Reverse Address Resolution Protocol

S Abhishek
4 min readJul 7, 2021


  • RARP is a TCP/IP protocol that is responsible for the translation of a Physical Address (e.g. — Ethernet address) to be translated into an IP address.
  • The RARP is on the Network Access Layer (i.e. the lowest layer of the TCP/IP protocol stack) and is thus a protocol used to send data between two points in a network.
  • Each network participant has two unique addresses more or less: a logical address (the IP address) and a physical address (the MAC address).
  • While the IP address is assigned by software, the MAC address is built into the hardware.
  • You have already been assigned a Media Access Control address (MAC address) by the manufacturer of your network card.
  • There can be cases where the device could not save the IP address because there of insufficient memory available. In such cases, the Reverse ARP is used.
  • This protocol can use the known MAC address to retrieve its IP address.
  • Therefore, its function is the complete opposite of the ARP.
  • The ARP uses the known IP address to determine the MAC address of the hardware.
  • RARP is used by device A to say “I am device A and I am sending this broadcast using my hardware address, can someone please tell me my IP address?”
  • It provides its own hardware address and asks for an IP address it can use.
  • The response to a request returns the protocol address of the requesting station, not the address of the station receiving the request.
  • Hosts like diskless workstations only have their hardware interface addresses or MAC address, but not their IP addresses.
  • They must discover their IP addresses from an external source, usually via RARP protocol.
  • RARP requires one or more server hosts to maintain a database of mappings of Link Layer addresses to their respective protocol addresses.
  • MAC addresses need to be individually configured on the servers by an administrator.
  • RARP is limited to serving only IP addresses.
  1. Source Device Generates RARP Request Message
  • The source device generates a RARP Request message.
  • Thus, it uses the value 3 for the Opcode in the message.
  • It puts its own data link-layer address as both the Sender Hardware Address and also the Target Hardware Address.
  • It leaves both the Sender Protocol Address and the Target Protocol Address blank since it doesn’t know either.

2. Source Device Broadcasts RARP Request Message

  • The source broadcasts the ARP Request message on the local network.

3. Local Devices Process RARP Request Message

  • The message is received by each device on the local network and processed.
  • Devices that are not configured to act as RARP servers ignore the message.

4. RARP Server Generates RARP Reply Message

  • Any device on the network that is set up to act as a RARP server responds to the broadcast from the source device.
  • It generates a RARP Reply using an Opcode value of 4.
  • It sets the Sender Hardware Address and Sender Protocol Address to its own hardware and IP address of course since it is the sender of the reply.
  • It then sets the Target Hardware Address to the hardware address of the original source device.
  • It looks up in a table the hardware address of the source, determines that device’s IP address assignment, and puts it into the Target Protocol Address field.

5. RARP Server Sends RARP Reply Message

  • The RARP server sends the RARP Reply message unicast to the device looking to be configured.

6. Source Device Processes RARP Reply Message

  • The source device processes the reply from the RARP server.
  • It then configures itself using the IP address in the Target Protocol Address supplied by the RARP server.

To be Short,

  • Sending device broadcasts the information asking IP address for itself.
  • The requester sends RARP Request along with source and destination MAC address and leaves Source and destination IP Address field blank.
  • All devices ignore the message except the RARP server.
  • RARP server contains an ARP table with MAC ADDRESS-IP address mapping.
  • The RARP server sends a RARP reply which contains an IP address for the requester.

Issues with the Reverse ARP

  • The Reverse Address Resolution Protocol has some disadvantages which eventually led to it being replaced by newer ones.
  • To be able to use the protocol successfully, the RARP server has to be located in the same physical network.
  • The computer sends the RARP request on the lowest layer of the network.
  • As a result, it is not possible for a router to forward the packet.
  • In addition, the RARP cannot handle subnetting because no subnet masks are sent.
  • If the network has been divided into multiple subnets, a RARP server must be available in each one.
  • In addition, the network participant only receives their own IP address through the request.
  • As previously mentioned, a subnet mask is not included and information about the gateway cannot be retrieved via Reverse ARP.
  • Therefore, it is not possible to configure the computer in a modern network.
  • These drawbacks led to the development of BOOTP and DHCP.



S Abhishek

Data Engineer Intern @Rolls-Royce | Computer Science Undergraduate | Amrita Vishwa Vidyapeetham | Former Member of security research & CTF team — @teambi0s.