In this beginners guide, I am going to explain the basic & important
terms of computer networks such as NIC, IP Address, MAC &
ARP. This
will greatly help you set up your network basics right before you
look for advanced stuff.
Often we straight away jump into using tools and learn quickly from
the various technical papers but we tend to forget the basics. This
often causes us to lose the ground and eventually lose interest in
the same. From that perspective, this tutorial will help you get
your ground stable on network basics and get going !
Know the
Terms - IP Address, NIC, MAC
You must be familiar with the term IP address. Just like your home
has a mailing address in the same way any computer or device connected
to the internet have a mailing address called the IP address. It can
either be static or dynamic. In case its static then it will remain
unchanged every time you connect to a network and if its dynamic then a
local DHCP server grants you a new IP address every time you connect to
internet.
So with machines coming and going on networks, and IP
addresses ever changing, how do other computers on your network find
Redbeard? The secret (well, not really a secret; just a fact that
veteran administrators know so well, they forgot to tell you) is this:
every networked device actually has two addresses. One is the IP
address, which might or might not change. The other is the MAC address,
which is fixed to the device (can be changed too,
read more here).
When you connect a computer to your Ethernet LAN, do you know what
you're plugging the Ethernet cable into? From the outside, it looks like
you're plugging it into a metal case, but you're not. Inside the case is
a Network Interface Card (NIC). A NIC is a special hardware card within
any networked device (computer, printer, router, etc.) that handles all
the technical aspects of sending and receiving data packets over a
computer network.
Like your mailing address at home, your
computer's NIC has a unique address. This address must be unique,
otherwise, network traffic cannot find its way to the right computer.
The distinctive address that identifies a NIC is called the Media
Access Control (MAC) address. A MAC address is formatted as a six-byte,
hexadecimal number, like this
00:90:7F:12:DE:7F
A MAC address is a unique character string, and since it identifies
a specific physical device -- one individual NIC -- the MAC address, by
convention, never changes for the life of the NIC. Two NICs never have
the same MAC address (unless some manufacturer screws up royally [which
has happened]). Because your NIC's MAC address is permanent, it's often
referred to as the "real" or physical address of a computer.
Why do we need
IP when we have MAC?
Actually MAC address are fixed hence they are not as scalable compared to IP address. IP
address have several other features like subnetting and
supernetting
which gives a logical understanding of the presence of a machine in a
network. These facilities are not with the MAC address.
Also MAC
address are not routable. The Internet Protocols will not treat them as
an address of a source or destination. Hence IP address in many ways
simplifies our task.
The malleable IP address gives your network
some flexible manageability. The never-changing MAC provides a specific,
reliable address for a physical device.
Or you could say, we have
the long and the short of it. IP addresses route a packet across the
whole global Internet, while MAC addresses help the packet make the
small, local hop between hardware devices. Sophisticated networking is
possible because each of your networked devices has both a MAC and an IP
address.
With that comes the next question, How MAC and IP
co-ordinate?
Lets bring up ARP
The simple definition that we study in local networking books about
ARP is - network layer protocol that is used to convert IP address into
MAC address. Lets get into more details,
We began by
wondering, "How do devices on a local network become aware of one
another?" NICs and MACs are important pieces of the answer, but your
network must learn to pair a MAC address with the IP address for the
same machine. It does so using a technique called Address Resolution
Protocol (in short ARP).
Think of ARP as network roll call.
Remember the first day of your college/school? At the beginning of
class, the teacher called from a list of names, expecting you to reply
when she called yours. She did this to associate your name with your
face. Every student heard every name, but answered only to his or her
own name. ARP uses a similar technique to associate an IP address to the
MAC address.
Let's assign Abhinav the IP address, 192.168.39.101,
and suppose his NIC has the MAC address, 00:A0:24:30:2E:13. And suppose
he need to send a file to Jaya or more literally, to her computer. When
Abhinav attempts to send jaya a file, Abhinav first obtains Jaya's IP
address. Upon seeing that the IP address is local (on the same
subnetwork), Abhinav knows he is capable of sending the file to her
destination, if he learns the "real" (MAC) address associated with that
IP address. To learn the MAC address, Abhinav does what your teacher did
on the first day of school/college. He calls out to the entire local
network asking that the computer with the IP in question reply "Here!"
with a MAC address.
Let's say that Jaya has the IP,
192.168.39.148. To find the MAC address for Jaya, Abhinav would send the
following (simplified) ARP request:
From: (Abhinav's MAC address)
To: (Broadcast address)
Packet Content
00:A0:24:30:2E:13
FF:FF:FF:FF:FF:FF
Who has 192.168.39.148? Tell 192.168.39.101.
Notice the special address in the "To" field above. That special
address (all Fs) is the MAC broadcast address. Anything sent to that
address goes to every computer on LAN segment. All those computers
receive the message, but ignore it, because it doesn't pertain to them
-- with the exception of Jaya. Because Jaya is 192.168.39.148, she
replies with her MAC address, like this:
From: (Jaya's MAC address)
To: (Abhinav's MAC address)
Packet Content
00:A0:24:30:4C:23
00:A0:24:30:2E:13
I have 192.168.39.148
This is how Abhinav will finally succeed in finally sending his file
(not a love letter) to Jaya after identifying her MAC or physical
address. In short Abhinav ARPed Jaya.
Here is a picture to
demonstrate this process.
Having successfully ARPed, Abhinav stashes
the newly-learned MAC/IP pair in an ARP cache. The ARP cache is a
small segment of memory your computer reserves to temporarily store
a table of MAC addresses and their associated IP addresses. Your
computer keeps this table for efficiency so that it doesn't have to
keep broadcasting ARP requests to computers it has already queried.
If Abhinav need to send something else to Jaya soon (maybe a love
letter this time), Abhinav will obtain Jaya's MAC address from his
own ARP cache rather than querying it again.
Conclusion
Hope this tutorial will help you to clear most of your doubts on
networks basics. When you have sound basics, you can easily solve bigger
problems.
