How to Analyze Network Protocols, Learn More >>

Being able to support more than 300 protocols in the latest version, Capsa Network Sniffer make it easy to analyze protocols in network and understand what is happening.

Recommend Network Analysis Software >>


RFC 1735 http://tools.ietf.org/html/rfc1735

The NBMA Address Resolution Protocol (NARP) allows a source terminal (a host or router), wishing to communicate over a Non-Broadcast, Multi-Access (NBMA) link layer network, to find out the NBMA addresses of a destination terminal if the destination terminal is connected to the same NBMA network as the source.

The general format of the header is shown in the following illustration. The configuration varies according to whether the value of the type field is request type or reply type.

Version

Hop Count

Checksum

Type  Code Unused

Destination IP address

Source IP address 

NBNA Len.

NBMA address (variable length)

NARP header structure

Version
NARP version number. Currently this value is 1.

Hop Count
Indicates the maximum number of NASs that a request or reply is allowed to traverse before being discarded.

Checksum
Standard IP checksum over the entire NARP packet (starting with the fixed header).

Type
NARP packet type. The NARP Request has a type code 1, NARP Reply has a type code 2.

Code
A response to an NARP request may contain cached information. If an authoritative answer is desired, then code 2 (NARP Request for Authoritative Information) should be used. Otherwise, a code value of 1 (NARP Request) should be used. NARP replies may be positive or negative. A positive, non-authoritative reply carries a code of 1, while a positive, authoritative reply carries a code of 2. A negative, non- authoritative reply carries a code of 3 and a negative, authoritative reply carries a code of 4.

Source and Destination IP Address
Respectively, these are the IP addresses of the NARP requestor and the target terminal for which the NBMA address is destined.

NBMA Length and NBMA Address
The NBMA length field is the length of the NBMA address of the source terminal in bits. The NBMA address itself is zero-filled to the nearest 32-bit boundary

Vulnerabilities for this protocol (from CVE)

CVE ID Protocol Source Port Targetport

TCP/IP Protocols:

AHARP/RARPATMPBGP-4COPSDCAPDHCPDNS
DVMRPEGPEIGRPESPFANPFingerFTPHSRP
HTTPICMPICMPv6IGMPIGRPIMAP4IPIPDC
IPv6ISAKMPL2FL2TPLDAPMARSMobile IPNARP
NetBIOS/IPNHRPNTPOSPFPIMPOP3PPTPRadius
RIP2RIPng for IPv6RLOGINRSVPRTSPRUDPS-HTTPSCTP
SLPSMTPSNMPSOCKS V5TACACSTALITCPTELNET
TFTPUDPVan JacobsonVRRPWCCPX-WindowXOT