8.7 TCP/IP Suite: Utilities
8.7.1 How and when to use ARP to test, validate,
and troubleshoot IP connectivity 

In TCP/IP, the Address Resolution Protocol (ARP) is used to BIND (associate) the physical (MAC) addresses with a specific logical (IP) addresses. When a data packet is sent to a particular destination, ARP takes the addressing information and matches it against the ARP cache for the appropriate MAC address. If no matches are made, ARP sends out a broadcast message on the network looking for the particular destination. A host will respond with the correct address and send a reply to ARP. The following shows some variations on the arp command.

Commands Action
arp -a To view a list of all IP and MAC addresses.
arp -a -n <interface> Example: arp -a -n 146.188.144.223 Filters the display to show only the interface specified.
arp -s <interface> <MAC address> To manually add entries.
arp -d <IP address> To manually delete dynamically entered ARP cache.

If duplicate IP addresses appear in he ARP cache, a Windows NT 4.0 TCP/IP stack is written and a new ARP broadcast is sent to each computer affected by the ARP cache error.