cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
91503
Views
169
Helpful
19
Replies
Highlighted
Beginner

What is Gratuitous ARP ?

Can any one please tell me what is Gratuitous ARP.. ?

19 REPLIES 19
Highlighted

Pretty Good Explanation. Appreciate the effort...

Highlighted
Beginner

Gratuitous ARP is a sort of "advance notification", it updates the ARP cache of other systems before they ask for it (no ARP request) or to update outdated information.

When talking about gratuitous ARP, the packets are actually special ARP request packets, not ARP reply packets as one would perhaps expect. Some reasons for this are explained in RFC 5227.

The gratuitous ARP packet has the following characteristics:

Both source and destination IP in the packet are the IP of the host issuing the gratuitous ARP
The destination MAC address is the broadcast MAC address (ff:ff:ff:ff:ff:ff)
This means the packet will be flooded to all ports on a switch
No reply is expected
Gratuitous ARP is used for some reasons:

Update ARP tables after a MAC address for an IP changes (failover, new NIC, etc.)
Update MAC address tables on L2 devices (switches) that a MAC address is now on a different port
Send gratuitous ARP when interface goes up to notify other hosts about new MAC/IP bindings in advance so that they don't have to use ARP requests to find out
When a reply to a gratuitous ARP request is received you know that you have an IP address conflict in your network
As for the second part of your question, HSRP, VRRP etc. use gratuitous ARP to update the MAC address tables on L2 devices (switches). Also there is the option to use the burned-in MAC address for HSRP instead of the "virtual"one. In that case the gratuitous ARP would also update the ARP tables on L3 devices/hosts.

Highlighted

Recently, I was at a client site cloning some virtual machines, when I encountered some odd behavior. When I would change the ip address of the clone, the ip address would show in the network properties, but not in the vm’s summary or when I typed ipconfig from the vm’s command line. Rather, I was getting an 169.x.x.x ip address for the vm. After some digging, I found out the cause was from gratuitous arps being broadcasted from a network appliance designed to prevent duplication of ips in the network.

A gratuitous arp is an AddressResolutionProtocol request packet where the source and destination IP are both set to the IP of the machine issuing the packet and the MAC is the broadcast address ff:ff:ff:ff:ff:ff. A gratuitous ARP are used for four reasons:

  • They can help detect IP conflicts. When a machine receives an ARP request containing a source IP that matches its own, then it knows there is an IP conflict.
  • They assist in the updating of other machines’ ARP tables. Clustering solutions utilize this when they move an IP from one NIC to another, or from one machine to another. Other machines maintain an ARP table that contains the MAC associated with an IP. When the cluster needs to move the IP to a different NIC, be it on the same machine or a different one, it reconfigures the NICs appropriately then broadcasts a gratuitous ARP reply to inform the neighboring machines about the change in MAC for the IP. Machines receiving the ARP packet then update their ARP tables with the new MAC.
  • They inform switches of the MAC address of the machine on a given switch port, so that the switch knows that it should transmit packets sent to that MAC address on that switch port.
  • Every time an IP interface or link goes up, the driver for that interface will typically send a gratuitous ARP to preload the ARP tables of all other local hosts. Thus, a gratuitous ARP will tell us that that host just has had a link up event, such as a link bounce, a machine just being rebooted or the user/sysadmin on that host just configuring the interface up. If we see multiple gratuitous ARPs from the same host frequently, it can be an indication of bad Ethernet hardware/cabling resulting in frequent link bounces.https://www.credosystemz.com/courses/iot-training/

However, a side effect of all of this is that it also prevents virtual machines from changing their ips as indicated by the odd behavior I noted earlier. To resolve this issue, there are two alternatives. The first alternative is to shut off gratuitous arps on the network appliance. This is the quickest and easiest manner to resolve the issue. The second manner is to do the following on the vm:

  • go to the command prompt and type regedit
  • navigate to the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  • Click Edit>New and click DWORD Value
  • type ArpRetryCount
  • set the value to 0
  • exit the registry editor
  • reboot the machine
  • on the vm, select edit settings
  • disconnect the virtual nic
  • select OK
  • reconnect the virtual nic
  • select OK

The final step is to locate the network admin and ask why gratuitous arps were placed on the network. 

Highlighted

Gratuitous ARP is a special ARP (Address Resolution Protocol) reply that is not a response to an ARP request. A Gratuitous ARP reply is a reply to without a ARP request. ... The source and destination IP Addresses are both set to the IP of the machine sending the Gratuitous ARP packet.

 

https://devu.in/machine-learning-training-in-bangalore/

Highlighted

Gratuitous ARP is an ARP  Response that was not prompted by an ARP Request. The Gratuitous ARP is sent as a broadcast, as a way for a node to announce or update its IP to MAC mapping to the entire network.

 

https://www.anchal.pk

Content for Community-Ad