RARP - Reverse Address Resolution Protocol
What is RARP?
RARP stands for Reverse Address Resolution Protocol. It is a network protocol used by a device to discover its own IP address when it only knows its MAC (hardware) address. It’s essentially the reverse of ARP.
Why is RARP useful?
RARP was useful in early networked systems where: * Devices (like diskless workstations) did not have permanent storage to save their IP address. * They needed to request their IP address from a RARP server at boot time. * It allowed automatic IP assignment based on the device’s MAC address.
RARP is now largely obsolete and has been replaced by more flexible protocols like BOOTP and DHCP.
How it works?
Device boots up – It knows its MAC address but not its IP address.
Sends RARP request – A broadcast message is sent asking, “What is my IP address?”.
RARP server responds – The server looks up the MAC address in a table and replies with the corresponding IP address.
Device configures itself – It uses the received IP address to join the network.
Where is RARP used?
Diskless workstations – Early computers that booted over the network.
Embedded systems – Devices that needed to get an IP address without user configuration.
Legacy networks – Before DHCP became the standard.
Which OSI layer does this protocol belong to?
It uses MAC addresses to identify devices.
It works below the IP layer, helping devices obtain their IP address.
Like ARP, it uses Ethernet frames for communication, not IP packets.
Therefore, RARP belongs to the Data Link Layer (Layer 2) of the OSI model.
Topics in this section,
In this section, you are going to learn
Terminology
Version Info
RARP |
RFC |
Year |
Core Idea / Contribution |
|---|---|---|---|
Version |
|||
RARP v1 |
|||
RFC 903 |
1984 |
Initial specification of RARP. Allowed a device to discover its IP address using its MAC address. |
|
RARP v2 (DRARP) |
|||
RFC 1931 |
1996 |
Introduced Dynamic RARP |
|
|
|||
for automatic network address |
|||
acquisition. It added dynamic |
|||
capabilities to the otherwise |
|||
static RARP. |
setup
setup
RARP Request Packet
S.No |
Protocol Packets |
Description |
Size(bytes) |
|---|---|---|---|
1 |
RARP Request Packet |
28 |
|
Hardware Type (HTYPE) |
type of hardware used for the network (1 for Ethernet). |
2 |
|
Protocol Type (PTYPE) |
type of protocol address being mapped ( 0x0800 for IPv4). |
2 |
|
Hardware Address Length (HLEN) |
length of the hardware address (6 for Ethernet). |
1 |
|
Protocol Address Length (PLEN) |
length of the protocol address (4 for IPv4). |
1 |
|
Operation (OPER) |
Specifies the type of RARP message (3 for request, 4 for reply). |
2 |
|
Sender Hardware Address (SHA) |
MAC address of the sender. |
6 |
|
Sender Protocol Address (SPA) |
IP address of the sender (set to 0.0.0.0 in RARP requests). |
4 |
|
Target Hardware Address (THA) |
MAC address of the target. |
6 |
|
Target Protocol Address (TPA) |
IP address of the target (set to 0.0.0.0 in RARP requests). |
4 |
|
RARP Reply Packet
S.No |
Protocol Packets |
Description |
Size(bytes) |
|---|---|---|---|
2 |
RARP Reply Packet |
28 |
|
Hardware Type (HTYPE) |
type of hardware used for the network (1 for Ethernet). |
2 |
|
Protocol Type (PTYPE) |
type of protocol address being mapped ( 0x0800 for IPv4). |
2 |
|
Hardware Address Length (HLEN) |
length of the hardware address (6 for Ethernet). |
1 |
|
Protocol Address Length (PLEN) |
length of the protocol address (4 for IPv4). |
1 |
|
Operation (OPER) |
Specifies the type of RARP message (3 for request, 4 for reply). |
2 |
|
Sender Hardware Address (SHA) |
MAC address of the sender. |
6 |
|
Sender Protocol Address (SPA) |
IP address of the sender |
4 |
|
Target Hardware Address (THA) |
MAC address of the target. |
6 |
|
Target Protocol Address (TPA) |
IP address of the target |
4 |
|
S.no |
Use Case |
Description |
|---|---|---|
1 |
Diskless Workstations |
RARP was primarily used by diskless systems to obtain their IP |
address at boot time using their MAC address. |
||
2 |
Network Booting |
Devices without local storage used RARP to fetch |
IP addresses before loading an OS over the network. |
||
3 |
Embedded Systems |
Early embedded devices with limited configuration interfaces |
used RARP for automatic IP assignment. |
||
4 |
Legacy Network Environments |
Older networks that predate DHCP or BOOTP sometimes still use |
RARP for backward compatibility. |
||
5 |
Simplified IP Configuration |
In small or static networks, RARP provided a simple way to assign IPs |
without a full DHCP setup. |
S.no |
Feature |
Description |
|---|---|---|
1 |
MAC-to-IP Resolution |
RARP allows a device to discover its IP address using its known MAC address. |
2 |
Operates at Data Link Layer |
RARP functions at the OSI Layer 2, using Ethernet frames for |
communication. |
||
3 |
Stateless Protocol |
RARP does not maintain session state; it simply responds to requests. |
4 |
Broadcast-Based Request |
RARP requests are broadcast on the local network to reach a RARP server. |
5 |
Server-Dependent |
Requires a RARP server on the same local network to respond to requests. |
6 |
Limited to IPv4 |
RARP was designed for IPv4 and does not support IPv6. |
7 |
No Support for Dynamic Allocation |
Unlike DHCP, RARP does not dynamically assign IP addresses. |
MAC to IP resolution - Testcases
# |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Valid MAC address |
Known MAC in server table |
Correct IP returned |
2 |
Unknown MAC address |
MAC not in server table |
No IP returned |
3 |
Broadcast request |
RARP request sent as broadcast |
Server receives request |
4 |
Unicast request |
RARP request sent directly |
Server responds if MAC matches |
5 |
Duplicate MACs |
Same MAC mapped to multiple IPs |
Conflict or error |
6 |
Static mapping |
MAC-IP mapping preconfigured |
IP returned |
7 |
Dynamic mapping |
Server assigns IP dynamically |
IP returned |
8 |
Server timeout |
Server delays response |
Client times out |
9 |
Server unreachable |
Network issue |
No response |
10 |
MAC spoofing |
Fake MAC used |
Incorrect or no IP returned |
11 |
Server restart |
Server rebooted |
Service resumes |
12 |
Retry mechanism |
No response initially |
Client retries |
13 |
High load |
Many requests at once |
Server handles load |
14 |
Logging enabled |
Server logs requests |
MAC-IP logged |
15 |
MAC filtering |
Server blocks certain MACs |
No IP returned |
16 |
VLAN environment |
RARP over VLAN |
IP returned if server reachable |
17 |
Trunk port |
RARP over trunk |
IP returned if VLAN allowed |
18 |
Wi-Fi client |
Wireless device sends RARP |
Not supported |
19 |
Loopback interface |
RARP on loopback |
Not applicable |
20 |
PPP link |
RARP over PPP |
Not supported |
21 |
IPv6-only network |
No IPv4 |
RARP not supported |
22 |
IPv4 network |
Standard environment |
IP returned |
23 |
BOOTP server present |
BOOTP enabled |
RARP ignored |
24 |
DHCP server present |
DHCP enabled |
RARP ignored |
25 |
Proxy in path |
Proxy between client/server |
No effect |
26 |
NAT environment |
Behind NAT |
Not applicable |
27 |
MAC address format |
Valid 48-bit MAC |
Accepted |
28 |
Invalid MAC format |
Incorrect length |
Rejected |
29 |
Ethernet frame valid |
Proper RARP frame |
Recognized |
30 |
Corrupted frame |
Malformed packet |
Ignored |
31 |
RARP daemon active |
Server running RARP service |
Responds correctly |
32 |
Firewall on server |
RARP blocked |
No response |
33 |
Firewall on client |
RARP blocked |
No request sent |
34 |
Port security enabled |
Switch limits MACs |
May block request |
35 |
Spanning tree delay |
STP convergence |
Request delayed |
36 |
Link aggregation |
Bonded interfaces |
MAC must match |
37 |
Virtual MAC |
Virtualized environment |
IP returned if mapped |
38 |
Container MAC |
Docker/LXC |
Depends on bridge config |
39 |
Hypervisor MAC |
VM requests IP |
IP returned if supported |
40 |
PXE boot |
Bootloader uses RARP |
IP assigned |
41 |
Embedded device |
IoT or firmware |
IP assigned |
42 |
Legacy OS |
UNIX/Linux |
RARP supported |
43 |
Modern OS |
Windows/macOS/Linux |
RARP deprecated |
44 |
MAC in ARP cache |
Already resolved |
RARP not needed |
45 |
MAC not in ARP cache |
Unknown MAC |
RARP used |
46 |
MAC-IP mismatch |
Wrong mapping |
Incorrect IP or error |
47 |
Server with ARP only |
No RARP support |
No response |
48 |
Server with RARP + ARP |
Dual support |
RARP handled correctly |
49 |
MAC address case sensitivity |
Upper/lowercase MAC |
Handled correctly |
50 |
MAC address collision |
Duplicate MACs on network |
Unpredictable result |
Data Link Layer - Testcases
# |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Ethernet frame format |
RARP uses Ethernet frame |
Frame recognized |
2 |
No IP stack |
Client has no IP layer |
RARP still functions |
3 |
Layer 2 broadcast |
RARP sent as Ethernet broadcast |
All devices receive |
4 |
Layer 2 unicast |
RARP sent to specific MAC |
Only target receives |
5 |
MAC address only |
No IP in request |
Valid RARP behavior |
6 |
No Layer 3 headers |
No IP/TCP/UDP |
Valid RARP frame |
7 |
Use of EtherType 0x8035 |
RARP EtherType used |
Frame identified as RARP |
8 |
Switch forwarding |
Ethernet switch forwards RARP |
Frame delivered |
9 |
Hub broadcasting |
Ethernet hub broadcasts RARP |
All ports receive |
10 |
VLAN tagging |
RARP over 802.1Q VLAN |
Frame delivered if VLAN allowed |
11 |
Trunk port |
RARP over trunk |
Delivered if VLAN tagged |
12 |
MAC filtering |
Switch filters MAC |
RARP blocked |
13 |
Port security |
Switch limits MACs |
RARP may be dropped |
14 |
STP delay |
Spanning Tree Protocol active |
RARP delayed |
15 |
MAC learning |
Switch learns MAC from RARP |
MAC table updated |
16 |
MAC aging |
MAC entry expires |
RARP triggers relearning |
17 |
Frame size check |
Ethernet frame within limits |
Frame accepted |
18 |
Jumbo frame |
Oversized RARP frame |
May be dropped |
19 |
Frame CRC error |
Corrupted Ethernet frame |
Dropped by NIC |
20 |
NIC promiscuous mode |
NIC captures all frames |
RARP visible |
21 |
NIC filtering |
NIC filters non-IP frames |
RARP may be ignored |
22 |
Wireshark capture |
Capture Ethernet traffic |
RARP frame visible |
23 |
MAC spoofing |
Fake MAC in RARP |
May cause conflict |
24 |
MAC collision |
Duplicate MACs |
Unpredictable behavior |
25 |
Ethernet loop |
RARP in looped network |
May cause broadcast storm |
26 |
Bridge forwarding |
Ethernet bridge forwards RARP |
Frame delivered |
27 |
Layer 2 firewall |
Filters Ethernet frames |
RARP may be blocked |
28 |
Ethernet over USB |
RARP over USB Ethernet |
Frame delivered |
29 |
Ethernet over fiber |
RARP over fiber NIC |
Frame delivered |
30 |
Ethernet over coax |
Legacy network |
RARP supported |
31 |
Virtual NIC |
RARP from VM |
Frame sent |
32 |
Container NIC |
RARP from container |
Frame sent if bridged |
33 |
Hypervisor bridge |
RARP through virtual switch |
Frame forwarded |
34 |
MAC address case |
Upper/lowercase MAC |
Handled correctly |
35 |
MAC address length |
48-bit MAC required |
Valid frame |
36 |
Non-Ethernet media |
Token Ring/FDDI |
RARP not supported |
37 |
Ethernet II frame |
Standard frame format |
RARP supported |
38 |
802.3 frame |
With LLC header |
RARP may not be recognized |
39 |
Ethernet encapsulation |
RARP inside Ethernet |
Valid |
40 |
Ethernet loopback |
RARP to self |
Frame received |
41 |
Ethernet multicast |
RARP not multicast |
Frame ignored |
42 |
Ethernet broadcast storm |
Excessive RARP |
Network congestion |
43 |
Ethernet frame priority |
QoS tagging |
RARP unaffected |
44 |
Ethernet frame padding |
Short frame padded |
Still valid |
45 |
Ethernet frame replay |
Duplicate RARP |
May be ignored |
46 |
Ethernet frame delay |
Network latency |
RARP delayed |
47 |
Ethernet frame loss |
Dropped frame |
RARP retry needed |
48 |
Ethernet frame duplication |
Same RARP sent twice |
One response expected |
49 |
Ethernet frame inspection |
Analyze with tool |
RARP frame visible |
50 |
Ethernet frame injection |
Inject RARP manually |
Server responds if valid |
Statless Protocol - Testcases
# |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Single request |
Send one RARP request |
Server responds without storing state |
2 |
Multiple requests |
Send repeated RARP requests |
Each handled independently |
3 |
No session tracking |
Server receives request |
No session ID maintained |
4 |
No connection setup |
No handshake |
Request processed statelessly |
5 |
No connection teardown |
No session close |
Stateless behavior |
6 |
Request from same MAC |
Send twice |
Same response, no memory of first |
7 |
Request from different MACs |
Multiple clients |
Each handled independently |
8 |
Server reboot |
Restart server |
No session loss (stateless) |
9 |
Client reboot |
Restart client |
Server still responds |
10 |
No cookies or tokens |
No session tokens used |
Stateless confirmed |
11 |
No authentication |
No login required |
Stateless operation |
12 |
No session timeout |
No idle timeout |
Stateless behavior |
13 |
No session logs |
Server logs requests only |
No session tracking |
14 |
No session cache |
Server does not cache sessions |
Stateless confirmed |
15 |
No session reuse |
Each request is fresh |
No reuse of state |
16 |
No session ID in packet |
Inspect RARP frame |
No session identifier |
17 |
Stateless under load |
High volume of requests |
Server handles all independently |
18 |
Stateless after delay |
Wait before sending |
Server still responds |
19 |
Stateless across VLANs |
Requests from different VLANs |
Each handled separately |
20 |
Stateless with spoofed MAC |
Fake MAC used |
Treated as new request |
21 |
Stateless with duplicate MACs |
Same MAC from two clients |
No conflict tracking |
22 |
Stateless with retry |
Client retries request |
Server responds again |
23 |
Stateless with dropped packet |
Packet lost |
No state retained |
24 |
Stateless with malformed packet |
Invalid frame |
Dropped without state |
25 |
Stateless with broadcast |
Multiple clients broadcast |
Each handled independently |
26 |
Stateless with unicast |
Direct request |
Still stateless |
27 |
Stateless with firewall |
Firewall blocks request |
No state retained |
28 |
Stateless with NAT |
Behind NAT |
No session tracking |
29 |
Stateless with proxy |
Proxy forwards request |
Server unaware of proxy |
30 |
Stateless with VLAN hopping |
MAC appears on different VLAN |
Treated as new request |
31 |
Stateless with MAC change |
Client changes MAC |
New request processed |
32 |
Stateless with virtual MAC |
VM sends request |
Treated independently |
33 |
Stateless with container MAC |
Docker container sends |
No state retained |
34 |
Stateless with hypervisor |
VM restarts |
Server responds again |
35 |
Stateless with PXE boot |
Bootloader sends RARP |
Server responds statelessly |
36 |
Stateless with embedded device |
IoT device sends RARP |
Stateless response |
37 |
Stateless with legacy OS |
Old UNIX system |
Stateless behavior |
38 |
Stateless with modern OS |
Linux/macOS |
Stateless behavior |
39 |
Stateless with logging enabled |
Server logs request |
No session info stored |
40 |
Stateless with monitoring tool |
Observe traffic |
No session state seen |
41 |
Stateless with duplicate requests |
Same request twice |
Same response |
42 |
Stateless with delayed response |
Server slow |
Still stateless |
43 |
Stateless with multiple interfaces |
Server has many NICs |
Each request handled statelessly |
44 |
Stateless with MAC flooding |
Many MACs send RARP |
Server handles all |
45 |
Stateless with spoofed server |
Fake server responds |
No session validation |
46 |
Stateless with ARP cache |
Client caches IP |
Server remains stateless |
47 |
Stateless with no cache |
Client does not cache |
Server still stateless |
48 |
Stateless with switch reboot |
Network switch restarts |
Server unaffected |
49 |
Stateless with packet replay |
Replay old RARP |
Server responds again |
50 |
Stateless with no response |
Server down |
No session error, just no reply |
Broadcast based Req - Testcases
# |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Standard broadcast |
RARP sent to FF:FF:FF:FF:FF:FF |
All devices receive |
2 |
Server on same subnet |
RARP broadcast sent |
Server responds |
3 |
Server on different subnet |
RARP broadcast sent |
No response (not routed) |
4 |
Broadcast blocked by switch |
Switch filters broadcast |
RARP fails |
5 |
Broadcast storm |
Excessive RARP broadcasts |
Network congestion |
6 |
Broadcast with VLAN tag |
Tagged Ethernet frame |
Delivered if VLAN allowed |
7 |
Broadcast with trunk port |
Sent over trunk |
Delivered if VLAN permitted |
8 |
Broadcast with port security |
Switch limits MACs |
May block RARP |
9 |
Broadcast with STP delay |
Spanning Tree convergence |
RARP delayed |
10 |
Broadcast with loop prevention |
Loop guard active |
RARP delivered safely |
11 |
Broadcast with firewall |
Firewall blocks Layer 2 |
RARP blocked |
12 |
Broadcast with Wireshark |
Capture RARP broadcast |
Frame visible |
13 |
Broadcast with packet sniffer |
Monitor network |
RARP frame detected |
14 |
Broadcast with multiple servers |
All receive RARP |
First to respond is used |
15 |
Broadcast with no server |
No RARP server present |
No response |
16 |
Broadcast with spoofed MAC |
Fake MAC in request |
Server may respond |
17 |
Broadcast with invalid frame |
Malformed RARP |
Dropped by devices |
18 |
Broadcast with valid frame |
Proper RARP format |
Delivered successfully |
19 |
Broadcast with duplicate MACs |
Same MAC from two devices |
Unpredictable behavior |
20 |
Broadcast with virtual MAC |
VM sends RARP |
Delivered if bridged |
21 |
Broadcast with container MAC |
Docker container sends |
Delivered if bridged |
22 |
Broadcast with hypervisor |
VM sends RARP |
Delivered to server |
23 |
Broadcast with PXE boot |
Bootloader sends RARP |
Server responds |
24 |
Broadcast with embedded device |
IoT device sends RARP |
Server responds |
25 |
Broadcast with legacy OS |
UNIX/Linux |
RARP broadcast supported |
26 |
Broadcast with modern OS |
Windows/macOS |
RARP deprecated |
27 |
Broadcast with ARP cache |
MAC already known |
RARP still broadcast |
28 |
Broadcast with no ARP cache |
MAC unknown |
RARP broadcast sent |
29 |
Broadcast with retry |
No response initially |
RARP rebroadcasted |
30 |
Broadcast with delay |
Network latency |
RARP delayed |
31 |
Broadcast with loss |
Frame dropped |
RARP retried |
32 |
Broadcast with duplication |
Same RARP sent twice |
Server responds again |
33 |
Broadcast with inspection tool |
Analyze Ethernet |
RARP frame visible |
34 |
Broadcast with injection tool |
Inject RARP manually |
Server responds |
35 |
Broadcast with MAC filtering |
Switch filters MAC |
RARP blocked |
36 |
Broadcast with multicast filter |
Multicast filter active |
RARP unaffected |
37 |
Broadcast with loopback |
Sent to self |
Not applicable |
38 |
Broadcast with NAT |
Behind NAT |
RARP not routed |
39 |
Broadcast with proxy |
Proxy in path |
No effect on Layer 2 |
40 |
Broadcast with DHCP server |
DHCP present |
RARP still broadcast |
41 |
Broadcast with BOOTP server |
BOOTP present |
RARP still broadcast |
42 |
Broadcast with IPv6-only network |
No IPv4 |
RARP not supported |
43 |
Broadcast with IPv4 network |
Standard LAN |
RARP supported |
44 |
Broadcast with Ethernet II |
Standard frame |
RARP supported |
45 |
Broadcast with 802.3 frame |
LLC header present |
RARP may not be recognized |
46 |
Broadcast with CRC error |
Corrupted frame |
Dropped |
47 |
Broadcast with short frame |
Padding added |
Still valid |
48 |
Broadcast with jumbo frame |
Oversized frame |
May be dropped |
49 |
Broadcast with QoS tag |
Priority tagging |
RARP unaffected |
50 |
Broadcast with MAC learning |
Switch learns MAC |
MAC table updated |
Server Dependent - Testcases
# |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Server available |
RARP server on LAN |
IP address returned |
2 |
No server present |
No RARP server |
No response |
3 |
Server on different subnet |
Not on same LAN |
No response |
4 |
Server powered off |
Server offline |
No response |
5 |
Server rebooted |
Server restarts |
Service resumes |
6 |
Server with firewall |
RARP blocked |
No response |
7 |
Server with RARP daemon |
Service running |
Responds correctly |
8 |
Server with ARP only |
No RARP support |
No response |
9 |
Server with DHCP only |
No RARP support |
No response |
10 |
Server with BOOTP only |
No RARP support |
No response |
11 |
Server with RARP + ARP |
Dual support |
RARP handled |
12 |
Server with logging |
Logs RARP requests |
Entries recorded |
13 |
Server with MAC filtering |
Blocks certain MACs |
No response |
14 |
Server with static mapping |
Predefined MAC-IP |
IP returned |
15 |
Server with dynamic mapping |
Assigns IP on request |
IP returned |
16 |
Server with duplicate MACs |
Same MAC mapped twice |
Conflict or error |
17 |
Server under load |
High request volume |
Responds if not overloaded |
18 |
Server with retry logic |
Handles repeated requests |
Responds consistently |
19 |
Server with VLAN config |
On same VLAN |
Responds |
20 |
Server on trunk port |
Tagged VLANs |
Responds if VLAN allowed |
21 |
Server with port security |
MAC limited |
May block request |
22 |
Server with STP delay |
Spanning Tree active |
Response delayed |
23 |
Server with loop prevention |
Loop guard enabled |
Responds safely |
24 |
Server with virtual NIC |
VM-based server |
Responds if bridged |
25 |
Server with container NIC |
Docker-based server |
Responds if bridged |
26 |
Server with hypervisor |
Hosted on VM |
Responds if networked |
27 |
Server with PXE support |
Bootloader requests |
Responds with IP |
28 |
Server with embedded device |
Lightweight RARP server |
Responds correctly |
29 |
Server with legacy OS |
UNIX/Linux |
RARP supported |
30 |
Server with modern OS |
Windows/macOS |
RARP deprecated |
31 |
Server with NAT |
Behind NAT |
No response (Layer 2) |
32 |
Server with proxy |
Proxy in path |
No effect |
33 |
Server with MAC spoofing |
Fake MAC in table |
Responds incorrectly |
34 |
Server with duplicate IPs |
Same IP mapped to multiple MACs |
Conflict |
35 |
Server with ARP cache |
MAC-IP already known |
Still responds |
36 |
Server with no ARP cache |
Fresh request |
Responds normally |
37 |
Server with packet sniffer |
Monitor RARP |
Request visible |
38 |
Server with injection tool |
Inject RARP manually |
Server responds |
39 |
Server with invalid frame |
Malformed RARP |
Dropped |
40 |
Server with valid frame |
Proper RARP |
Responds correctly |
41 |
Server with CRC error |
Corrupted frame |
Dropped |
42 |
Server with short frame |
Padding added |
Still valid |
43 |
Server with jumbo frame |
Oversized RARP |
May be dropped |
44 |
Server with QoS tag |
Priority tagging |
RARP unaffected |
45 |
Server with MAC learning |
Learns from RARP |
MAC table updated |
46 |
Server with MAC aging |
Entry expires |
Still responds |
47 |
Server with duplicate requests |
Same request twice |
Responds again |
48 |
Server with delayed response |
Slow server |
Client may retry |
49 |
Server with broadcast filter |
Blocks Layer 2 broadcast |
No response |
50 |
Server with compliance check |
Audit RARP behavior |
Server dependency confirmed |
Limited to IPv4 - Testcases
# |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
IPv4 network |
Standard IPv4 LAN |
RARP functions correctly |
2 |
IPv6-only network |
No IPv4 configured |
RARP fails |
3 |
Dual-stack network |
IPv4 + IPv6 |
RARP works only with IPv4 |
4 |
IPv6 address request |
Client requests IPv6 |
RARP does not respond |
5 |
IPv4 address request |
Client requests IPv4 |
RARP responds |
6 |
IPv6-only client |
No IPv4 stack |
Cannot use RARP |
7 |
IPv4-only client |
No IPv6 stack |
RARP supported |
8 |
IPv6-enabled server |
RARP server supports IPv6 |
Still only responds to IPv4 |
9 |
IPv6 broadcast |
RARP sent over IPv6 |
Not supported |
10 |
IPv6 multicast |
RARP sent as multicast |
Not supported |
11 |
IPv6 tunneling |
RARP over IPv6 tunnel |
Not supported |
12 |
IPv6 router |
RARP request routed |
Not possible (Layer 2 only) |
13 |
IPv6 firewall |
Filters IPv6 traffic |
No effect on RARP |
14 |
IPv6 DNS resolution |
Uses AAAA records |
RARP not involved |
15 |
IPv6 SLAAC |
Stateless address config |
RARP not used |
16 |
IPv6 DHCPv6 |
Dynamic IPv6 assignment |
RARP not used |
17 |
IPv6-only switch |
No IPv4 support |
RARP not supported |
18 |
IPv6-only OS |
No IPv4 stack |
RARP fails |
19 |
IPv6-only NIC |
No IPv4 support |
RARP not supported |
20 |
IPv6-only embedded device |
No IPv4 |
RARP not supported |
21 |
IPv6-only VM |
Virtual machine with IPv6 |
RARP not supported |
22 |
IPv6-only container |
Docker container |
RARP not supported |
23 |
IPv6-only PXE boot |
Bootloader uses IPv6 |
RARP not supported |
24 |
IPv6-only IoT device |
No IPv4 |
RARP not supported |
25 |
IPv6-only hypervisor |
No IPv4 stack |
RARP not supported |
26 |
IPv6-only VLAN |
VLAN configured for IPv6 |
RARP not supported |
27 |
IPv6-only trunk port |
Tagged IPv6 VLANs |
RARP not supported |
28 |
IPv6-only router advertisement |
RA messages |
RARP not used |
29 |
IPv6-only DHCP relay |
IPv6 relay agent |
RARP not used |
30 |
IPv6-only DNS server |
No A records |
RARP not used |
31 |
IPv6-only NAT64 |
IPv6 to IPv4 translation |
RARP not supported |
32 |
IPv6-only firewall rules |
IPv6 ACLs |
RARP unaffected |
33 |
IPv6-only monitoring |
IPv6 traffic analysis |
RARP not visible |
34 |
IPv6-only packet capture |
Capture IPv6 only |
RARP not seen |
35 |
IPv6-only testbed |
IPv6-only lab |
RARP fails |
36 |
IPv6-only compliance |
IPv6-only policy |
RARP not compliant |
37 |
IPv6-only security scan |
IPv6 scan tools |
RARP not detected |
38 |
IPv6-only audit |
IPv6-only network audit |
RARP unsupported |
39 |
IPv6-only switch ACL |
Filters IPv6 |
RARP unaffected |
40 |
IPv6-only routing table |
No IPv4 routes |
RARP not routed |
41 |
IPv6-only DNS resolver |
No IPv4 fallback |
RARP not used |
42 |
IPv6-only DHCPv6 server |
No IPv4 pool |
RARP not used |
43 |
IPv6-only VPN |
IPv6 tunnel |
RARP not supported |
44 |
IPv6-only cloud instance |
No IPv4 address |
RARP not supported |
45 |
IPv6-only mobile device |
No IPv4 stack |
RARP not supported |
46 |
IPv6-only wireless controller |
IPv6-only config |
RARP not supported |
47 |
IPv6-only RADIUS server |
Auth over IPv6 |
RARP not used |
48 |
IPv6-only syslog server |
Logs IPv6 traffic |
RARP not logged |
49 |
IPv6-only SNMP monitoring |
IPv6 MIBs |
RARP not monitored |
50 |
IPv6-only compliance scanner |
IPv6-only scan |
RARP not detected |
No Support for Dynamic Allocation - Testcases
# |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Static MAC-IP mapping |
Predefined entry in server |
IP returned |
2 |
No mapping in server |
MAC not listed |
No IP assigned |
3 |
Request from new MAC |
Unknown MAC address |
No IP assigned |
4 |
Request from known MAC |
Listed in server |
IP returned |
5 |
Change MAC address |
New MAC not mapped |
No IP assigned |
6 |
Duplicate MACs |
Same MAC on two devices |
Conflict or error |
7 |
Server with DHCP |
DHCP enabled |
RARP still static |
8 |
Server with BOOTP |
BOOTP enabled |
RARP still static |
9 |
Server with dynamic pool |
Pool configured |
RARP does not use it |
10 |
Server with static table |
Fixed entries |
RARP uses only static |
11 |
Client with no mapping |
MAC not in table |
No IP assigned |
12 |
Client with mapping |
MAC in table |
IP returned |
13 |
Mapping update |
Change IP for MAC |
New IP returned |
14 |
Mapping removal |
Delete MAC entry |
No IP assigned |
15 |
Mapping conflict |
Two MACs mapped to same IP |
Conflict |
16 |
Mapping duplication |
Same MAC mapped to two IPs |
Conflict |
17 |
Server restart |
Static table reloaded |
IPs still assigned |
18 |
Server with empty table |
No entries |
No IPs assigned |
19 |
Server with full table |
All MACs mapped |
Only listed MACs get IPs |
20 |
Server with expired entry |
Entry removed |
No IP assigned |
21 |
Server with lease time |
Lease expires |
RARP unaffected |
22 |
Server with dynamic assignment enabled |
DHCP active |
RARP ignores it |
23 |
Client retries |
Repeated requests |
Same IP returned |
24 |
Client spoofing MAC |
Fake MAC used |
IP returned if mapped |
25 |
Client with multiple NICs |
Different MACs |
Each needs mapping |
26 |
Client with virtual MAC |
VM MAC address |
IP returned if mapped |
27 |
Client with container MAC |
Docker MAC |
IP returned if mapped |
28 |
Client with hypervisor MAC |
Virtualized MAC |
IP returned if mapped |
29 |
Client with embedded MAC |
IoT device |
IP returned if mapped |
30 |
Client with PXE boot |
Bootloader MAC |
IP returned if mapped |
31 |
Client with legacy OS |
UNIX/Linux |
RARP works with static mapping |
32 |
Client with modern OS |
Windows/macOS |
RARP deprecated |
33 |
Server with MAC filtering |
Only listed MACs allowed |
Others blocked |
34 |
Server with logging |
Logs static assignments |
Entries recorded |
35 |
Server with monitoring |
Tracks MAC-IP usage |
Static only |
36 |
Server with SNMP |
Monitors static table |
No dynamic data |
37 |
Server with API |
Static table managed via API |
RARP uses updated table |
38 |
Server with GUI |
Admin updates static table |
RARP uses new entries |
39 |
Server with CLI |
Static entries added via CLI |
RARP uses them |
40 |
Server with config file |
Static table in file |
RARP reads from file |
41 |
Server with database |
Static mappings stored in DB |
RARP queries DB |
42 |
Server with backup |
Static table backed up |
Restored after reboot |
43 |
Server with failover |
Secondary server has same table |
IPs still assigned |
44 |
Server with sync |
Static tables synced |
Consistent IP assignment |
45 |
Server with audit log |
Tracks static assignments |
No dynamic logs |
46 |
Server with compliance check |
Static-only policy |
RARP passes |
47 |
Server with security scan |
Scan for dynamic behavior |
RARP flagged as static |
48 |
Server with DHCP fallback |
DHCP used if RARP fails |
RARP still static |
49 |
Server with MAC aging |
MACs expire |
RARP unaffected |
50 |
Server with dynamic override |
Admin tries dynamic config |
RARP ignores it |
Reference links