You might be familiar with the concept of IP addresses.
Every computer on a connection has at least one.
When communicating to a unit on the same online grid, a computer doesnt directly use the IP address.
Instead, it translates that IP address to a MAC address.
ARP is the protocol to manage IP to MAC translations and communicate this around the web link.
ARP stands for Address Resolution Protocol.
It is a stateless protocol that has broadcast and request-response components.
ARP is primarily used in IPv4 networks, though other networking systems also use it.
IPv6 networks implement ARP functionality and some additional functionality with NDP.
Or Neighbour Discovery Protocol.
MAC addresses that have been identified are stored in an ARP table on each gadget.
Each entry in the ARP table regularly expires.
It knows it needs to send it to the router for devices in a different web connection.
This can then direct the packet onto the right data pipe.
As the first port of call, the computer will check its ARP table.
This should have a list of all known devices on the local web link.
Every machine on the web connection will see this message as it is a broadcast.
Most will ignore it as its not aimed at them.
The original computer will then update its ARP table and send the packet to the intended recipient.
Note:The ARP probe response is also a broadcast.
This helps to minimize ARP traffic.
The DHCP server is generally a function of the internet router but can be run by a separate machine.
Once a new machine has an IP address, either through manual configuration or DHCP.
The rig must quickly verify that no other rig is already using that IP address.
The expected response is silence.
No other equipment should react, especially in a DHCP data pipe.
After short delays, the gadget will broadcast the same message again a few times.
To do so, it needs to send a gratuitous ARP.
This simply involves broadcasting to the data pipe has .
All devices listen to and cache ARP responses in their ARP tables.
This, however, leads to a vulnerability in the system.
These now incorrect ARP tables are referred to as poisoned.
This could just be used to cause online grid issues by pointing traffic in the wrong direction.
There is a worse scenario, however.
Note:There are some protections against MitM attacks.
The attacker would not be able to duplicate the HTTPS certificate of a website.
Any user having the traffic intercepted should get internet tool certificate errors.
There are, however, many essential and unencrypted communications, especially on an internal internet.
This isnt so much the case on a home online grid.
Still, corporate networks built on Windows are particularly vulnerable to ARP spoofing attacks.
ARP poisoning enables MitM attacks Source:Wikipedia
Conclusion
ARP stands for Address Resolution Protocol.
It is used in IPv4 networks to translate IP addresses to MAC addresses as is needed in local networks.
It consists of stateless request and response broadcasts.
Devices cache ARP responses to update their ARP tables.
Devices may also regularly broadcast gratuitous announcements that their MAC address is associated with their IP address.
