While using a MAC address scanner in my campus, I realized that it was able to show the correct MAC addresses corresponding to the hosts on my local subnet ONLY. For the rest of the hosts outside my subnet, the same MAC address was shown and surprisingly it corresponded to the router connected to our subnet. Why was this happening?
Well I have found the answer to that when I read Richard Stevens' TCP/IP Illustrated Vol-1 a month back. It is an amazing book and explains the concepts very well.
The reason for the anomaly I described above was that MAC addresses are hardware addresses which work at the LINK LAYER of the OSI Model, the MAC scanner simply sends out ARP REQUEST packets for the different ip addresses. Now these ARP REQUESTS are broadcast WITHIN the subnet and the hosts respond to the requests if the destination ipaddress of the request packet matches with theirs. Then that host sends an ARP REPLY packet with the correct MAC ADDRESS. But you may still be wondering why does the local router responds to request packets having the ipaddress not meant for it?
Actually, when the router, through its ROUTING TABLE is always aware which hosts belong to its subnet and which are not(Its more complicated than that). When a host tries to send packet outside its own subnet ,the router realises this and sends its own mac address. A router works at the IP layer, which means that it needs an IP datagram, for forwarding any packet, and since ARP packets work at the link layer, do not have any IP header therefore are never forwarded to the outside networks.
This was written in an ultra-condensed form and reading a book on the TCP/IP suite is a must if you feel this article did not do justice to the topic.
I would recommend
1. TCP/IP Illustrated by Richard Stevens
2.Computer Networks by Tenebaum (I have not read it but i have heard it is very good as well)
Some important links:
1.Wiki on OSI Model
2.Wiki on LINK LAYER
3.Wiki on ARP
4.Richard Stevens' Home Page
5.Computer Network by Tanebaum book review
Well I have found the answer to that when I read Richard Stevens' TCP/IP Illustrated Vol-1 a month back. It is an amazing book and explains the concepts very well.
The reason for the anomaly I described above was that MAC addresses are hardware addresses which work at the LINK LAYER of the OSI Model, the MAC scanner simply sends out ARP REQUEST packets for the different ip addresses. Now these ARP REQUESTS are broadcast WITHIN the subnet and the hosts respond to the requests if the destination ipaddress of the request packet matches with theirs. Then that host sends an ARP REPLY packet with the correct MAC ADDRESS. But you may still be wondering why does the local router responds to request packets having the ipaddress not meant for it?
Actually, when the router, through its ROUTING TABLE is always aware which hosts belong to its subnet and which are not(Its more complicated than that). When a host tries to send packet outside its own subnet ,the router realises this and sends its own mac address. A router works at the IP layer, which means that it needs an IP datagram, for forwarding any packet, and since ARP packets work at the link layer, do not have any IP header therefore are never forwarded to the outside networks.
This was written in an ultra-condensed form and reading a book on the TCP/IP suite is a must if you feel this article did not do justice to the topic.
I would recommend
1. TCP/IP Illustrated by Richard Stevens
2.Computer Networks by Tenebaum (I have not read it but i have heard it is very good as well)
Some important links:
1.Wiki on OSI Model
2.Wiki on LINK LAYER
3.Wiki on ARP
4.Richard Stevens' Home Page
5.Computer Network by Tanebaum book review
No comments:
Post a Comment