9.6 Who to ARP for?
9.6.1 ARP request/reply
Note: The information explained in this section is a simplification of the actual ARP process. Although conceptually accurate, the actual process is slightly different and more complex. However, for the purposes of this curriculum, the explanation contained in this section provides a good basis of understanding.
As shown in Figure , ARP is a Layer 3 protocol, one of many protocols within the TCP/IP suite of protocols. An ARP Request is used when a sending device knows the IP address for the destination host, but does not know its MAC address. Before the IP packet can be encapsulated into the Ethernet frame, the sending device needs to know the destination MAC address. This relationship of IP to MAC address is normally kept in an ARP table or cache, as shown in Figure . This table is dynamically updated based on local network activity. If the IP and MAC address of the destination is not in the ARP table, the device will need to send out an ARP Request in order to get the MAC address.

Question: Why do devices need to map a MAC Address to an IP Address?
The simple answer is to deliver the IP packet inside an Ethernet frame to the next device along the way in order to reach its final destination. The next device may very well be the final destination or it may be a router. An example is shown in Figure .

In this example, Host Stevens has an IP packet it wants to send to Host Cerf. Host Stevens needs to send this packet to either:

a) the final destination, Host Cerf.
or
b) the default gateway, the router, so it can forward it onward to its final destination.

Question: How does Host Stevens know where it needs to send this packet?
The answer depends on your client software.

Answer 1: Host Stevens will look for host Cerf's IP address of 172.16.10.25 in its ARP table, if it is not found, host Stevens will ARP for the MAC address that is paired to Cerf's IP address. In this example host Cerf would respond with an ARP reply containing its MAC address and the packet could be sent. But what if host Cerf wasn't on the same local network? If the router has proxy-ARP enabled, it would send a response of its own MAC address back to host Stevens after it calculated that the destination IP address wasn't on the same subnetwork as the source device. Host Stevens would then create a relationship between the destination IP address, host Cerf, and the router's MAC address in its ARP table. From then on, host Stevens, based on the destination IP address, would send packets to the router for the first hop of the trip to the destination, host Cerf. The router would forward the packet, based on its IP address, to the destination host or the next hop router.

Answer 2: Host Stevens in this answer has a default gateway and subnet mask entry stored in its TCP/IP configuration. This is the case with Microsoft WindowsTM clients. In this situation host Stevens will do an AND operation on both the source and destination IP addresses using the stored subnet mask, as shown in Figure . If the results of the AND operation results in the same subnetwork address, the two hosts are on the same network segment. Host Stevens then looks in its ARP table for the destination IP and MAC address pair, if it can't find the pair, it issues an ARP request. The destination host responds and the packet is sent. If after ANDing the resulting subnetwork addresses are different, host Stevens will use the default gateway's MAC address along with the destination IP address to get the packet to the router for the first hop of the trip to the destination host. The router would forward the packet, based on its IP address, to the destination host or the next hop router.