What is the difference between ARP binding and DHCP address reservation?
In my TL-WR1043ND I have these functionalities and both of them pair an IP address to a MAC address. What is the difference?
I read that ARP is for security reasons, others say it is for Wake-on-LAN. I also read there is no difference, but in that case, why do we have both?
-
"DHCP address reservation" specifically means that the router will always offer the given address whenever the host asks for one using the DHCP auto-configuration protocol.
However, only DHCP offers were made static, but the router's IP→MAC neighbour cache (aka the ARP cache) is still filled in dynamically using ARP.
Meaning, if you bypass DHCP and manually configure another host to use the reserved address, it'll work. As soon as the "IP → old MAC" cache entry expires, the router sends a new ARP query, learns the new MAC address, adds "IP → new MAC" to the ARP cache, and packets go to the 'new' host.
-
"ARP binding" won't necessarily affect DHCP, but it does add a fixed IP→MAC entry to the router's neighbour cache.
If another host tries to use the same IP address, the router won't know that. It will trust the fixed IP→MAC binding, and will always send packets to the "bound" MAC address, even if the host is actually offline.
(Note, though: When two hosts within the same subnet communicate, they don't go through the router but send packets directly to each other. So they'll use their own neighbour caches, but will not be affected by the ARP binding done on the router. Only Internet traffic will be affected.)
So far, ARP binding primarily sounds like a security feature – it partially avoids "ARP spoofing" attacks, and works even if DHCP is turned off entirely.
At the same time, though, it can cause even greater confusion, if the router thinks IP address X was bound to MAC X, but the rest of the LAN has learned that it is in fact MAC Y...
It is also not terribly secure since Ethernet MAC addresses are trivial to change or spoof. To make it useful, all switches on the LAN would also need the "sticky MAC address" feature enabled.
I can see it being somewhat useful for Wake-on-LAN, though probably not much better than just broadcasting the magic wake packet.
In some networks, there are some hosts that need to have fixed IPs addresses, say for example : a server, printer... etc which will facilitate the access to them for users and applications, and in order for your network to use the Dynamic Host Configuration Protocol (DHCP) which attribute IPS to hosts) and for those fixed hosts to use a fixed IP, there is this option of "MAC to IP" in your router which reserves those IPs and never give them to other hosts whom they will have different IPs over time.
ARP is : Address Resolution protocol, it is used to get the MAC address from an IP address and is mostly used in Local Area Networks (LAN), and is known to be used by attackers to redirect network traffic as in the Man-in-the-Middle attacks.
The Wake-on-LAN depends on the MAC address to function because when a PC is off and WOL is enabled, the only access to it is thought its MAC address.