Solved

static arp entries

Posted on 2011-09-06
10
974 Views
Last Modified: 2012-06-21
I have seen some scenarios where administrator add static Mac address and IP address.
I wonder in which case this is supposed to be done.

Thanks
0
Comment
Question by:jskfan
10 Comments
 
LVL 76

Assisted Solution

by:arnold
arnold earned 83 total points
ID: 36489693
When an IP can only be brought up by a specific system.
It also depends on where the entry is made.  Within DHCP server, this sets up the IP reservation i.e. when the system with the MAC address requests an IP it will always be assigned a specific IP (static IP by assignment).

0
 
LVL 18

Assisted Solution

by:Don S.
Don S. earned 83 total points
ID: 36489958
Typically, this is only done as temporary measure when setting up some network appliences (NAS boxes, APC network monitor cards, etc..)  Once the applience is contacted and configured, the ARP entry is no longer needed.  Setting a statis ARP entry in your computer allows you to directly connect to an IP address that is not in your local subnet but is connected to your LAN.
0
 
LVL 16

Assisted Solution

by:vivigatt
vivigatt earned 334 total points
ID: 36494857
For instance, let's assume that you have a NAS appliance that comes out of the box with IP address 192.168.1.1, but you can't use this IP address on your own network segments.
Let's assume that you can use only 192.168.0.x addresses.
In order to connect to the web interface of the NAS appliance and to change its IP address, you would then have to make things so that your own computer thinks that the NAS' IP address is 192.168.0.42 (for instance).
To do so, you would create a static ARP entry. You need the NAS MAC (Ethernet) address. Fortunately, it is usually available to you on a sticker or on the box. If not, there are other ways to find it, but let's assume that you have it and that it is 00:11:22:33:44:55

So on your computer, you open a command prompt. I will assume you run an instance of Windows but the commands are available to other OSes too, maybe with a different syntax.

And you anter the following:

arp -s 192.168.0.42 00:11:22:33:44:55

Now you can open your browser and connect to http://192.168.0.42

And you have an access to the NAS web interface. The first thing you would do would be to change this NAS IP configuration.
Then you would remove the static ARP entry (arp -d 192.168.0.42) , and Voila
0
 
LVL 16

Assisted Solution

by:vivigatt
vivigatt earned 334 total points
ID: 36494918
Ooops, sorry, the syntax for EThernet addresses in Windows uses dashes - not colons :, so the command should be:
arp -s 192.168.0.42 00-11-22-33-44-55
0
 

Author Comment

by:jskfan
ID: 36499451
if our PC is in one side of Router1 and the NAS box you mentioned is in the other side of Router 2 would this command work:

arp -s 192.168.0.42 00-11-22-33-44-55

without configuring both routers to route the different subnets between each other ???
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 16

Accepted Solution

by:
vivigatt earned 334 total points
ID: 36499559
nope.

ARP means resolution of MAC addresses (like if the the A in ARP, was for MAC address).
If a device needs to send a packet to an address which is not on the same subnet, the TCP/IP protocol is made so that said device will send the packet to the router/gateway. Then, the ARP protocol will be used to find the router/gateway MAC address.
But you will not avoid configuring some kind of routing if you have 2 different subnets and you want devices in each subnet to be able to talk to some devices on the other subnet.

The scenario I described is really the only one I can think about when you actually would need to add a static ARP entry.

Maybe you can check wikipedia article:
http://en.wikipedia.org/wiki/Address_Resolution_Protocol
and maybe this article too:
http://www.petri.co.il/csc_arp_cache.htm
0
 

Author Comment

by:jskfan
ID: 36499710
Sorry for being persistent...

if a Gateway(Router) has a MAC address:
 00-11-22-33-44-55
Most probably has the relevant IP address too:
192.168.0.42

if My PC can communicate with the Gateway(Router) then I don't think I need to use this command:
arp -s 192.168.0.42

It's kind of I still don't understand when this command(arp -s 192.168.0.42) is necessary.
0
 
LVL 16

Assisted Solution

by:vivigatt
vivigatt earned 334 total points
ID: 36499761
Assume that you are not the administrator of your network
Assume that you have a device which comes preconfigured with IP¨address 192.168.1.1
Assume that your computer(s) is (are all) in the 192.168.0.0 subnet.
Assume that you have no right to change any of the computers IP address.
Assume that you want to connect to http://192.168.1.1

How would you do?

You would use a static ARP entry.

You must understand that, usually, using a arp static entry is a temporary solution.
There are other cases (for instance to prevent arp spoofing) but this is another story.

Now, if your PC can communicate with a host, it has a correct ARP entry for it but this is a dynamic ARP entry. Or if this host is behind one or several routers, and if your PC can communicate with this host, all the nodes on the route to the host have correct ARP entries for the next node in the route. No need for static ARP entries either.
Usually, you need static ARP entries when you cannot communicate with a host, which is still connected to the same subnet.

Some alternatives to using static ARP entries in these cases are:
- Change your PC IP address/configuration for it to be in the same subnet as the host to communicate with
- Add another (static) IP address to your PC, said IP address being in the same subnet as the host to communicate with


0
 

Author Comment

by:jskfan
ID: 36500866
thanks for the explanation
0
 

Author Closing Comment

by:jskfan
ID: 36500868
Thanks
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now