Static ARP Application

Networking Description

As shown in Figure 1, the intranet of an organization communicates with the Internet through the gateway PE. To prevent network attackers from obtaining private information by modifying ARP entries on the PE, deploy static ARP.

Figure 1 Static ARP networking

  • Before static ARP is deployed, the PE dynamically learns and updates ARP entries using ARP messages. However, dynamic ARP entries can be aged and overwritten by new dynamic ARP entries. Therefore, network attackers can send fake ARP messages to modify ARP entries on the PE to obtain the private information of the organization.
  • After static ARP is deployed, ARP entries on the PE are manually configured and maintained by a network administrator. Static ARP entries are neither aged nor overwritten by dynamic ARP entries. Therefore, deploying static ARP can prevent network attackers from sending fake ARP messages to modify ARP entries on the PE, and information security is ensured.

Feature Deployment

Deploy static ARP on the PE to set up fixed mapping between IP and MAC addresses of hosts on the intranet. This can prevent network attackers from sending fake ARP messages to modify ARP entries on the PE, ensuring the stability and security of network communication and minimizing the risk of private information being stolen.

Parent Topic: Application Scenarios for ARP
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic