Quiz Entry - updated: 2026.07.14
What are the two main issues with ARP?
ARP has a performance problem (requests are broadcast, so every device on the network must process them) and a security problem (replies can be spoofed to poison ARP caches for man-in-the-middle attacks).
ARP Issues:
1. ARP Broadcasting (Performance)
| Problem | Impact |
|---|---|
| ARP requests are broadcast | Received and processed by every device on the local network |
| Excessive ARP broadcasts | Can cause network performance reduction |
| Large networks | More devices = more ARP traffic |
2. ARP Spoofing/Poisoning (Security)
| Problem | Impact |
|---|---|
| ARP replies can be spoofed | Attacker sends fake ARP replies |
| ARP poisoning attack | Attacker's MAC gets cached for victim's IP |
| Result | Traffic intended for victim goes to attacker (Man-in-the-Middle) |
Mitigation:
- Enterprise switches include Dynamic ARP Inspection (DAI)
- DAI validates ARP packets against a trusted binding database
- Prevents ARP spoofing attacks
Go deeper:
-
ARP spoofing — Wikipedia: ARP is stateless and unauthenticated, which underlies the security half of these issues.
-
Address Resolution Protocol — Wikipedia notes the broadcast nature of requests, the root of the performance issue.