I want to do some (hopefully minor) tinkering with my wireless network, but it is clear that I don't get some basic concepts. To help me visualize my network at the NIC / MAC address level, could someone explain who has MAC addresses and why? I have a network connected (indirectly) to a cable modem. A linux box serves as a gateway. It is connected by ethernet to the WAN port of an airport extreme base station. 2 windows machines are connected to LAN ports on the base station. 1 windows machine and 2 Macs are connected by wireless. All the machines have manually assigned IP addresses, and the base station is configured in "bridge mode" since it appears the other options involve NAT or DHCP. My gateway box is acting as a router. It has 2 NICs (hence 2 MAC addresses), 1 for inet connection and 1 to the LAN. When I used a CentreCom router, on the other hand, it appeared invisible, or at least I wasn't aware of any MAC addresses for the router. The utility for the base station lists what appears to be 2 MAC addresses: an "AirPort ID" and an "Ethernet ID". I have assigned the base station an IP address. The Mac computer I'm using, attached by wireless, does not show the base station in the routing tables [except the "Ethernet ID" does show in the IPv6 tables]. traceroute shows only a single hop to the gateway. Am I to assume that dedicated routers - unlike my Linux gateway - appear invisible in the network and just magically connect nodes to each other? If so, what are the MAC addresses on the base station for? Just to access the box itself for configuration? To access something connected to its USB port? Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
In short every Ethernet device that expects to be addressable on an ethernet will have a MAC address. The device will then use the ARP protocol to turn MAC addresses into IP addresses (and vice versa for RARP). Then things will look as you expect. You need a MAC to be a node on an Ethernet that is to send an receive frames for and to yourself. Cheap switches and some 'invisible' routers do not because they do not participate in the network they just act as a bridge (which is a other type of device) between two networks. They use MAC addresses to differentiate items on the switch but don't need their own because they are not an addressable node on the network. You don't pass traffic _to_ them but _through_ them. An access point like the airport express is almost exactly the same as your Linux gateway. A router is the same. In a wireless access point you transceive Ethernet frames into wireless ethernet frames and vice versa. Everything operates as you expect but encapsulated in a wireless radio protocol. This whole WAN LAN is unnecessarily confusing. A commodity router's WAN port is an uplink to your ISP. It is still a LAN port just is expected to uplink outside. In 'bridge' mode a device is only concerned with forwarding frames so any other services the device has is turned off (like dhcp and nat). Most wireless access points are bridges and if they have dhcp/nat/firewall features they get called wireless routers. Most wireless routers can be configured 'down' to being access points and not necessarily vice versa. Anyways, hope that helps. -- Sean (mobile) On 2012-01-21, at 4:19 PM, Dan Martin <ummar143@shaw.ca> wrote:
I want to do some (hopefully minor) tinkering with my wireless network, but it is clear that I don't get some basic concepts. To help me visualize my network at the NIC / MAC address level, could someone explain who has MAC addresses and why?
I have a network connected (indirectly) to a cable modem. A linux box serves as a gateway. It is connected by ethernet to the WAN port of an airport extreme base station. 2 windows machines are connected to LAN ports on the base station. 1 windows machine and 2 Macs are connected by wireless. All the machines have manually assigned IP addresses, and the base station is configured in "bridge mode" since it appears the other options involve NAT or DHCP.
My gateway box is acting as a router. It has 2 NICs (hence 2 MAC addresses), 1 for inet connection and 1 to the LAN.
When I used a CentreCom router, on the other hand, it appeared invisible, or at least I wasn't aware of any MAC addresses for the router.
The utility for the base station lists what appears to be 2 MAC addresses: an "AirPort ID" and an "Ethernet ID". I have assigned the base station an IP address.
The Mac computer I'm using, attached by wireless, does not show the base station in the routing tables [except the "Ethernet ID" does show in the IPv6 tables]. traceroute shows only a single hop to the gateway.
Am I to assume that dedicated routers - unlike my Linux gateway - appear invisible in the network and just magically connect nodes to each other? If so, what are the MAC addresses on the base station for? Just to access the box itself for configuration? To access something connected to its USB port?
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Thanks for the reply, Sean. On 2012-01-21, at 6:21 PM, Sean Cody wrote:
In short every Ethernet device that expects to be addressable on an ethernet will have a MAC address. The device will then use the ARP protocol to turn MAC addresses into IP addresses (and vice versa for RARP). Then things will look as you expect. You need a MAC to be a node on an Ethernet that is to send an receive frames for and to yourself.
... but you don't need a MAC address to route a frame to someone else?
Cheap switches and some 'invisible' routers do not because they do not participate in the network they just act as a bridge (which is a other type of device) between two networks. They use MAC addresses to differentiate items on the switch but don't need their own because they are not an addressable node on the network. You don't pass traffic _to_ them but _through_ them.
An access point like the airport express is almost exactly the same as your Linux gateway.
The Linux gateway shows in routing tables etc. Default traffic is directed to it via the NIC which is visible on the LAN side. The airport extreme is completely invisible. If I didn't see the utility showing 2 MAC addresses and an IP address (does it map to one of the MAC addresses?) I wouldn't even know it was there. But the entire network is connected to the gateway via the router (some wired, some wireless). Does this have something to do with selecting Bridge mode?
A router is the same. In a wireless access point you transceive Ethernet frames into wireless ethernet frames and vice versa. Everything operates as you expect but encapsulated in a wireless radio protocol.
This whole WAN LAN is unnecessarily confusing. A commodity router's WAN port is an uplink to your ISP. It is still a LAN port just is expected to uplink outside.
Is the WAN port different, then? Here the WAN port is connected to the gateway machine (private IP address). Even though it is not 'WAN' connected, I make a point to put it 'upstream', closer to the internet. Does it matter?
In 'bridge' mode a device is only concerned with forwarding frames so any other services the device has is turned off (like dhcp and nat). Most wireless access points are bridges and if they have dhcp/nat/firewall features they get called wireless routers. Most wireless routers can be configured 'down' to being access points and not necessarily vice versa.
Anyways, hope that helps.
-- Sean (mobile)
On 2012-01-21, at 4:19 PM, Dan Martin <ummar143@shaw.ca> wrote:
I want to do some (hopefully minor) tinkering with my wireless network, but it is clear that I don't get some basic concepts. To help me visualize my network at the NIC / MAC address level, could someone explain who has MAC addresses and why?
I have a network connected (indirectly) to a cable modem. A linux box serves as a gateway. It is connected by ethernet to the WAN port of an airport extreme base station. 2 windows machines are connected to LAN ports on the base station. 1 windows machine and 2 Macs are connected by wireless. All the machines have manually assigned IP addresses, and the base station is configured in "bridge mode" since it appears the other options involve NAT or DHCP.
My gateway box is acting as a router. It has 2 NICs (hence 2 MAC addresses), 1 for inet connection and 1 to the LAN.
When I used a CentreCom router, on the other hand, it appeared invisible, or at least I wasn't aware of any MAC addresses for the router.
The utility for the base station lists what appears to be 2 MAC addresses: an "AirPort ID" and an "Ethernet ID". I have assigned the base station an IP address.
The Mac computer I'm using, attached by wireless, does not show the base station in the routing tables [except the "Ethernet ID" does show in the IPv6 tables]. traceroute shows only a single hop to the gateway.
Am I to assume that dedicated routers - unlike my Linux gateway - appear invisible in the network and just magically connect nodes to each other? If so, what are the MAC addresses on the base station for? Just to access the box itself for configuration? To access something connected to its USB port?
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
I would make a stab at answering your questions, but Sean and Adam have already responded, and they're better qualified, anyway. :-) If you have time, however, take a look at the on-line Cisco materials, such as http://www.cisco.com/web/learning/le31/le20/ssat/cim/tac_basic_ipr.html I just found that now, spurred by seeing your questions. I'll try to find time to go through it myself; I'm sure I would benefit. Kevin CTT-TAC: Basic IP Routing Concepts Detailed Information In this module, you will gain a fundamental understanding of IP routing. You will also do hands-on Interface and Configuration Labs. In addition, you will also learn basic Cisco IOS IP routing commands. Objectives: At the end of this tutorial, you will be able to: - Understand local-area networks and data-link addressing. - Describe the difference between a bridge and a router. - Discuss the basic functionality of a routing table and how routers work. - Understand network addressing. - Identify IP addresses by class and calculate subnetting and subnet masks according to addressing needs. - Discuss IP routing fundamentals. - Understand other Internet protocols such as Address Resolution Protocol (ARP) and Internet Control Message Protocol (ICMP). - Identify the differences between a routed and a routing protocol. - Describe the two fundamental functions of a routing protocol: path determination and path switching. - Define the term *routing metrics *and describe how routing metrics work. - Define the term *routing algorithms *, describe how they work, and understand types of algorithms. - Define routing loops and understand methods to use to avoid them. - Configure, troubleshoot, and maintain IP routing, using the appropriate Cisco IOS commands. - Configure a default gateway. - Configure a static default route. - Configure IP unnumbered. - Configure secondary IP addressing. On Sat, Jan 21, 2012 at 7:22 PM, Dan Martin <ummar143@shaw.ca> wrote:
Thanks for the reply, Sean.
On 2012-01-21, at 6:21 PM, Sean Cody wrote:
In short every Ethernet device that expects to be addressable on an ethernet will have a MAC address. The device will then use the ARP protocol to turn MAC addresses into IP addresses (and vice versa for RARP). Then things will look as you expect. You need a MAC to be a node on an Ethernet that is to send an receive frames for and to yourself.
... but you don't need a MAC address to route a frame to someone else?
Cheap switches and some 'invisible' routers do not because they do not participate in the network they just act as a bridge (which is a other type of device) between two networks. They use MAC addresses to differentiate items on the switch but don't need their own because they are not an addressable node on the network. You don't pass traffic _to_ them but _through_ them.
An access point like the airport express is almost exactly the same as your Linux gateway.
The Linux gateway shows in routing tables etc. Default traffic is directed to it via the NIC which is visible on the LAN side.
The airport extreme is completely invisible. If I didn't see the utility showing 2 MAC addresses and an IP address (does it map to one of the MAC addresses?) I wouldn't even know it was there. But the entire network is connected to the gateway via the router (some wired, some wireless).
Does this have something to do with selecting Bridge mode?
A router is the same. In a wireless access point you transceive Ethernet frames into wireless ethernet frames and vice versa. Everything operates as you expect but encapsulated in a wireless radio protocol.
This whole WAN LAN is unnecessarily confusing. A commodity router's WAN port is an uplink to your ISP. It is still a LAN port just is expected to uplink outside.
Is the WAN port different, then? Here the WAN port is connected to the gateway machine (private IP address). Even though it is not 'WAN' connected, I make a point to put it 'upstream', closer to the internet. Does it matter?
In 'bridge' mode a device is only concerned with forwarding frames so
any other services the device has is turned off (like dhcp and nat). Most wireless access points are bridges and if they have dhcp/nat/firewall features they get called wireless routers. Most wireless routers can be configured 'down' to being access points and not necessarily vice versa.
Anyways, hope that helps.
-- Sean (mobile)
On 2012-01-21, at 4:19 PM, Dan Martin <ummar143@shaw.ca> wrote:
I want to do some (hopefully minor) tinkering with my wireless network,
but it is clear that I don't get some basic concepts. To help me visualize my network at the NIC / MAC address level, could someone explain who has MAC addresses and why?
I have a network connected (indirectly) to a cable modem. A linux box
serves as a gateway. It is connected by ethernet to the WAN port of an airport extreme base station. 2 windows machines are connected to LAN ports on the base station. 1 windows machine and 2 Macs are connected by wireless. All the machines have manually assigned IP addresses, and the base station is configured in "bridge mode" since it appears the other options involve NAT or DHCP.
My gateway box is acting as a router. It has 2 NICs (hence 2 MAC
addresses), 1 for inet connection and 1 to the LAN.
When I used a CentreCom router, on the other hand, it appeared
invisible, or at least I wasn't aware of any MAC addresses for the router.
The utility for the base station lists what appears to be 2 MAC
addresses: an "AirPort ID" and an "Ethernet ID". I have assigned the base station an IP address.
The Mac computer I'm using, attached by wireless, does not show the
base station in the routing tables [except the "Ethernet ID" does show in the IPv6 tables]. traceroute shows only a single hop to the gateway.
Am I to assume that dedicated routers - unlike my Linux gateway -
appear invisible in the network and just magically connect nodes to each other? If so, what are the MAC addresses on the base station for? Just to access the box itself for configuration? To access something connected to its USB port?
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
On 2012-01-21, at 7:22 PM, Dan Martin wrote:
Thanks for the reply, Sean.
On 2012-01-21, at 6:21 PM, Sean Cody wrote:
In short every Ethernet device that expects to be addressable on an ethernet will have a MAC address. The device will then use the ARP protocol to turn MAC addresses into IP addresses (and vice versa for RARP). Then things will look as you expect. You need a MAC to be a node on an Ethernet that is to send an receive frames for and to yourself.
... but you don't need a MAC address to route a frame to someone else?
No. The mail carrier doesn't need to know what is in the envelope or who send it or where it is going in order to get the mail. The mail carrier picked up the envelope from the mailbox and brings it to the depot that puts a routing stamp on it and delivers it according to whatever process canada post uses. Note the mail carrier just does that... you don't address your correspondence to the mail carrier but the destination. That's the easiest metaphor I can give here. Look up the wikipedia page on the OSI model which describes the networking encapsulation stack.
Cheap switches and some 'invisible' routers do not because they do not participate in the network they just act as a bridge (which is a other type of device) between two networks. They use MAC addresses to differentiate items on the switch but don't need their own because they are not an addressable node on the network. You don't pass traffic _to_ them but _through_ them.
An access point like the airport express is almost exactly the same as your Linux gateway.
The Linux gateway shows in routing tables etc. Default traffic is directed to it via the NIC which is visible on the LAN side.
The airport extreme is completely invisible. If I didn't see the utility showing 2 MAC addresses and an IP address (does it map to one of the MAC addresses?) I wouldn't even know it was there. But the entire network is connected to the gateway via the router (some wired, some wireless).
It is invisible to the tool you are using isn't showing you the detail you are expecting. If you had some sort of wireless sniffer running you would see the 802.11a/b/g/n frames flying about. You won't see the airport because it doesn't send out any frames of it's own, is passing along frames from other sources across it's bridge. Depending on how it does the bridging, packet TTL's will be decremented so you can _infer_ that there may be a bridge but it doesn't broadcast it's existence from/on each frame. Note the mail carrier metaphor above. Don't worry about MAC addresses so much as unless you are statically assigning IPs to specific devices they won't mean much in your context. MAC addresses do not get a one-to-one static mapping... this is a bit of rat hole so just assuming a point in time static mapping is a perfectly reasonable inference.
Does this have something to do with selecting Bridge mode?
Maybe... depends on the configuration. A bridge doesn't manipulate the packets its passing (save for decrementing the TTL in some configurations). If the bridging device itself is assigned an IP address it is no longer transparent.
A router is the same. In a wireless access point you transceive Ethernet frames into wireless ethernet frames and vice versa. Everything operates as you expect but encapsulated in a wireless radio protocol.
This whole WAN LAN is unnecessarily confusing. A commodity router's WAN port is an uplink to your ISP. It is still a LAN port just is expected to uplink outside.
Is the WAN port different, then? Here the WAN port is connected to the gateway machine (private IP address). Even though it is not 'WAN' connected, I make a point to put it 'upstream', closer to the internet. Does it matter?
It sure isn't. It is an uplink by practice. I won't get into MDI and MDI-X but lets just say that the commodity routers treat a particular port different than the rest and label it the WAN port. -- Sean
On Sat, Jan 21, 2012 at 9:44 PM, Sean Cody <sean@tinfoilhat.ca> wrote:
On 2012-01-21, at 7:22 PM, Dan Martin wrote:
... but you don't need a MAC address to route a frame to someone else?
If you put your wireless into "bridge" mode you're basically just disabling the router functions so it acts only as a switch. As a switch it will transparently "echo" (bridge) traffic from the wireless to the LAN and vice versa. Most home routers are actually (at least) 3 devices in one, router, switch and wireless access point all managed from a single web interface, but inside they are still 3 separate network devices. Your confusion comes from the fact that even in bridge mode it still has a NIC with a mac and an IP. This is just so it can have an IP address and be managed remotely but as far as the network is concerned it's just another end-point, not a "router". If you put your router back into "router" mode, it will still bridge traffic from the wireless to the LAN and therefore it will still not show up on a traceroute fromLAN to wireless (or LAN-to-LAN). However, it will show up on a traceroute from the LAN to the WAN. Don't let the wireless confuse you. Just think of wireless as a replacement for wires. Instead of two RJ45 connectors, you have two radios. They are a bit more complicated to connect (SSID etc), but once the link between the two radios is established, the wireless "goes away". Just like with a physical network cable, once you plug it in and the "link" light comes on, you just forget about it. John
Thanks John. On 2012-01-22, at 8:32 AM, John Lange wrote:
On Sat, Jan 21, 2012 at 9:44 PM, Sean Cody <sean@tinfoilhat.ca> wrote:
On 2012-01-21, at 7:22 PM, Dan Martin wrote:
... but you don't need a MAC address to route a frame to someone else?
If you put your wireless into "bridge" mode you're basically just disabling the router functions so it acts only as a switch. As a switch it will transparently "echo" (bridge) traffic from the wireless to the LAN and vice versa.
Most home routers are actually (at least) 3 devices in one, router, switch and wireless access point all managed from a single web interface, but inside they are still 3 separate network devices.
Your confusion comes from the fact that even in bridge mode it still has a NIC with a mac and an IP. This is just so it can have an IP address and be managed remotely but as far as the network is concerned it's just another end-point, not a "router".
Yes, I wondered why a MAC address was supplied but didn't show up anywhere, wanted to make sure I wasn't missing something. Since 2 MAC addresses are given, I assume the "Airport ID" is to manage the device over wireless, and the "Ethernet ID" is to manage it over wired. Is the IP address mapped to both of these?
If you put your router back into "router" mode, it will still bridge traffic from the wireless to the LAN and therefore it will still not show up on a traceroute fromLAN to wireless (or LAN-to-LAN). However, it will show up on a traceroute from the LAN to the WAN.
Don't let the wireless confuse you. Just think of wireless as a replacement for wires. Instead of two RJ45 connectors, you have two radios. They are a bit more complicated to connect (SSID etc), but once the link between the two radios is established, the wireless "goes away". Just like with a physical network cable, once you plug it in and the "link" light comes on, you just forget about it.
John _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
On Sun, Jan 22, 2012 at 9:06 AM, Dan Martin <ummar143@shaw.ca> wrote:
Since 2 MAC addresses are given, I assume the "Airport ID" is to manage the device over wireless, and the "Ethernet ID" is to manage it over wired. Is the IP address mapped to both of these?
You should be able to ping it from both sides and see the MAC being used in the output of "arp -a" We're also oversimplifying this. The MAC on a switch is used for many things, such as spanning tree or the management frames that wireless needs. None of these use IP, and you don't see them unless you're looking for them. Sean -- Sean Walberg <sean@ertw.com> http://ertw.com/
On 2012-01-22, at 9:18 AM, Sean Walberg wrote:
On Sun, Jan 22, 2012 at 9:06 AM, Dan Martin <ummar143@shaw.ca> wrote:
Since 2 MAC addresses are given, I assume the "Airport ID" is to manage the device over wireless, and the "Ethernet ID" is to manage it over wired. Is the IP address mapped to both of these?
You should be able to ping it from both sides and see the MAC being used in the output of "arp -a"
The IP is mapped to the "Ethernet ID".
We're also oversimplifying this. The MAC on a switch is used for many things, such as spanning tree or the management frames that wireless needs. None of these use IP, and you don't see them unless you're looking for them.
Sean
-- Sean Walberg <sean@ertw.com> http://ertw.com/ _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
I don't mean to sound rude, but you're right: you need a good grasp on anatomy before doing surgery. It sounds to me like you may have the concepts of IP address and MAC address backwards. I can explain briefly (with a few over-simplifications that shouldn't matter in most cases): Every Ethernet and every Wi-Fi device has a MAC address, which is not only unique to that device but also to that interface. So a PC with two Ethernet ports and a wireless card would have three separate MAC addresses. The MAC address is only used to identify a machine (more specifically, its interface) on the network it's connected to; they are not used elsewhere. There is a protocol (hidden from you) that allows your computers and routers to automatically translate an IP address into a MAC address, but only for devices mutually connected to the same network. Many "wireless routers" or "access points" simply join a wired network and a wireless network together so that they jointly seem to be one continuous network. A router (including some wireless routers) also connects one (or more) local network(s) to another, foreign network. For example, many readers here will have a local (home) network that connects to MTS or Shaw - a router is required to mediate between the two networks. Some routers perform Address Translation ("NAT") which hides your local IP addresses behind a single public IP address, so that MTS or Shaw doesn't have to know anything about all your devices at home - they all masquerade as a single device connected to your ISP. Your Linux box (probably using iptables masquerading) is probably performing this NAT function - and in this role, it is functioning as a router. (More precisely, it IS a router.) I'm not familiar with CentreCom, but if it was a router, it definitely had at least two MAC addresses. One of those MAC addresses would have been visible to machines on your home network, and the other would have been visible to your ISP's upstream router. There would not have been any reason for you to be personally aware of what these MAC addresses were. Your base station is acting as a pure Wireless Access Point ("WAP", which can also mean other things), which makes wireless devices seem to be directly connected to the wired network. It does not participate in IP routing; it has an IP address so you can more easily manage it from your PC. Depending on the model, it may optionally be able to function as a router (like your linux box), in which case it would participate in IP routing. IPv6 routing tables function somewhat differently from IPv4 routing tables, at least in terms of what you see without peeking under the hood - it's very common to see MAC addresses embedded in IPv6 addresses, this is IPv6 automatic address assignment at work and you can ignore it unless you want to use IPv6 for something. You may have already deduced the answer, but no, dedicated routers look EXACTLY like your Linux box (to other devices on the network), and perform almost exactly the same functions. The main reasons to use a dedicated router are (not simultaneously!): smaller size, higher performance, consistency of management or brand-name, proprietary routing protocols. To make the point even clearer, the large $1M+ Cisco routers being deployed today actually run a version of Linux. Much of their routing functionality is done with high-speed dedicated hardware, not a Linux kernel process, but the same functions occur in either case. The MAC addresses on your base station are mandatory - that's part of the Ethernet spec and part of the WiFi spec. Its IP address is used for management. You should never see or handle MAC addresses in general everyday use; only network engineers see MAC addresses, and even then they're (usually) only used as a tool to for looking up information while performing diagnostics. I've skipped over a lot of details and a lot of formalisms, but what I've said should hold true for 99.9% of home users (and probably 98%+ of business users for that matter). I know I have at least 46 distinct MAC addresses in my basement right now, plugged into the network - and I have absolutely no idea what any of them are, nor do I care. On the other hand, those all combined represent only 9 IP addresses and I know exactly what all of those are. -Adam Thompson athompso@athompso.net (204) 291-7950 - direct (204) 489-6515 - fax
-----Original Message----- From: roundtable-bounces@muug.mb.ca [mailto:roundtable- bounces@muug.mb.ca] On Behalf Of Dan Martin Sent: Saturday, January 21, 2012 4:20 PM To: MUUG Round Table Subject: [RndTbl] wireless basics
I want to do some (hopefully minor) tinkering with my wireless network, but it is clear that I don't get some basic concepts. To help me visualize my network at the NIC / MAC address level, could someone explain who has MAC addresses and why?
I have a network connected (indirectly) to a cable modem. A linux box serves as a gateway. It is connected by ethernet to the WAN port of an airport extreme base station. 2 windows machines are connected to LAN ports on the base station. 1 windows machine and 2 Macs are connected by wireless. All the machines have manually assigned IP addresses, and the base station is configured in "bridge mode" since it appears the other options involve NAT or DHCP.
My gateway box is acting as a router. It has 2 NICs (hence 2 MAC addresses), 1 for inet connection and 1 to the LAN.
When I used a CentreCom router, on the other hand, it appeared invisible, or at least I wasn't aware of any MAC addresses for the router.
The utility for the base station lists what appears to be 2 MAC addresses: an "AirPort ID" and an "Ethernet ID". I have assigned the base station an IP address.
The Mac computer I'm using, attached by wireless, does not show the base station in the routing tables [except the "Ethernet ID" does show in the IPv6 tables]. traceroute shows only a single hop to the gateway.
Am I to assume that dedicated routers - unlike my Linux gateway - appear invisible in the network and just magically connect nodes to each other? If so, what are the MAC addresses on the base station for? Just to access the box itself for configuration? To access something connected to its USB port?
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Thanks, Adam. On 2012-01-21, at 6:53 PM, Adam Thompson wrote:
I don't mean to sound rude, but you're right: you need a good grasp on anatomy before doing surgery.
Nah. Just drink lots of coffee, take the anatomy book into the OR. That's why I called the subject 'basic'. Finding it difficult to get good info on it, however.
It sounds to me like you may have the concepts of IP address and MAC address backwards.
I can explain briefly (with a few over-simplifications that shouldn't matter in most cases):
Every Ethernet and every Wi-Fi device has a MAC address, which is not only unique to that device but also to that interface. So a PC with two Ethernet ports and a wireless card would have three separate MAC addresses.
And each is mapped to an IP address, visible in the network layer.
The MAC address is only used to identify a machine (more specifically, its interface) on the network it's connected to; they are not used elsewhere. There is a protocol (hidden from you) that allows your computers and routers to automatically translate an IP address into a MAC address, but only for devices mutually connected to the same network.
Many "wireless routers" or "access points" simply join a wired network and a wireless network together so that they jointly seem to be one continuous network.
A router (including some wireless routers) also connects one (or more) local network(s) to another, foreign network. For example, many readers here will have a local (home) network that connects to MTS or Shaw - a router is required to mediate between the two networks. Some routers perform Address Translation ("NAT") which hides your local IP addresses behind a single public IP address, so that MTS or Shaw doesn't have to know anything about all your devices at home - they all masquerade as a single device connected to your ISP. Your Linux box (probably using iptables masquerading) is probably performing this NAT function - and in this role, it is functioning as a router. (More precisely, it IS a router.)
I'm not familiar with CentreCom, but if it was a router, it definitely had at least two MAC addresses. One of those MAC addresses would have been visible to machines on your home network, and the other would have been visible to your ISP's upstream router. There would not have been any reason for you to be personally aware of what these MAC addresses were.
Your base station is acting as a pure Wireless Access Point ("WAP", which can also mean other things), which makes wireless devices seem to be directly connected to the wired network.
And that's what I want. All address translation done in the Linux box, and everything else looks like a single network.
It does not participate in IP routing; it has an IP address so you can more easily manage it from your PC.
That clarifies the reason for the IP address.
Depending on the model, it may optionally be able to function as a router (like your linux box), in which case it would participate in IP routing.
Presumably it can, but I'm using it in 'bridge' mode because I don't want NAT or DHCP in the middle of my network.
IPv6 routing tables function somewhat differently from IPv4 routing tables, at least in terms of what you see without peeking under the hood - it's very common to see MAC addresses embedded in IPv6 addresses, this is IPv6 automatic address assignment at work and you can ignore it unless you want to use IPv6 for something.
You may have already deduced the answer, but no, dedicated routers look EXACTLY like your Linux box (to other devices on the network), and perform almost exactly the same functions. The main reasons to use a dedicated router are (not simultaneously!): smaller size, higher performance, consistency of management or brand-name, proprietary routing protocols. To make the point even clearer, the large $1M+ Cisco routers being deployed today actually run a version of Linux. Much of their routing functionality is done with high-speed dedicated hardware, not a Linux kernel process, but the same functions occur in either case. The MAC addresses on your base station are mandatory - that's part of the Ethernet spec and part of the WiFi spec. Its IP address is used for management.
You should never see or handle MAC addresses in general everyday use; only network engineers see MAC addresses, and even then they're (usually) only used as a tool to for looking up information while performing diagnostics.
So I can safely view everything from the network layer, where it appears all of the machines on my LAN are connected in a single hop. At the link layer, there is more going on - a peripheral PC sends a frame through its nic (wired or wireless as the case may be) which is routed to 1 of several MAC addressable devices on the base station. The base station sends it out from a different MAC address at the WAN port, and from there it gets sent to the MAC address of the NIC on the LAN side of the gateway machine. At the network layer, which is what I see with any of my tools, a packet is sent directly from the NIC of my peripheral PC (which has an IP address mapped to it) to the NIC on the LAN side of the gateway machine (which also has an IP address mapped to it). The stuff in between is magic. Have I got it now? If I used the base station as a router to create a subnet, would these previously invisible MAC addresses be mapped to IP addresses?
I've skipped over a lot of details and a lot of formalisms, but what I've said should hold true for 99.9% of home users (and probably 98%+ of business users for that matter). I know I have at least 46 distinct MAC addresses in my basement right now, plugged into the network - and I have absolutely no idea what any of them are, nor do I care. On the other hand, those all combined represent only 9 IP addresses and I know exactly what all of those are.
-Adam Thompson athompso@athompso.net (204) 291-7950 - direct (204) 489-6515 - fax
-----Original Message----- From: roundtable-bounces@muug.mb.ca [mailto:roundtable- bounces@muug.mb.ca] On Behalf Of Dan Martin Sent: Saturday, January 21, 2012 4:20 PM To: MUUG Round Table Subject: [RndTbl] wireless basics
I want to do some (hopefully minor) tinkering with my wireless network, but it is clear that I don't get some basic concepts. To help me visualize my network at the NIC / MAC address level, could someone explain who has MAC addresses and why?
I have a network connected (indirectly) to a cable modem. A linux box serves as a gateway. It is connected by ethernet to the WAN port of an airport extreme base station. 2 windows machines are connected to LAN ports on the base station. 1 windows machine and 2 Macs are connected by wireless. All the machines have manually assigned IP addresses, and the base station is configured in "bridge mode" since it appears the other options involve NAT or DHCP.
My gateway box is acting as a router. It has 2 NICs (hence 2 MAC addresses), 1 for inet connection and 1 to the LAN.
When I used a CentreCom router, on the other hand, it appeared invisible, or at least I wasn't aware of any MAC addresses for the router.
The utility for the base station lists what appears to be 2 MAC addresses: an "AirPort ID" and an "Ethernet ID". I have assigned the base station an IP address.
The Mac computer I'm using, attached by wireless, does not show the base station in the routing tables [except the "Ethernet ID" does show in the IPv6 tables]. traceroute shows only a single hop to the gateway.
Am I to assume that dedicated routers - unlike my Linux gateway - appear invisible in the network and just magically connect nodes to each other? If so, what are the MAC addresses on the base station for? Just to access the box itself for configuration? To access something connected to its USB port?
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
participants (6)
-
Adam Thompson -
Dan Martin -
John Lange -
Kevin McGregor -
Sean Cody -
Sean Walberg