Introduction
When packets need to travel through a network there are two kinds of addresses (i.e. Internet Protocol(IP) and Media Access Control(MAC) addresses) they’ll need to resolve to ultimately arrive at the destination, and for the destination to know where they came from. Address Resolution Protocol (ARP) [RFC 826] performs this translation.
Network Layer (Layer 3) Address
Specifically here we’ll be talking about IPv4 addresses. IPv4 addresses are 32 bits and typically shown in their dotted decimal form, i.e. 74.125.136.101.
These addresses are how packets are routed over the greater internet and dynamically change as you you move between networks. These are hierarchical and their first bytes identify the network you are in.
Packets at this layer are referred to as datagrams.
Link Layer (Layer 2) Address
Just like hosts and routers have network layer addresses, so too do their network interfaces (adapters). Addresses at this layer are typically referred to as MAC addresses and are 6 bytes long for a total of 2⁴⁸ possible addresses.
MAC addresses are typically expressed in hexadecimal notation (i.e. 27:4B:9B:D9:61:4E). Layer 2 addresses are therefore intended to be globally unique, though they are now subject to user-change through software.
Packets at this layer are referred to as frames.
Why Do We Need a Protocol for Translation?
Let’s start with an example using the diagram above. Suppose host with IP 10.0.0.2(Host 2) wants to send an IP datagram to the host with IP 10.0.0.4(Host 4).
Host 2 will need to give its adapter both the IP datagram and the destination MAC address to construct the link-layer frame for sending into the Local Area Network (LAN). But how does Host 2 discover the MAC address of Host 4 to properly route the link-layer frame through the network to Host 4?
Address Resolution Protocol (ARP)
ARP performs this Layer 2 to Layer 3, IPv4 address to MAC address, resolution much like Domain Name System does with IP addresses and host names. DNS performs this for the whole internet, ARP does so only for a subnet.
Every host and router has an ARP table which maps IP addresses to MAC addresses. If the destination MAC address is already in the table then the host doesn’t need to perform ARP. If it does not have an entry in the ARP table for the destination, then ARP is performed.
The host will construct a special ARP packet, encapsulated in a link-layer frame, with a destination of the MAC broadcast address (FF-FF-FF-FF-FF-FF). javatpoint.com has an excellent article on the format of this packet.
Because the MAC address is not known at the switch, the switch will send the frame out all links. The frame is received by all adapters on the subnet, where the adapter will pass the ARP packet up to the host’s ARP module to check if the IP address of the packet matches the host. The correct host will then respond back with a response ARP packet, providing the correct mapping for the original host’s ARP table.
Conclusion
ARP will take an IPv4 address and, through discovery, translate that to a MAC address on the subnet. If you’re interested in IPv6, the translation protocol is different, Neighbor Discovery Protocol (NDP), which tries to address some of the issues that exist in ARP today like ARP spoofing, MAC flooding, etc.
