1

I'm working on an embedded platform with very limited resources where I need to build my own Ethernet frames.

If I need to answer a UDP request with a UDP reply, is it ever not OK to just send the reply back to the Ethernet source MAC address of the request packet instead of doing a full ARP lookup of the source IP address?

If so, a list of concrete examples where a reply would need to be sent to a different MAC address than the request came from would be very useful.

Clearly, if the request originator changed their own MAC address right after sending the request, that would be a trivial example, but let's ignore that case.

Markus A.
  • 419
  • 7
  • 18
  • If you are following the standard ([RFC 826](https://tools.ietf.org/html/rfc826)), your ARP table is only updated by ARP packets. ARP is a separate process with a separate EtherType (0x0806), and only frames with that EtherType have their payloads sent to the ARP process. That means only ARP packets update the ARP table. – Ron Maupin Jun 23 '19 at 00:38
  • @RonMaupin Correct. I wasn't actually thinking about using those source MACs to update my ARP table, I was more thinking of trying to do without an ARP table entirely. :) – Markus A. Jun 23 '19 at 02:51
  • @RonMaupin Would this be more appropriate for Network Engineering? – Ward - Trying Codidact Jun 23 '19 at 03:30
  • @Ward I posted it here since it's really a question about understanding the different ways in which routers, switches, and firewalls might rewrite packets in different actual network setups rather than about how to implement the idea. In fact, if the answer could include things like "this setup could cause such a change, and it's fairly common; or that setup could, but that's more an academic possibility and not expected in the wild", that would be extremely useful. And I would expect network admins to probably have the best understanding here. – Markus A. Jun 23 '19 at 03:36
  • @MarkusA. I won't migrate it if you don't want to, but since Ron is a mod on Network Engineering, I thought I'd see if it would also be on-topic there. – Ward - Trying Codidact Jun 23 '19 at 03:38
  • @Ward Oh! I didn't know he was! Then, of course, if he thinks it would be more likely to get a useful answer there, please do migrate it or let me know and I can (I would need to make an account first)! :) Thank you! – Markus A. Jun 23 '19 at 03:39
  • @Ward, not really any more on-topic for NE, and it would probably get close votes because it has to do with what the host device does (or does not do). Personally, I would suggest asking something like this on [so] because it is going to require custom programming (standard network stacks do not do it this way). – Ron Maupin Jun 24 '19 at 00:32

1 Answers1

2

What comes to mind for me is if you have asymmetric routing between your hosts A and B (I use B for the embedded device in the question).
Ie, a network setup such that the route from A to B is not the same as from B to A.

Example:

A -> router1 -> B
A <- router2 <- B

In this case B would see router1's MAC address, but should send to router2's MAC address (discovered by examining its routing table and then ARP table).

Not your most typical setup, but entirely possible and much less of an edge case than a host in the same network that switches MAC addresses just as you are handling a packet.

Håkan Lindqvist
  • 35,011
  • 5
  • 69
  • 94