On Fri, 03 Jan 2003 13:45:40 -0700 Kevin Anderson <[EMAIL PROTECTED]> wrote:
> An IP address is used to uniquely locate a NIC on a different subnet. A MAC > is used to uniquely locate a NIC on the same Subnet. subnet is a network that has been divided, such as a class A MASK of 255.0.0.0 to 255.255.0.0 You can have supernets of which, something like a class C MASK of 255.255.255.0 becomes 255.255.0.0 This terminology is used for Classfull routing. The correct terminology would be. An IP address is used to uniquely locate a NIC on a different network. A MAC is used to uniquely locate a NIC on the same network. You throw two IP's away when you subnet, one is for the network identifier, the other for the broadcast. It is a little confusing because you can have Wide Area Networks, Terminology for the WORD "network" gets mixed around. You can say LAN and be more precise. > So the IP address is used to hop across routers until it reaches the network > the destination is a member of (192.168.0.0/24 for example). The router > will then pass the packet to the MAC (NOT THE IP) address of the recipient. That doesn't make perfect sense. On a LAN you encapsulate IP packets within Ethernet Frames. When you want to send information to another Network (or LAN) you first compare the destination IP to your IP using your MASK. >From there, if you do not know the MAC of your default gateway, you do an ARP. From >the ARP you get the MAC of your router, and encapsulate the IP packet within an >Ethernet Frame, that Ethernet Frame has your MAC, and the Destination MAC of the >gateway, the IP packet has your IP as a source, and the Destination IP that is on the >other network, it never has the IP of the router, unless there is an error and it >sends you an ICMP to notify. > > MACs are therefore necessary to allow communication on a network. I can't > think of a disadvantage. Potentially it could have some privacy > implications, because they obviously uniquely identify a PC, but this isn't > really much of a concern, MACs aren't passed across routers. Once a packet > leaves a given network, it uses an IP address until it reaches it's > destination. Wait till IPv6, AFAIK, your MAC address becomes part of the IP. > > Being able to change your MAC address is a mixed blessing. If you change > your MAC to be the same as someone else's on your subnet, that can be really > fun. Particularly if the troubleshooter isn't experienced. Old Card > (Especially ARCnet (in my experience)) sometimes had duplicate MACs. Being > able to change you MAC is part of the TCP/IP spec. > > Kev. There's more things you can do, knowing about MAC addressing. ARP poisoning, an example of Man-in-the-middle attack. Once in the middle, you capture packets, then hijack sessions...
