Briefly talk about the commonly used ICMP and ARP protocols

Article Directory


Insert picture description here
[Huawei]sysname AR1
[AR1]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip address 24
[AR1-GigabitEthernet0/0/0]int g0/0/1
[AR1-GigabitEthernet0/0/1]ip address 24
[AR1-ospf-1]a 0

PC PING test Server1 (

Insert picture description here

Why does the first PING packet fail/time out? The PING package after that is no problem.

Because there is no target MAC address at the beginning, Layer 2 cannot be encapsulated.

First of all, let's take a test in PING to see how it goes.


Insert picture description here

From the above output, we can see that the first PING packet did not time out!

Then let's refresh the router's ARP table to see how it goes.

[AR1]display arp

reset arp dynamic

Insert picture description here

PC and then PING to test Server1 ( when will the

Insert picture description here

Insert picture description here

network device send gratuitous ARP packets?

Connect a router to AR1, configure an IP address ( for interface G0/0/2, and enable packet capture at the same time.

Insert picture description here

Answer: When the interface of the network device is configured with an IP address, it will send a gratuitous ARP packet.

Gratuitous ARP message: The IP address of the sent ARP message is the same as the target IP address.

How ARP works

ARP: Resolve IP address into MAC address.

Work on the data link layer.

Condition: When the need to access the destination IP address does not have a corresponding entry in the ARP cache table.

ARP packet

arp request (usually broadcast):
When the destination IP address of the visit is the same network segment, the MAC address corresponding to the requested access destination IP address;
when the destination IP address of the visit is not in the same network segment, the MAC address corresponding to the gateway IP is requested address.

arp reply (unicast reply):
When a request message is received and the destination IP address is consistent with the IP address of the receiving interface, the reply is arpreply, including the correspondence between the IP address of its own interface and the MAC address;
when the request message is received, the destination When the IP address is inconsistent with the IP address of the receiving interface, if the ARP proxy function is not enabled, no message will be returned;
if the ARP proxy function is enabled, the arp reply will be returned after certain conditions are met, including the destination IP address of the request and the MAC of the own interface Correspondence of addresses.

ICMP principle description

The ICMP network control information protocol is an error reporting mechanism, which is usually used by the IP layer or higher-level protocols. The ICMP message is encapsulated in the IP datagram, and transmitted through the Internet as the data part of the IP datagram.

The fields in the IP datagram only contain the source and the final destination, and do not record the entire path of the packet in the network transmission. Therefore, when a device detects an error, it cannot notify the intermediate network device, and can only send an error report to the source.

When an error occurs in a datagram, ICMP only reports the error to the source of the datagram, and neither corrects the error nor informs the intermediate network equipment. Most errors in the network originate from the original source. When the error occurs in the intermediate device, even if the source receives an error report, it cannot determine which network device caused the error.


Insert picture description here

[AR1]acl 3000
[AR1-acl-adv-3000]rule deny ip source 0 destination 0

[AR1]int g0/0/0
[AR1-GigabitEthernet0/0/0]traffic-filter inbound acl 3000

Insert picture description here

time out

Insert picture description here