16.01.

2023

Module 9: Address Resolution

Instructor Materials

Introduction to Networks v7.0

(ITN)

What to Expect in this Module

▪ To facilitate learning, the following features within the GUI may be included in this module:
Feature Description

Animations Expose learners to new skills and concepts.

Expose learners to new skills and concepts.
Videos
Check Your Per topic online quiz to help learners gauge content understanding.
Understanding(CYU)

Interactive Activities A variety of formats to help learners gauge content understanding.

Small simulations that expose learners to Cisco command line to practice
Syntax Checker configuration skills.
Simulation and modeling activities designed to explore, acquire, reinforce, and
PT Activity expand skills.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3

What to Expect in this Module (Cont.)

▪ To facilitate learning, the following features may be included in this module:

Feature Description
Hands-On Labs Labs designed for working with physical equipment.
Class Activities These are found on the Instructor Resources page. Class Activities are
designed to facilitate learning, class discussion, and collaboration.
Self-assessments that integrate concepts and skills learned throughout the
Module Quizzes series of topics presented in the module.
Module Summary Briefly recaps module content.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4

1
 16.01.2023

Module 9: Address Resolution

Introduction to Networks v7.0
(ITN)

Module Objectives
Module Title: Address Resolution

Module Objective: Explain how ARP and ND enable communication on a network .

Topic Title Topic Objective

MAC and IP Compare the roles of the MAC address and the IP address.

ARP Describe the purpose of ARP.

Neighbor Discovery Describe the operation of IPv6 neighbor discovery.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10

10

9.1 MAC and IP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11

11

2
 16.01.2023

MAC and IP
Destination on Same Network
There are two primary addresses assigned to a device on an Ethernet LAN:
• Layer 2 physical address (the MAC address) – Used for NIC to NIC communications
on the same Ethernet network.
• Layer 3 logical address (the IP address) – Used to send the packet from the source
device to the destination device.
Layer 2 addresses are used to deliver frames from one NIC to another NIC on the same
network. If a destination IP address is on the same network, the destination MAC address
will be that of the destination device.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12

12

MAC and IP
Destination on Remote Network
When the destination IP address is on a remote network, the destination MAC address is
that of the default gateway.
• ARP is used by IPv4 to associate the IPv4 address of a device with the MAC address
of the device NIC.
• ICMPv6 is used by IPv6 to associate the IPv6 address of a device with the MAC
address of the device NIC.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13

13

MAC and IP
Packet Tracer – Identify MAC and IP Addresses

In this Packet Tracer, you will complete the following objectives:

• Gather PDU Information for Local Network Communication
• Gather PDU Information for Remote Network Communication

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14

14

3
 16.01.2023

9.2 ARP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15

15

ARP
ARP Overview
A device uses ARP to determine the
destination MAC address of a local
device when it knows its IPv4 address.

ARP provides two basic functions:

• Resolving IPv4 addresses to MAC
addresses
• Maintaining an ARP table of IPv4
to MAC address mappings

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16

16

ARP
ARP Functions
To send a frame, a device will search its ARP table for a destination IPv4 address and a
corresponding MAC address.
• If the packet’s destination IPv4 address is on the same network, the device will
search the ARP table for the destination IPv4 address.
• If the destination IPv4 address is on a different network, the device will search the
ARP table for the IPv4 address of the default gateway.
• If the device locates the IPv4 address, its corresponding MAC address is used as the
destination MAC address in the frame.
• If there is no ARP table entry is found, then the device sends an ARP request.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17

17

4
 16.01.2023

ARP
Video - ARP Request
This video will cover an ARP request for a MAC address.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18

18

ARP
Video – ARP Operation - ARP Reply
This video will cover an ARP reply in response to an ARP request.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19

19

ARP
Video - ARP Role in Remote Communications
This video will cover how an ARP request will provide a host the MAC address
of the default gateway.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20

20

5
 16.01.2023

ARP
Removing Entries from an ARP Table
• Entries in the ARP table are not permanent and are removed when an ARP cache
timer expires after a specified period of time.
• The duration of the ARP cache timer differs depending on the operating system.
• ARP table entries can also be removed manually by the administrator.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21

21

ARP
ARP Tables on Networking Devices
• The show ip arp command displays the ARP table on a Cisco router.
• The arp –a command displays the ARP table on a Windows 10 PC.

R1# show ip arp

Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.10.1 - a0e0.af0d.e140 ARPA GigabitEthernet0/0/0

C:\Users\PC> arp -a

Interface: 192.168.1.124 --- 0x10

Internet Address Physical Address Type
192.168.1.1 c8-d7-19-cc-a0-86 dynamic
192.168.1.101 08-3e-0c-f5-f7-77 dynamic

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22

22

ARP
ARP Issues – ARP Broadcasting and ARP Spoofing
• ARP requests are received and processed by every device on the local network.
• Excessive ARP broadcasts can cause some reduction in performance.
• ARP replies can be spoofed by a threat actor to perform an ARP poisoning attack.
• Enterprise level switches include mitigation techniques to protect against ARP attacks.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23

23

6
 16.01.2023

ARP
Packet Tracer – Examine the ARP Table

In this Packet Tracer, you will complete the following objectives:

• Examine an ARP Request
• Examine a Switch MAC Address Table
• Examine the ARP Process in Remote Communications

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24

24

9.3 Copper Cabling

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25

25

IPv6 Neighbor Discovery

Video – IPv6 Neighbor Discovery
This video will explain the process of how IPv6 performs address resolution using
ICMPv6 neighbor solicitation and neighbor advertisement messages.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26

26

7
 16.01.2023

IPv6 Neighbor Discovery

IPv6 Neighbor Discovery Messages
IPv6 Neighbor Discovery (ND) protocol provides:
• Address resolution
• Router discovery
• Redirection services
• ICMPv6 Neighbor Solicitation (NS) and Neighbor Advertisement (NA)
messages are used for device-to-device messaging such as address
resolution.
• ICMTPv6 Router Solicitation (RS) and Router Advertisement (RA) messages
are used for messaging between devices and routers for router discovery.
• ICMPv6 redirect messages are used by routers for better next-hop selection.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27

27

IPv6 Neighbor Discovery

IPv6 Neighbor Discovery – Address Resolution
• IPv6 devices use ND to resolve
the MAC address of a known
IPv6 address.
• ICMPv6 Neighbor Solicitation
messages are sent using
special Ethernet and IPv6
multicast addresses.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28

28

IPv6 Neighbor Discovery

Packet Tracer – IPv6 Neighbor Discovery

In this Packet Tracer, you will complete the following objectives:

• Part 1: IPv6 Neighbor Discovery Local Network
• Part 2: IPv6 Neighbor discovery Remote Network

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29

29

8
 16.01.2023

9.4 Module Practice and Quiz

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30

30

Module Practice and Quiz

What did I learn in this module?
• Layer 2 physical addresses (i.e., Ethernet MAC addresses) are used to deliver the data link frame
with the encapsulated IP packet from one NIC to another NIC on the same network.
• If the destination IP address is on the same network, the destination MAC address will be that of
the destination device.
• When the destination IP address (IPv4 or IPv6) is on a remote network, the destination MAC
address will be the address of the host default gateway (i.e., the router interface).
• An IPv4 device uses ARP to determine the destination MAC address of a local device when it
knows its IPv4 address.
• ARP provides two basic functions: resolving IPv4 addresses to MAC addresses and maintaining a
table of IPv4 to MAC address mappings.
• After the ARP reply is received, the device will add the IPv4 address and the corresponding MAC
address to its ARP table.
• For each device, an ARP cache timer removes ARP entries that have not been used for a
specified period of time.
• IPv6 does not use ARP, it uses the ND protocol to resolve MAC addresses.
• An IPv6 device uses ICMPv6 Neighbor Discovery to determine the destination MAC address of a
local device when it knows its IPv6 address.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31

31

33