 Let's have a look at the address resolution protocol in Linux So we have three Linux machines set up a client router and server or inside virtual box and the client router on one LAN and the router and the server on a second LAN net A and net B and Addresses 192.168.1.0 for net A 192.168.2.0 for net B 11 for client .22 for server and 1.1 and 2.2 for the router interfaces when a Machine wants to talk to another machine on the Same LAN Assuming it knows the destination IP address for example client wants to talk to router with address 192.168.1.1 then it needs to know its corresponding Mac or hardware address and Address resolution protocol is the mechanism for discovering that Mac or hardware address In the basic approach a client when it knows the destination IP address It broadcasts a message on the LAN saying who has this IP address and The router will receive it and the router has that IP address 1.1 And we'll send back a response saying I have this IP address and my MAC address is this value The purpose here isn't to explain how the protocol works But just to see how the command can be utilized in Linux to see some information about what's happening in the background Essentially the protocol runs in the background on each machine in The Linux command line if we go to our client We have a command called ARP which shows us the current mappings that this machine knows about I'll use the minus n option to show the raw or numeric values not the host names or domain names So from the client's perspective it currently has an ARP table with two entries. There's two rows and What it tells us is that the client currently knows that the IP address 192.168.1.1 Corros has this hardware or MAC address is 08 address and That's known because it's lured in the past So ARP is working in the background to update this table on the Linux command line we often just use this table to see the current mappings and My client knows to use interface in P0S8 to contact 192.168.1.1 To contact 10.0.2.2 it will Send to this other hardware address via the S3 interface Which actually corresponds to sending the virtual box router to send out to the internet So the ARP command shows us the current Values that it knows about if I communicate with another node 192.168.2.22 the server And I ping and I Stop that I just sent three pings they communicated and now look at my ARP table then In this case, there's nothing different Because 192.168.2.22 is on a different subnet so In order to communicate with the server the client actually still sends to the router So therefore to send to 192.168.2.22 The client must send to 192.168.1.1 and he already knows that mac address So the point here is the ARP table ARP is local to the LAN communicating with nodes outside of that LAN ARP Doesn't have a role in that's part of routing and our routing table tells us If I want to reach 192.168.2.0 something like the server I will need to send to 192.168.1.1 And I already know the hardware address of 192.168.1.1 to send to So ARP is used inside the local LAN We can manipulate the ARP Table normally we would not we just view it you can if you look at the man page You can See that there's a number of different options on one of them the minus D option is to delete an entry from the ARP table and note it requires Privileges to do that and you can also set up a new entry manually using the minus S option But in most cases ARP will do this in the background for us. We can do delete We need sudo to get an administrative rights and By us manually deleting now the table. It's aware of some 192.168.1.1 But it doesn't know the hardware address If I now ping 192.168.2.22 I still communicate and Look at the ARP table When I tried to contact Some other node on another LAN the routing table Told me or told my client to send to a router or gateway 192.168.1.1 Previously My client didn't know the hardware address of that corresponding IP address So ARP works in the background to discover that hardware address and then it was discovered and that allowed My client to send to the router which then forwarded it on to the server So ARP allows us to view the routing table and also in some cases manipulate that routing table