In this tutorial, we’ll learn how gratuitous ARP works. We’ll start by examining how regular ARP messages work. Next, we’ll look at the definition of gratuitous ARP and a practical example. Finally, we’ll further study gratuitous ARP messages by understanding their use.
2. Regular ARP Messages
ARP is a network protocol that allows devices to map the IP addresses of other devices in the same network to their respective MAC addresses. In practice, each device keeps a mapping table (called ARP table), which indicates the MAC address of the device with a given IP address.
When a device needs the MAC address of another device, the first thing it does is consult the ARP table. But if its table doesn’t have the required entry, the device broadcasts an ARP message requesting it. The figure below illustrates this situation:
For simplicity, we’re representing the MAC addresses with only two characters (from A1 to A5) instead of a 48-bit address. In this example, the device 1 broadcasts an ARP request message. This message tells that the machine with IP 192.168.1.11 and MAC A1 is asking who owns the IP address 192.168.1.12.
Thus, all other devices belonging to the network receive the message sent by device 1. However, the ARP protocol specifies that only the target device (with IP 192.168.1.12, in this case) should respond.
Therefore, after receiving such an ARP request message, device 2 sends an ARP reply message addressed to device 1. This ARP reply includes the MAC address of the device 2 (A2, in this case). Device 1, in turn, adds the MAC of device 2 to its ARP table when it receives the ARP reply.
These are the most common ARP messages. However, there are other useful messages that optimize the ARP protocol. Let’s now look at one of them, the so-called gratuitous ARP.
3. What’s Gratuitous ARP?
Gratuitous ARP is a special type of ARP message. More specifically, a gratuitous ARP is a message in which the sender device includes its own ARP mapping and broadcasts it on the network without any other device requesting it. Let’s see in detail how this works in the following example.
3.1. Example of a Gratuitous ARP
For this example, let’s consider the same scenario illustrated previously. But in this case, device 1 sends a gratuitous ARP:
The process is similar to sending a regular ARP message (like an ARP request). Device 1 prepares the ARP message and broadcasts it on the network. However, there are some key differences in the content of a gratuitous ARP message.
First of all, a gratuitous ARP message asks for the sender’s own MAC address instead of the MAC of another device. Therefore, in this example, device 1 (IP 192.168.1.11 and MAC A1) asks what the MAC of the device has IP address 192.168.1.11. Since there should be no other device with IP 192.168.1.11 on the network, the sender doesn’t expect a reply.
Even knowing that there will be no reply to a gratuitous ARP, it can still be very interesting for a device to transmit it. The first reason is that gratuitous ARP is an efficient way for a device to inform the entire network of its own IP and MAC addresses.
However, in addition to their own addresses, the sender can also include their own ARP table in a gratuitous ARP message. This makes the gratuitous ARP even more useful. Thus, each device that receives this message can use the provided information to update its ARP table.
4. When is Gratuitous ARP Used and for What Purpose?
Gratuitous ARP is applicable in many situations. Next, we’ll look at some of the main ones.
4.1. When the Addresses of an Interface Changes
Many operating systems implement the network stack to send a gratuitous ARP every time the address of a network interface changes at the system level. This is valid for both IP and MAC addresses.
Different cases of IP address changes can trigger the sending of gratuitous ARP. A common situation is when a DHCP server provides a new IP address for a particular interface of a device. It can also occur when the network administrator manually changes the IP address or adds a new one to the interface.
The MAC address of a network interface can be changed at the system level. For example, the network administrator can replace the physical network interface mapped on the system as eth0 with another one. Thus, the IP address assigned to eth0 will then be linked to the MAC of the new physical network interface.
In both cases, gratuitous ARP is very useful. For example, a device can broadcast a gratuitous ARP to update its new addresses in the mapping of other devices. Also, this type of message allows other devices to report possible conflicts with the new IP address.
4.2. When the Link of an Interface Changes to the Upstate
Usually, the system issues a gratuitous ARP every time it brings the interface link to an upstate. In this case, the gratuitous ARP message is used to update the ARP table on all other devices with the possibly new mapping between MAC and IP address.
A link state changing from down to up can also represent a port change on the switch. Thus, in such a situation, gratuitous ARP allows the switch to relearn behind which port a certain MAC address resides.
4.3. When the Network Administrator Sends It
Gratuitous ARP can also be valuable in situations not automatically addressed by operating systems. Therefore, network administrators may manually issue gratuitous ARP messages according to their needs.
This can be done in several ways. One of the simplest is through tools such as arping, which provides this functionality via a command-line interface.
In this article, we studied the concept of gratuitous ARP and understood what it’s used for. We can conclude that gratuitous ARP is a message that a sender broadcasts its own ARP table. This kind of message is useful in many situations and can considered an efficient way to share IP/MAC bindings on a network.