- Posts: 301
- Thank you received: 3
ip and mac communication in Lan envormnt
13 years 2 months ago #36318
by Nevins
:
How would you do that?
Useful Threads
================================
www.firewall.cx/forum/2-basic-concepts/3...e-resource-page.html
Replied by Nevins on topic Re: ip and mac communication in Lan envormnt
Yes it is possible to use mac address alone as switches can broadcast mac addresses too instead of IP addresses.
:How would you do that?
Useful Threads
================================
www.firewall.cx/forum/2-basic-concepts/3...e-resource-page.html
13 years 2 months ago #36326
by Nevins
Useful Threads
================================
www.firewall.cx/forum/2-basic-concepts/3...e-resource-page.html
Replied by Nevins on topic Re: ip and mac communication in Lan envormnt
actually thiz Question waz risen in our class and teacher needed the right answer from studentz and i tried to ans as Nevins explained,,, (dat waz jst for ARP and RARP) but our teacher sayz if v throw mac address and there only ip addresses .... now possible for machinez and devices to communicate ... My ans waz Yes then he asked again .. so why v use Mac addresses if possible teze all through ipz addressez
is thiz realy a headache for uzing 2 addressws for machinez:?:
Filtered into >
This was actually a question that came up in our class which our teacher required an answer to. I gave my answer based off of what Nevins explained stating IP addresses are used on lans to preform ARP and RARP. Now my teacher asks if you only use ip addresses is it possible for devices to communicate. I answered yes again. So he then asked why we use Mac addresses if it's possible to use only IP addresses. Why go though the headache of using 2 addresses for connectivity instead of one.
I want to start off by explaining you should have answered "No, it is not possible to use only IP addresses for all network communication."
Your teacher is trying to get you to question why we would have a two address system if we only needed one address. Logically you could infer the answer to this question would be "No." without knowing the actual reason because we would not do it if there wasn't an advantage to it.
But lets look at why you need 2 addresses:
You need both a mac address and an ip address to both uniquely identify yourself and route packets logically over the internet.
MAC addresses have this great quality of being unique in the world.
The first 24 binary digits of a mac address identify the manufacturer. The second set of 24 binary digits are a unique number for that card within the manufacturers production line.
This uniqueness allows messages to be sent out on lan's which only the intended reciver can reply to.
On the other hand anyone can be assigned a IP address so if two people for some reason picked IP 10.1.1.1 both IP's would be the intended reciever.
This is not possible with true mac addresses because they are all different.
So why then would we need IP's?
We need Ip's so we have some sort of data routing sytem for long distances as well as to create broadcast domains (lan segments that are seperated logically from onther networks).
So lets theory craft for a moment. Lets say everyone in the world was in one big lan and only mac addresses were used. We know that currently IPv4 addresses(not including private addresses) are completely used up so there are at least 4.3 Billion network connected hosts. So you have 4.3 billion hosts all trying to use the same network you immediately run into 3 problems.
The first is how does a frame from my pc find it's way over to the pc I'm trying to send to.
The second major issue is how do I keep track of the different paths between end ponts.
The third problem is who has the rights to talk on this giant lan and when?
So lets look at the first problem. My mac address is trying to communicate to a mac address google servers own for their mac address search engine. I create a frame with the mac address source port: AA:AA:AA:AA:AA:AA looking for the destination port BB:BB:BB:BB:BB:BB and send it out onto the lan wire. The switch gets the frame looks at the address adds the source port to it's mac table and floods the frame out all other ports in search of BB:BB:BB:BB:BB:BB with each switch along the way preforming the same task. In advertantly with only 1 frame you have created a MASSIVE frame flood while attempting to reach a destination. Fortunatly on the way back (after a few minutes assuming time to live didn't exist) each switch stored the port the frame before it was recived on and passes it back the way it came.
So now you have this second problem which is each switch on the network is now storing the mac address of EVERY connected device. Which is bad for 2 major reasons. First every switch has to have enough memory to hold every single mac address in the world with enough proccessing power to run a compairson on each one to forward frames. Secondly these tables will have to flush and get repopulated every once and a while to account for devices that have been physically moved.
Finally who has the rights to talk on this giant lan and when? In traditional ethernet lans the access method used is CSMA/CD which basically detects collisions and requires then waits a random ammount of time before attempting to retransmit. Unfortunatly even with the random wait time there are so many users that this would simply cause them to wait and collide again each time they tried to use the line so a more basic access method called token passing would have to be employed which basically states only the user/users (I'm sure in a place as big as the internet you could afford more then one token) With tokens are allowed to talk. Now creating this issue of how many weeks/months/years before I can get a token and talk on the communicate on the internet.
IP Addresses solve these problems by providing logical division of the internet using hierarchical addressing much like a post office does. Both the Internet Assigned Numbers Authority (IANA) and American Registry for Internet Numbers (ARIN) are responsible for allocating IP addresses into a hierachical form.
The post united office works by using zip codes which allows mail to be sorted by physical location.
The (IANA) and (ARIN) do the same thing using country codes which are used to create routes to logical locations generally created realitively close to the physical locations they represent with a few bits of an IP address and then allow local IP's to figure out the routing paths from there.
Ip's solve the routing problem by allowing the lists of connected devices to be summarized into much smaller groups so that fewer routes can be stored.
So then begs the question if IP addresses can solve the problem of effectively routing information what do we need MAC addresses for?
First I want to say MAC addresses are unique and that being unique helps with security because it's harder(not impossible) to fake who you are.
Now lets say we did away with mac addresses!
DHCP would be the first thing to go. Thats right no more dynamically assigned IP's. When you enabled dhcp you would put out a request to the dhcp server and it wouldn't know who to reply to because you do not yet have an IP address.
Now that you no longer have DHCP you have to manually configure every ip address you have. This in it self presents it's own problems because it's very possible or even likely that a network administrator would accidently issue 2 hosts the same IP's.
Removing mac addresses also causes other problems, any service that relys on mac addresses have to be removed or fundamentaly redesigned. Spanning tree protocol (the protocol that allows swithes not to create loops) would no longer work in it's current configuration because it uses mac addresses to choose it's root bride as well as metric cost. It would put more stress on network cards which can be assigned more then one IP address because now the network card would be responsible for managing the IP addresses attached to it as well. Switches themselves would no longer be functional because they would have to be replaced by Routers which manage IP's instead of frames. Additonally network management would become a nightmare particuallary when dealing with resolution of who did what; someone downloading your servers client list illegally could simply change their IP to preform an illegal action and you would never be able to prove who actually had that IP. So in a sense your losing all accountability and for example port security would no longer function and anyone who wanted to connect to your network could do so freely assuming each logging packet sent didn't require authentication. Finally you use more address space because you would need to use routers to create collision domains so essentially you would be further subnetting your address space simply to make lans more manageable.
Also naturally speaking IP does not operate on layer 2 of the OSI model in order for IP's to fuction without mac addresses you would have to drastically change how network cards and network devices handle ip addresses within frames. I'm not going to say it would be impossible in theroy to do so but your networks would lose a ton of features, require more effort in administration and be less secure as well as use up more address space and crown half-duplex king. However for these reasons and more for all practical reasons it's impossible.
Additonally there are a meriad of other things that I'm sure I'm forgetting but what you should take away from all this is IP addresses and Mac addresses are used together because Ip's handle traffic over wan's well and Mac addresses handle lan traffic well. Together the systems work great. Apart they simply don't work very well.
is thiz realy a headache for uzing 2 addressws for machinez:?:
Filtered into >
This was actually a question that came up in our class which our teacher required an answer to. I gave my answer based off of what Nevins explained stating IP addresses are used on lans to preform ARP and RARP. Now my teacher asks if you only use ip addresses is it possible for devices to communicate. I answered yes again. So he then asked why we use Mac addresses if it's possible to use only IP addresses. Why go though the headache of using 2 addresses for connectivity instead of one.
I want to start off by explaining you should have answered "No, it is not possible to use only IP addresses for all network communication."
Your teacher is trying to get you to question why we would have a two address system if we only needed one address. Logically you could infer the answer to this question would be "No." without knowing the actual reason because we would not do it if there wasn't an advantage to it.
But lets look at why you need 2 addresses:
You need both a mac address and an ip address to both uniquely identify yourself and route packets logically over the internet.
MAC addresses have this great quality of being unique in the world.
The first 24 binary digits of a mac address identify the manufacturer. The second set of 24 binary digits are a unique number for that card within the manufacturers production line.
This uniqueness allows messages to be sent out on lan's which only the intended reciver can reply to.
On the other hand anyone can be assigned a IP address so if two people for some reason picked IP 10.1.1.1 both IP's would be the intended reciever.
This is not possible with true mac addresses because they are all different.
So why then would we need IP's?
We need Ip's so we have some sort of data routing sytem for long distances as well as to create broadcast domains (lan segments that are seperated logically from onther networks).
So lets theory craft for a moment. Lets say everyone in the world was in one big lan and only mac addresses were used. We know that currently IPv4 addresses(not including private addresses) are completely used up so there are at least 4.3 Billion network connected hosts. So you have 4.3 billion hosts all trying to use the same network you immediately run into 3 problems.
The first is how does a frame from my pc find it's way over to the pc I'm trying to send to.
The second major issue is how do I keep track of the different paths between end ponts.
The third problem is who has the rights to talk on this giant lan and when?
So lets look at the first problem. My mac address is trying to communicate to a mac address google servers own for their mac address search engine. I create a frame with the mac address source port: AA:AA:AA:AA:AA:AA looking for the destination port BB:BB:BB:BB:BB:BB and send it out onto the lan wire. The switch gets the frame looks at the address adds the source port to it's mac table and floods the frame out all other ports in search of BB:BB:BB:BB:BB:BB with each switch along the way preforming the same task. In advertantly with only 1 frame you have created a MASSIVE frame flood while attempting to reach a destination. Fortunatly on the way back (after a few minutes assuming time to live didn't exist) each switch stored the port the frame before it was recived on and passes it back the way it came.
So now you have this second problem which is each switch on the network is now storing the mac address of EVERY connected device. Which is bad for 2 major reasons. First every switch has to have enough memory to hold every single mac address in the world with enough proccessing power to run a compairson on each one to forward frames. Secondly these tables will have to flush and get repopulated every once and a while to account for devices that have been physically moved.
Finally who has the rights to talk on this giant lan and when? In traditional ethernet lans the access method used is CSMA/CD which basically detects collisions and requires then waits a random ammount of time before attempting to retransmit. Unfortunatly even with the random wait time there are so many users that this would simply cause them to wait and collide again each time they tried to use the line so a more basic access method called token passing would have to be employed which basically states only the user/users (I'm sure in a place as big as the internet you could afford more then one token) With tokens are allowed to talk. Now creating this issue of how many weeks/months/years before I can get a token and talk on the communicate on the internet.
IP Addresses solve these problems by providing logical division of the internet using hierarchical addressing much like a post office does. Both the Internet Assigned Numbers Authority (IANA) and American Registry for Internet Numbers (ARIN) are responsible for allocating IP addresses into a hierachical form.
The post united office works by using zip codes which allows mail to be sorted by physical location.
The (IANA) and (ARIN) do the same thing using country codes which are used to create routes to logical locations generally created realitively close to the physical locations they represent with a few bits of an IP address and then allow local IP's to figure out the routing paths from there.
Ip's solve the routing problem by allowing the lists of connected devices to be summarized into much smaller groups so that fewer routes can be stored.
So then begs the question if IP addresses can solve the problem of effectively routing information what do we need MAC addresses for?
First I want to say MAC addresses are unique and that being unique helps with security because it's harder(not impossible) to fake who you are.
Now lets say we did away with mac addresses!
DHCP would be the first thing to go. Thats right no more dynamically assigned IP's. When you enabled dhcp you would put out a request to the dhcp server and it wouldn't know who to reply to because you do not yet have an IP address.
Now that you no longer have DHCP you have to manually configure every ip address you have. This in it self presents it's own problems because it's very possible or even likely that a network administrator would accidently issue 2 hosts the same IP's.
Removing mac addresses also causes other problems, any service that relys on mac addresses have to be removed or fundamentaly redesigned. Spanning tree protocol (the protocol that allows swithes not to create loops) would no longer work in it's current configuration because it uses mac addresses to choose it's root bride as well as metric cost. It would put more stress on network cards which can be assigned more then one IP address because now the network card would be responsible for managing the IP addresses attached to it as well. Switches themselves would no longer be functional because they would have to be replaced by Routers which manage IP's instead of frames. Additonally network management would become a nightmare particuallary when dealing with resolution of who did what; someone downloading your servers client list illegally could simply change their IP to preform an illegal action and you would never be able to prove who actually had that IP. So in a sense your losing all accountability and for example port security would no longer function and anyone who wanted to connect to your network could do so freely assuming each logging packet sent didn't require authentication. Finally you use more address space because you would need to use routers to create collision domains so essentially you would be further subnetting your address space simply to make lans more manageable.
Also naturally speaking IP does not operate on layer 2 of the OSI model in order for IP's to fuction without mac addresses you would have to drastically change how network cards and network devices handle ip addresses within frames. I'm not going to say it would be impossible in theroy to do so but your networks would lose a ton of features, require more effort in administration and be less secure as well as use up more address space and crown half-duplex king. However for these reasons and more for all practical reasons it's impossible.
Additonally there are a meriad of other things that I'm sure I'm forgetting but what you should take away from all this is IP addresses and Mac addresses are used together because Ip's handle traffic over wan's well and Mac addresses handle lan traffic well. Together the systems work great. Apart they simply don't work very well.
Useful Threads
================================
www.firewall.cx/forum/2-basic-concepts/3...e-resource-page.html
Time to create page: 0.155 seconds