問題一 請問一下 ARP 是讓主機可由已知的 protocol address (IP address)詢問 來得到 hardware address (MAC address) 如果在一台 end host 與 switch 間架一個 bridge 把 ARP 全都 filter 掉 那 end host 有其它辦法可以得到 hardware address 嗎? 問題二 看了一下 RFC826 http://www.faqs.org/rfcs/rfc826.html 在處理 ARP 的封包時的 algorithm 如下 ?Do I have the hardware type in ar$hrd? Yes: (almost definitely) [optionally check the hardware length ar$hln] ?Do I speak the protocol in ar$pro? Yes: [optionally check the protocol length ar$pln] Merge_flag := false If the pair <protocol type, sender protocol address> is already in my translation table, update the sender hardware address field of the entry with the new information in the packet and set Merge_flag to true. ?Am I the target protocol address? Yes: If Merge_flag is false, add the triplet <protocol type, sender protocol address, sender hardware address> to the translation table. ?Is the opcode ares_op$REQUEST? (NOW look at the opcode!!) Yes: Swap hardware and protocol fields, putting the local hardware and protocol addresses in the sender fields. Set the ar$op field to ares_op$REPLY Send the packet to the (new) target hardware address on the same hardware on which the request was received. 按上面標顏色的部份 應該會先 add sender information 至 ARP table內 才會去判斷該封包的 opcode 試了一下發現 在 ARP table 沒有該 sender 的記錄情況下 收到 ARP reply 卻不會新增 sender 的記錄 是因為 ARP reply 在更前面就處理結束了嗎? 還是 RFC826 有被其它 RFC 所更新? (因為我並沒有找到) -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 140.129.36.80