[Huawei]sysname AR1 [AR1]int g0/0/0 [AR1-GigabitEthernet0/0/0]ip address 192.168.1.254 24 [AR1-GigabitEthernet0/0/0]int g0/0/1 [AR1-GigabitEthernet0/0/1]ip address 10.1.12.1 24 [AR1-GigabitEthernet0/0/1]q [AR1]ospf [AR1-ospf-1]a 0 [AR1-ospf-1-area-0.0.0.0]network 192.168.1.254 0.0.0.0 [AR1-ospf-1-area-0.0.0.0]network 10.1.12.1 0.0.0.0
PC PING test Server1 (10.1.12.2)
Why does the first PING packet fail/time out? The PING package after that is no problem.
Because there is no target MAC address at the beginning, Layer 2 cannot be encapsulated.
First of all, let's take a test in PING to see how it goes.
From the above output, we can see that the first PING packet did not time out!
Then let's refresh the router's ARP table to see how it goes.
reset arp dynamic
PC and then PING to test Server1 (10.1.12.2) when will the
network device send gratuitous ARP packets?
Connect a router to AR1, configure an IP address (10.1.13.1/24) for interface G0/0/2, and enable packet capture at the same time.
Answer: When the interface of the network device is configured with an IP address, it will send a gratuitous ARP packet.
Gratuitous ARP message: The IP address of the sent ARP message is the same as the target IP address.
How ARP works
ARP: Resolve IP address into MAC address.
Work on the data link layer.
Condition: When the need to access the destination IP address does not have a corresponding entry in the ARP cache table.
arp request (usually broadcast):
When the destination IP address of the visit is the same network segment, the MAC address corresponding to the requested access destination IP address;
when the destination IP address of the visit is not in the same network segment, the MAC address corresponding to the gateway IP is requested address.
arp reply (unicast reply):
When a request message is received and the destination IP address is consistent with the IP address of the receiving interface, the reply is arpreply, including the correspondence between the IP address of its own interface and the MAC address;
when the request message is received, the destination When the IP address is inconsistent with the IP address of the receiving interface, if the ARP proxy function is not enabled, no message will be returned;
if the ARP proxy function is enabled, the arp reply will be returned after certain conditions are met, including the destination IP address of the request and the MAC of the own interface Correspondence of addresses.
ICMP principle description
The ICMP network control information protocol is an error reporting mechanism, which is usually used by the IP layer or higher-level protocols. The ICMP message is encapsulated in the IP datagram, and transmitted through the Internet as the data part of the IP datagram.
The fields in the IP datagram only contain the source and the final destination, and do not record the entire path of the packet in the network transmission. Therefore, when a device detects an error, it cannot notify the intermediate network device, and can only send an error report to the source.
When an error occurs in a datagram, ICMP only reports the error to the source of the datagram, and neither corrects the error nor informs the intermediate network equipment. Most errors in the network originate from the original source. When the error occurs in the intermediate device, even if the source receives an error report, it cannot determine which network device caused the error.
[AR1-acl-adv-3000]rule deny ip source 192.168.1.1 0 destination 10.1.12.2 0
[AR1-GigabitEthernet0/0/0]traffic-filter inbound acl 3000