I have never used it but it looks interesting. Arp-ping lets us to check whether a specified IP address or MAC address is being used in a LAN. Intrigued, I opened Huawei eNSP simulator to check this feature. Results are not fully satisfied. As arp-ping IP works correctly, I cannot say the same about arp-ping MAC. There are some problems with communication between router and hosts. It looks like router does not receive ICMP Echo Reply packets from hosts in the LAN. I checked the same between router and switch “labnario_SW2″. Results look promising. Let’s pass on to the lab.
# vlan batch 100 200 # interface Vlanif100 ip address 10.0.0.100 255.255.255.0 # interface Ethernet0/0/0 port link-type trunk port trunk allow-pass vlan 100 # interface GigabitEthernet0/0/1 ip address 172.16.0.100 255.255.255.0
# vlan batch 100 # interface Vlanif100 ip address 10.0.0.1 255.255.255.0 # interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan 100
Labnario_SW1 works as Hub.
And an essence of our lab:
<labnario_RT>arp-ping ip 172.16.0.2 ARP-Pinging 172.16.0.2: 172.16.0.2 is used by 5489-98cf-8104
From the captured packets we can see how arp-ping IP works. It sends ARP Request packet. A host or routing device, that uses this IP address in the LAN, returns an ARP Reply packet. Then the sender compares the IP address specified in arp-ping command with the source IP address carried in the ARP reply packet. In case the 2 IP addresses are the same, a MAC address of the host is displayed. Somebody can say that we can do the same using common ping. Yes, you can, but what if ICMP is being blocked on a firewall? ARP is L2 protocol and is helpful in such case.
Let’s look what happens if requested IP address in not available in the LAN:
<labnario_RT>arp-ping IP 172.16.0.15 ARP-Pinging 172.16.0.15: Error: Request timed out. Error: Request timed out. Error: Request timed out. Info: The IP address is not used by anyone!
The sender displays a message indicating that the IP address is not used in the LAN.
Now we can check arp-ping MAC command for hosts and routing device (labnario_SW2). Notice that arp-ping MAC uses ICMP:
<labnario_RT>arp-ping mac 5489-98cf-8104 ? IP_ADDR Specified local LAN in which to find interface Specified the outgoing interface <labnario_RT>arp-ping mac 5489-98cf-8104 172.16.0.0 LANIP: 172.16.0.0 MAC[54-89-98-CF-81-04], press CTRL_C to break Error: Request timed out. Error: Request timed out. Error: Request timed out. ----- ARP-Ping MAC statistics ----- 3 packet(s) transmitted 0 packet(s) received MAC[54-89-98-CF-81-04] not be used
As I mentioned at the beginning of this post, hosts in the LAN do not send ICMP Echo Reply packets. Let’s look at captured packets:
Now check the same for a routing device:
<labnario_RT>arp-ping mac 4c1f-cc24-2720 10.0.0.0 LANIP: 10.0.0.0 MAC[4C-1F-CC-24-27-20], press CTRL_C to break ----- ARP-Ping MAC statistics ----- 1 packet(s) transmitted 1 packet(s) received IP ADDRESS MAC ADDRESS 10.0.0.1 4C-1F-CC-24-27-20
And captured packets:
Unlike for hosts, it works correctly for routing device. You can check it on your real devices. ARP-ping should work as expected.