Friday , March 29 2024
Home / Command Line / from Huawei CLI – “arp-ping”

from Huawei CLI – “arp-ping”

I have never used it but it looks interesting. Arp-ping lets us to check whether a specified IP address or MAC address is being used in a LAN. Intrigued, I opened Huawei eNSP simulator to check this feature. Results are not fully satisfied. As arp-ping IP works correctly, I cannot say the same about arp-ping MAC. There are some problems with communication between router and hosts. It looks like router does not receive ICMP Echo Reply packets from hosts in the LAN. I checked the same between router and switch “labnario_SW2″. Results look promising. Let’s pass on to the lab.

 

Labnario_RT config:

#
vlan batch 100 200
#
interface Vlanif100
 ip address 10.0.0.100 255.255.255.0 
#
interface Ethernet0/0/0
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/1
 ip address 172.16.0.100 255.255.255.0

Labnario_SW2 config:

#
vlan batch 100
#
interface Vlanif100
 ip address 10.0.0.1 255.255.255.0
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100

Labnario_SW1 works as Hub.

And an essence of our lab:

<labnario_RT>arp-ping ip 172.16.0.2 
 ARP-Pinging 172.16.0.2:

172.16.0.2 is used by 5489-98cf-8104

ARP-ping IP capture packets

From the captured packets we can see how arp-ping IP works. It sends ARP Request packet. A host or routing device, that uses this IP address in the LAN, returns an ARP Reply packet. Then the sender compares the IP address specified in arp-ping command with the source IP address carried in the ARP reply packet. In case the 2 IP addresses are the same, a MAC address of the host is displayed. Somebody can say that we can do the same using common ping. Yes, you can, but what if ICMP is being blocked on a firewall? ARP is L2 protocol and is helpful in such case.

Let’s look what happens if requested IP address in not available in the LAN:

<labnario_RT>arp-ping IP 172.16.0.15
 ARP-Pinging 172.16.0.15:

Error: Request timed out.
Error: Request timed out.
Error: Request timed out.
Info: The IP address is not used by anyone!

The sender displays a message indicating that the IP address is not used in the LAN.

Now we can check arp-ping MAC command for hosts and routing device (labnario_SW2). Notice that arp-ping MAC uses ICMP:

<labnario_RT>arp-ping mac 5489-98cf-8104 ?
  IP_ADDR  Specified local LAN in which to find
  interface         Specified the outgoing interface
<labnario_RT>arp-ping mac 5489-98cf-8104 172.16.0.0

  LANIP: 172.16.0.0 MAC[54-89-98-CF-81-04], press CTRL_C to break
Error: Request timed out.
Error: Request timed out.
Error: Request timed out.

    ----- ARP-Ping MAC statistics -----
    3 packet(s) transmitted
    0 packet(s) received
    MAC[54-89-98-CF-81-04]  not be used

As I mentioned at the beginning of this post, hosts in the LAN do not send ICMP Echo Reply packets. Let’s look at captured packets:

ARP-ping MAC capture packets for host

Now check the same for a routing device:

<labnario_RT>arp-ping mac 4c1f-cc24-2720 10.0.0.0

  LANIP: 10.0.0.0 MAC[4C-1F-CC-24-27-20], press CTRL_C to break

    ----- ARP-Ping MAC statistics -----
    1 packet(s) transmitted
    1 packet(s) received

    IP ADDRESS                MAC ADDRESS
    10.0.0.1                  4C-1F-CC-24-27-20

And captured packets:

ARP-ping MAC capture packet for switch

Unlike for hosts, it works correctly for routing device. You can check it on your real devices. ARP-ping should work as expected.

Leave a Reply

Your email address will not be published. Required fields are marked *