Static ARP
Definition
Static ARP allows a network administrator to create the mapping between IP and MAC addresses.
Background
Dynamic ARP
Advantages
Dynamic ARP entries free network administrators from manual configuration and maintenance. Especially when a network device becomes faulty or the NIC on a host is frequency replaced, the real-time updates of ARP entries greatly reduce the maintenance workload of network administrators.
Disadvantages
- Dynamic ARP entries can be aged out or overridden by new ones, which fails to ensure stability and security of network communication.
- The execution of dynamic ARP consumes network resources, which is not applicable to networks with insufficient bandwidth resources and may impact user services.
Static ARP
Advantages
- Static ARP entries will not age out or be overridden by dynamic ARP entries, which ensures stability of network communication.
- The configuration of static ARP binds IP addresses and MAC addresses, which prevents network attackers from modifying ARP entries and ensures security of network communication.
- The configuration of static ARP eliminates the need of configuring dynamic ARP, reducing network resource consumption.
Disadvantages
Static ARP entries need to be manually configured by network administrators, causing heavy maintenance workload when it comes to frequent changes of the network structure.
Static ARP implements the following functions:
Binds IP addresses to the MAC address of a specified gateway so that IP datagrams destined for these IP addresses must be forwarded by this gateway.
Binds the destination IP addresses of IP datagrams sent by a specified host to a nonexistent MAC address, helping filter out unwanted IP datagrams.
To ensure the stability and security of network communication, deploy static ARP based on actual requirements and network resources.
Related Concepts
Short static ARP entries
Short static ARP entries contain only IP and MAC addresses. A device still has to send ARP request messages. If the source IP and MAC addresses of the received reply messages are the same as the configured IP and MAC addresses in a short static ARP entry, the device adds the interface that receives the ARP reply messages to the short static ARP entry. The device can use this interface to forward subsequent messages directly. Short static ARP entries cannot be directly used to forward messages.
Configuring short static ARP entries enables a host and a device to communicate using fixed IP and MAC addresses.
In Network Load Balancing (NLB) scenarios, you must configure both MAC entries with multiple outbound interfaces and short static ARP entries for the gateway. These MAC entries and short static ARP entries must have the same MAC address. In NLB scenarios, short static ARP entries are also called ARP entries with multiple outbound interfaces and cannot be updated manually.
Long static ARP entries
Long static ARP entries contain IP and MAC addresses as well as the VLAN and outbound interface through which devices send packets. Long static ARP entries are directly used to forward messages.
Configuring long static ARP entries enables a host and a device to communicate through a specified interface in a VLAN.
Usage Scenario
Static ARP applies to the following scenarios:
- Networks with a simple topology and high stability.
- Networks on which information security is of high priority.
- Short static ARP entries mainly apply to scenarios in which network administrators want to bind hosts' IP and MAC addresses but hosts' access interfaces can change.
Benefits
Static ARP ensures communication security. If a static ARP entry is configured on a device, the device can communicate with the peer device using only the specified MAC address. Network attackers cannot modify the mapping between the IP and MAC addresses using ARP messages, ensuring communication between the two devices.