[RndTbl] wireless basics

Dan Martin ummar143 at shaw.ca
Sat Jan 21 20:14:48 CST 2012 

Thanks, Adam.

On 2012-01-21, at 6:53 PM, Adam Thompson wrote:

> I don't mean to sound rude, but you're right: you need a good grasp on 
> anatomy before doing surgery.

Nah.  Just drink lots of coffee, take the anatomy book into the OR.

That's why I called the subject 'basic'.  Finding it difficult to get good info on it, however.

> 
> It sounds to me like you may have the concepts of IP address and MAC 
> address backwards.
> 
> I can explain briefly (with a few over-simplifications that shouldn't 
> matter in most cases):
> 
> Every Ethernet and every Wi-Fi device has a MAC address, which is not only 
> unique to that device but also to that interface.  So a PC with two 
> Ethernet ports and a wireless card would have three separate MAC 
> addresses.

And each is mapped to an IP address, visible in the network layer.

> The MAC address is only used to identify a machine (more specifically, its 
> interface) on the network it's connected to; they are not used elsewhere.
> There is a protocol (hidden from you) that allows your computers and 
> routers to automatically translate an IP address into a MAC address, but 
> only for devices mutually connected to the same network.
> 
> Many "wireless routers" or "access points" simply join a wired network and 
> a wireless network together so that they jointly seem to be one continuous 
> network.
> 
> A router (including some wireless routers) also connects one (or more) 
> local network(s) to another, foreign network.  For example, many readers 
> here will have a local (home) network that connects to MTS or Shaw - a 
> router is required to mediate between the two networks.
> Some routers perform Address Translation ("NAT") which hides your local IP 
> addresses behind a single public IP address, so that MTS or Shaw doesn't 
> have to know anything about all your devices at home - they all masquerade 
> as a single device connected to your ISP.
> Your Linux box (probably using iptables masquerading) is probably 
> performing this NAT function - and in this role, it is functioning as a 
> router.  (More precisely, it IS a router.)
> 
> I'm not familiar with CentreCom, but if it was a router, it definitely had 
> at least two MAC addresses.  One of those MAC addresses would have been 
> visible to machines on your home network, and the other would have been 
> visible to your ISP's upstream router.  There would not have been any 
> reason for you to be personally aware of what these MAC addresses were.
> 
> Your base station is acting as a pure Wireless Access Point ("WAP", which 
> can also mean other things), which makes wireless devices seem to be 
> directly connected to the wired network.  

And that's what I want.  All address translation done in the Linux box, and everything else looks like a single network.

> It does not participate in IP 
> routing; it has an IP address so you can more easily manage it from your 
> PC.

That clarifies the reason for the IP address. 

> Depending on the model, it may optionally be able to function as a router 
> (like your linux box), in which case it would participate in IP routing.

Presumably it can, but I'm using it in 'bridge' mode because I don't want NAT or DHCP in the middle of my network.
> 
> IPv6 routing tables function somewhat differently from IPv4 routing 
> tables, at least in terms of what you see without peeking under the hood - 
> it's very common to see MAC addresses embedded in IPv6 addresses, this is 
> IPv6 automatic address assignment at work and you can ignore it unless you 
> want to use IPv6 for something.
> 
> You may have already deduced the answer, but no, dedicated routers look 
> EXACTLY like your Linux box (to other devices on the network), and perform 
> almost exactly the same functions.  The main reasons to use a dedicated 
> router are (not simultaneously!): smaller size, higher performance, 
> consistency of management or brand-name, proprietary routing protocols.
> To make the point even clearer, the large $1M+ Cisco routers being 
> deployed today actually run a version of Linux.  Much of their routing 
> functionality is done with high-speed dedicated hardware, not a Linux 
> kernel process, but the same functions occur in either case.
> The MAC addresses on your base station are mandatory - that's part of the 
> Ethernet spec and part of the WiFi spec.  Its IP address is used for 
> management.
> 
> You should never see or handle MAC addresses in general everyday use; only 
> network engineers see MAC addresses, and even then they're (usually) only 
> used as a tool to for looking up information while performing diagnostics.

So I can safely view everything from the network layer, where it appears all of the machines on my LAN are connected in a single hop.

At the link layer, there is more going on - a peripheral PC sends a frame through its nic (wired or wireless as the case may be) which is routed to 1 of several MAC addressable devices on the base station.  The base station sends it out from a different MAC address at the WAN port, and from there it gets sent to the MAC address of the NIC on the LAN side of the gateway machine.

At the network layer, which is what I see with any of my tools, a packet is sent directly from the NIC of my peripheral PC (which has an IP address mapped to it) to the NIC on the LAN side of the gateway machine (which also has an IP address mapped to it).  The stuff in between is magic.

Have I got it now?

If I used the base station as a router to create a subnet, would these previously invisible MAC addresses be mapped to IP addresses?
> 
> I've skipped over a lot of details and a lot of formalisms, but what I've 
> said should hold true for 99.9% of home users (and probably 98%+ of 
> business users for that matter).  I know I have at least 46 distinct MAC 
> addresses in my basement right now, plugged into the network - and I have 
> absolutely no idea what any of them are, nor do I care.  On the other 
> hand, those all combined represent only 9 IP addresses and I know exactly 
> what all of those are.
> 
> -Adam Thompson
> athompso at athompso.net
> (204) 291-7950 - direct
> (204) 489-6515 - fax
> 
>> -----Original Message-----
>> From: roundtable-bounces at muug.mb.ca [mailto:roundtable-
>> bounces at muug.mb.ca] On Behalf Of Dan Martin
>> Sent: Saturday, January 21, 2012 4:20 PM
>> To: MUUG Round Table
>> Subject: [RndTbl] wireless basics
>> 
>> I want to do some (hopefully minor) tinkering with my wireless
>> network, but it is clear that I don't get some basic concepts.  To
>> help me visualize my network at the NIC / MAC address level, could
>> someone explain who has MAC addresses and why?
>> 
>> I have a network connected (indirectly) to a cable modem.  A linux
>> box serves as a gateway.  It is connected by ethernet to the WAN
>> port of an airport extreme base station.  2 windows machines are
>> connected to LAN ports on the base station.  1 windows machine and 2
>> Macs are connected by wireless.  All the machines have manually
>> assigned IP addresses, and the base station is configured in "bridge
>> mode" since it appears the other options involve NAT or DHCP.
>> 
>> My gateway box is acting as a router.  It has 2 NICs (hence 2 MAC
>> addresses), 1 for inet connection and 1 to the LAN.
>> 
>> When I used a CentreCom router, on the other hand, it appeared
>> invisible, or at least I wasn't aware of any MAC addresses for the
>> router.
>> 
>> The utility for the base station lists what appears to be 2 MAC
>> addresses: an "AirPort ID" and an "Ethernet ID".  I have assigned
>> the base station an IP address.
>> 
>> The Mac computer I'm using, attached by wireless, does not show the
>> base station in the routing tables [except the "Ethernet ID" does
>> show in the IPv6 tables].  traceroute shows only a single hop to the
>> gateway.
>> 
>> Am I to assume that dedicated routers - unlike my Linux gateway -
>> appear invisible in the network and just magically connect nodes to
>> each other?  If so, what are the MAC addresses on the base station
>> for?  Just to access the box itself for configuration?  To access
>> something connected to its USB port?
>> 
>> 
>> Dan Martin
>> GP Hospital Practitioner
>> Computer Scientist
>> ummar143 at shaw.ca
>> (204) 831-1746
>> answering machine always on
>> 
>> 
>> _______________________________________________
>> Roundtable mailing list
>> Roundtable at muug.mb.ca
>> http://www.muug.mb.ca/mailman/listinfo/roundtable
> 
> 
> 
> _______________________________________________
> Roundtable mailing list
> Roundtable at muug.mb.ca
> http://www.muug.mb.ca/mailman/listinfo/roundtable

Dan Martin
GP Hospital Practitioner
Computer Scientist
ummar143 at shaw.ca
(204) 831-1746
answering machine always on

More information about the Roundtable mailing list