On Mon, 2006-01-30 at 10:00 -0600, Mikkel L. Ellertson wrote: > Tim wrote: > > > > Wouldn't they also have to be co-relating IPs to MAC addresses? Surely > > they couldn't just work by the MAC, alone? > > > > For instance if my PC at 192.168.1.1 wants to do something with > > 192.168.1.2, all that goes out on the wire is the IP addresses, hoping > > that something else figures out how to connect the two together, or > > hoping that they're already directly connected together. > > > >>From the manual (tiny bit of paper) that came with my simple switch, I > > understood that it listened in on the traffic, worked out what IPs > > belong to what MACs, and switched accordingly after a few initial > > moments of discovering how the network was set up. If an IP or a MAC > > changed for a device (just one, and not necessarily both), it'd need to > > rethink things before it worked again. > > > > I can't say what switch I have, it's a black box, in a dark spot in the > > shelf. I can't see anything to identify it, just the blinking LEDs on > > the front. > > > If I understand things correctly, for the local network, your > computer does the IP to MAC mapping. (Run arp to see it.) The > packet has the MAC address as part of it. For destinations that > need to use a gateway, it has the gateway MAC address. The other > thing to consider is that not all traffic has an IP address. This > is because TCP/IP is not the only network traffic possible on the > LAN. Other protocols use different identification. > > What switches learn is what MAC address is on what port. This can > cause problems if you change connections, depending on how fast the > switch "learns" the new port. When you get beyond home-grade > equipment, you may be able to tell the switch not to automaticly > "learn" the new port. This prevents someone from "cloning" a MAC > address and hijacking traffic. > A PC (or other device) sends packets to an IP address. The switch maps the IP to MAC to keep track of what is attached to each port and where to send traffic. A TCP packet does not contain MAC addressing (although some protocols may). ARP is a way for the local PC to see what is avialable, but if you check the ARP table on your PC it usually only remembers the MAC address for a very short time, thus the effect you describe above. Also, remember, MAC addressing is only valid on the local LAN. If it has to go through a router that cannot work. Those protocols that do use MAC addressing are local LAN protocols only. > Mikkel > -- > > Do not meddle in the affairs of dragons, > for thou art crunchy and taste good with Ketchup! >
