| arp |
Resolves IP addresses into media access control (MAC) addresses and caches them for reuse.
arp -s IPaddress MACaddress [interfacenumber] arp -d IPaddress [interfacenumber] arp -a [IPaddress] [-N interfacenumber]
-a [IPaddress]
Resolves the specified IP address into its associated MAC address by querying the Address Resolution Protocol (ARP) cache on the local machine. (If no address is specified, all cached IP-to-MAC address mappings are displayed.)
-g [IPaddress]
Same as -a.
-N interfacenumber
Specifies the network adapter whose ARP cache is to be queried. (Each network adapter has its own ARP cache on a multihomed machine.) Use arp -a to determine the number of each interface. If arp is used without -N on a multihomed machine, the first interface found is used.
-d IPaddress [interfacenumber]
Removes the IP-to-MAC address mapping from the local ARP cache for the specified IP address and interface. If no IPaddress is specified, the top entry in the ARP cache is removed.
-s IPaddress MACaddress [interfacenumber]
Adds a static IP-to-MAC address mapping to the local ARP cache for the specified interface. The MAC address must be expressed in hexidecimal form as 12 characters, in groups of 2, separated by dashes. Static ARP mappings are persistent until the system reboots.
View the ARP cache on the local machine:
arp -a Interface: 172.16.11.104 on Interface 0x2 Internet Address Physical Address Type 172.16.11.100 00-40-95-d1-29-6c dynamic
Ping the host named
Leonardo to determine its IP address, and add a mapping for it to the local ARP cache:
ping -n 1 leonardo Pinging leonardo [172.16.11.39] with 32 bytes of data: Reply from 172.16.11.39: bytes=32 time<10ms TTL=32 Ping statistics for 172.16.11.39: Packets: Sent = 1, Received = 1, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
Verify that an IP-to-MAC address mapping for
Leonardo (172.16.11.39) has been added to the local ARP cache:
arp -a Interface: 172.16.11.104 on Interface 0x2 Internet Address Physical Address Type 172.16.11.39 00-40-95-d1-32-90 dynamic 172.16.11.100 00-40-95-d1-29-6c dynamic
Add a static mapping for
Leonardo to the local ARP cache:
arp -s 172.16.11.39 00-40-95-d1-32-90
Verify the static mapping:
arp -a Interface: 172.16.11.104 on Interface 0x2 Internet Address Physical Address Type 172.16.11.39 00-40-95-d1-32-90 static 172.16.11.100 00-40-95-d1-29-6c dynamic
For one host to communicate with another on a TCP/IP network, the first host uses arp to resolve the second host's IP address into its corresponding MAC address. This MAC address then provides a destination address for Ethernet or token ring frames sent from the first host to the second. arp caches these IP-to-MAC address mappings for a short time (from 2 to 10 minutes) to reduce the number of ARP broadcasts needed.
arp is a useful tool for troubleshooting TCP/IP networks because it can be used to find the MAC address of any host on the local subnet, provided that the IP address for the host is known.
arp can be used to view the ARP cache only on the local machine, not on remote ones.
To reduce broadcast traffic and speed up TCP/IP communications, you can add static mappings to the ARP cache on client machines. This lets clients resolve IP addresses of commonly used servers on the network from the clients' local ARP caches instead of using ARP broadcasts.
To make static ARP cache mappings persistent across reboots, add arp commands to a batch file and run the file at system startup.
Gratuitous ARP (or "courtesy ARP") is a TCP/IP mechanism used by hosts to announce their IP address, which avoids duplicate IP addresses on the network. You can disable gratuitous ARP by editing the registry and specifying 1 for the following value:
HKLM\System\CurrentControlSet\Services\TcpIp\Parameters\ArpRetryCount
ipconfig, pathping, ping,
TCP/IP , tracert