address resolution protocol)

Need LAN address to send packet on last hop
     Requires mapping from IP to MAC addresses
ARP is a dynamic approach to learn mapping
    Node A sends broadcast query for IP address X
    Node B with IP address X replies with its MAC address M
    A caches (X, M); old information is timed out (~15 mins)
    Also: B caches A’s MAC and IP addresses, other nodes refresh

Ex. HostA(Mac:HA) want to send packet to HostB ip 10.10.10.77 , but dot not know HostB Mac address

HostA send ARP with broadcast --> HostB receive broadcast ARP and reply uni-cast(DA=HostA's MAC) ARP Reply


接下來是解釋如何跨Router(NAT)運作?


Host A                                 Router                                                                Server B
(192.168.1.10/MacA)   (Lan:192.168.1.1,Wan 10.10.10.1,MacR)            (10.10.10.77,MacB)

Host A要送封包到 Server B
1.Host A broadcast ARP Request問Server B ip 10.10.10.77的Mac
2.Router 收到後，收進Arp Proxy，查看arp table如果有就發ARP Reply uni-cast給 Host A， 回覆的Mac為MacR，如果沒有就發ARP request到10.10.10.77的interface去問，直到問到後，也是回ARP Reply帶MacR給Host A
3.Host A帶包 SA/DA(MacA,MacR),Sip/Dip(192.168.1.10/10.10.10.1)給Router
4.Router收到後做SNAT， 把Sip192.168.1.10 換成 10.10.10.1
5.接著進arp proxy把DA從MacR換成MacB
6.到routing module查表，得到10.10.10.1的interface，把SA從MacA換成MacR，丟進10.10.10.1的WAN port
6.Server B就會收到   SA/DA(MacA,MacR),Sip/Dip(192.168.1.10/10.10.10.1)