I am person trying to learn networking. I understand that this may not be the best first step to take, but I am eager to try and understand how this takes place because it has been tearing up my mind for quite a while now.
My question is, how does a network recognize a device and automatically connect it to the network?(This is assuming, of course, that you have connected to the network previously and are connecting wirelessly.)
Does it store it on the routers side and then look for specific MAC Addresses and then connect it? Or is it stored somewhere on an encrypted file on your computer? Or is it none of these? Please forgive me if I am way off, I am only giving guesses from what I have so-far learned from networking.
'Connect it to the network' doesn't really mean anything, other than just plugging it in, or turning it on in the case of Wifi. What really happens is that the device broadcasts a DHCP request for an IP address, or else It already has an IP address in that subnet. From that point on it is discoverable by ARP, so other hosts in the subnet can send to it.
Related
I've got an embedded system that just sits their waiting for incoming TCP/IP comms. It's got a static IP address. Do I need to actually set a subnet mask and gateway address as the system NEVER talks out other than when it is talked to?
If I do, please explain why.
Thanks,
Stuart
You can sometimes cheat and do such a thing with IP. The mac addresses should be there, assuming no broadcast, and the ip header has the source/destination, you can flip both around and the ports. You would still need to respond to the ARP looking for you, but the cheat is not sending an ARP looking for them basically ignoring the timeout. To do it correctly you need to keep a table locally and a timer and if you have never seen that ip address or the last time you saw it was more than a minute ago or whatever your timeout is, then you need to ARP for it to be able to respond. TCP is a much larger pain in the ..., with UDP you can do this kind of thing quite easily, swap macs, swap ip, swap ports, fill in the payload, checksum if you want or not, and send it back. Put code in to respond to the ARP. Dont see off hand why TCP would be any different.
Now assuming you are talking about some operating system, embedded or otherwise with a full stack, then that stack is likely going to want that information, but it is operating system/stack specific as to whether you can put bogus numbers in or not for situations where they dont need to be examined to respond to a particular connection. Of course that is not a programming question and this is a programming site, so I assume that is not what you are asking.
Not sure if I should ask this question here, but this is a technology community so why not.
I'm running a local network which is setup like this:
Modem -> Access Point -> Switch -> Server/5 other computers
and my problem is the 5 other computers only two computers can have access to the internet (which are connected though Ethernet).
Also, any device that's connected to my wireless network can't access the internet either.
I know it's not a problem from my ISP since two computers are connected to the internet. And I know it's not a wireless problem since my local server can be reached though the access point.
I'm not sure what is the problem since I replaced all the cables, devices, and done tons of resets.
Appreciate your help, or direction to where I can get help.
Thanks all, but my problem was that I used static IP and didn't assign more than three, two computers and a printer. completely a beginner's mistake.
I don't know if you are familiar with computer networks but I think it's a network problem. Maybe your router (modem) can provide only two IPs and that's why only two computers can connect the internet. To verify this you can check what is your IP, and what is your Subnet Mask. Type ipconfig in your cmd and give me your IP and the subnet mask to check if this is the problem or not.
If I want to detect the number of connections active on my home Wifi network, how should I go ahead doing it? This can be useful for building applications which would serve as monitoring unidentified/unrecognized people being fraudulently misusing a person's Wifi network.
How to know whether your neighbors or others are using your wireless network is rather complicated.
If your neighbors are experienced Wi-Fi hackers, you might not be able to tell at all.
If they're just stealing your Internet connection, you may be able to tell from the logs on your router.
To find out who's on your wireless network, you'll need to start by taking inventory of all the devices that are meant to be connected. Find out their MAC IDs and their IP addresses (if they're static).
To find out the MAC ID/IP address on a PC, click the Start menu and choose Run. Type cmd and click OK. In the screen that opens, type ipconfig /all and hit Enter. The MAC address will be shown as the physical address. Once you know the MAC addresses of each of the PCs on your network, you will recognize any addresses that don’t belong under the screen that shows the MAC addresses of current connections.
Check IP addresses
Likewise you may be able to see how many IP addresses have been dished out by the DHCP server. If you check the IP addresses of each of your PCs, you can see if other IP addresses have been served.
To find out your IP address from the Start menu, click Run. Then type in cmd and click OK. In the screen that comes up, type ipconfig which will display the IP address for that computer. (Bear in mind, however, that if the PC is set to auto detect settings, then the PC's IP address will change the next time the computer is rebooted or switched on. Sometimes previously served numbers have not yet expired, so you may think someone is connected when they are not.)
Dealing with intruders
If you do find someone using your connection, they may well not be doing so maliciously or even knowingly. Sometimes people can’t tell which is their own connection and they may honestly believe that they are using their Wi-Fi router rather than yours. The best way to deal with this is to set up your own security and maybe you can help them find their own router!
The optimal solution is to set up a strong password using WPA or WPA 2 of almost 20 to 30 digits and numbers. Once your network is functioning, you can switch off the SSID broadcast (which prevents it from advertising the name of your network) so it would effectively disappear as far as your neighbors are concerned, and the first you might hear of it is when someone complains that their Web connection has disappeared.
You could look for logs such as current LAN clients, connection or status log, or connected MAC addresses.
Be Happy :-)
Do you have access to the Access Point management ?
Look for MAC addresses and their filtering. Modern APs allow you to filter devices and or limit the timeframe during which devices can authenticate themselves, using a hardware button.
A link on how to secure your AP here, and a good start to know what to play with !
You can Either USE this Command... On your Router or Modem... Some Modem's have console for Ping and Commands like that....
ipconfig -all
I'm working on a Wake on LAN service that will run from a web site and should interact with many different platforms - therefore, no Windows-only solutions. When a user registers their system with the web site, I need to get the MAC address to use in constructing the "magic" packet. I have a Java Applet that is able to do this for me and am aware of an ActiveX control that will work, but I'm wondering if there is a way to do this server-side by querying routers/switches. Since the system may be on any of a number of different physical subnets, using ARP won't work -- unless there's a way to configure the router(s) to perform the ARP on my behalf.
Anyone know of any network APIs, proprietary or otherwise, that can be used to look up MAC addresses given an IP address? I think we're using Cisco routers, but it's a complicated network and there may be multiple vendors involved at various levels. I'd like to get some background information on possible solutions before I go to make a sacrifice to the network gods. No point in abasing myself if it's not technically possible. :-)
EDIT: We do have the network infrastructure set up to allow directed broadcast, though figuring out the exact broadcast address since netmasks are not always /24 is another conundrum that I need to solve.
If you are on a local network that uses DHCP you might be able to look in the servers database to get the MAC of the last user with that address. In the future you could watch the network for ARP requests and cache the responses in some sort of table. You might also look at using RMON or SNMP to try and query the Address Tables on the switches and routers.
It should be noted that to use WoL across routers you either need to enable Directed Broadcasts or you need to have a relay server in the local segment.
Been a while since I played routers and swtiches but this might be a starting point for what to query using SNMP http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00801c9199.shtml
Use the following:
getmac /s destIp
To get the remote session Mac address.
I don't know if these might be helpful but take a look:
http://www.webdeveloper.com/forum/showthread.php?t=134120
http://www.qualitycodes.com/tutorial.php?articleid=19
You've said everything I can think of...
The source MAC address changes as a packet hops from device to device so unless the client is on the same subnet, the server won't be able to get the MAC address. (You would do it via ARP)
A signed java applet or activex control would be the easiest solution. It would be able to (almost passively) get all the networking info you need (IE doesn't even prompt to run a signed applet)
If you are fully aware of the network that is using the service then you could probably query a gateway's client-list via SNMP or CDP. You would be able to map out IP-Addresses to MAC addresses... but this is really vendor dependent (but common) and wouldn't be much better (imo) than having an applet.
Currently the application is using a Java 6 applet that allows me to extract both the hostname and the MAC address from the remote system. I don't like having this dependency on Java 6, but Snow Leopard and Windows both support it, so I can probably live with it.
On a related-front our networking folks approached me for some help with converting some existing code to ASP.NET. During the conversation I asked if they had live MAC address information (since they do port shutoffs based on suspicious network activity -- viruses/worms). Turns out they do and we may be able to leverage this project to get access to the information from the network database.
I don't think there is any way to accomplish this. When the IP packet goes via the first router the host's MAC information is lost (as you know MAC is only used in ethernet layer). If the router most close to your PC was capable of telling the remote MAC code to you, again it would only see the MAC of the next router between your PC and the "other end".
Start sacrificing.
There's no general way to do this in terms of the network unless you have no routers involved. With a router involved, you will never see the MAC address of the originating system.
This assumes that the originating system only ever has a single network interface, so has only a single MAC address.
In fact, are you even sure that your "magic packet" (whatever that is) will reach the system you want it to reach, through the routers? That sounds like a function the routers or other network infrastructure should be performing.
Mac address is only used on network segments, and is lost at each hop. Only IP is preserved for end-to-end - and even then the from ip address is rewritten when Natted. I guess my answer is, not possible unless everything is on the same network segment, or your routers are set up for proxy arp (which is not really realistic).
You can only get MAC entries in the ARP table for machines on the same network. If you connect to a machine via a router then you will only see the routers MAC address in the ARP table. So there is no way of knowing the foreign host’s MAC address unless it's a host on the same network (no routers involved).
And by the way there are many similar question already on SO.
if it's a windows system you can use NBTSTAT -A
this will return the netbios info and the IP is there
any Management system like SMS or Altiris will have this info
The DHCP server is a good idea
If it's local you can ping it and then quickly run ARP -a
look for the IP and the MAC will be there.
you might need to write a small batch file.
if you have access to the PC you can use WMI to access the info for the Nic with DHCP.
As said above we can get mac address from a known IP address if that host is in the same subnet. First ping that ip; then look at arp -a | grep and parse the string on nix* to get mac address.
We can issue system command from all programming languages standard API's and can parse the output to get mac address.Java api can ping an IP but I am not sure if we parse the ping output(some library can do it).
It would be better to avoid issuing system command and find an alternative solution as it is not really Platform Independent way of doing it.
Courtesy: Professor Saleem Bhatti
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Bit of a random question (and I know a lot of the technology invovled is not described) but are there any networking gurus out there that can answer what is probably a simple M$ networking question that has me baffled?
Connected my laptop to the corporate network today in the same manner I do eveyday. I was allocated an IP address as per normal but unlike normal, I got no connectivity to the internet.
After a reboot and a ipconfig /release /renew the situation was the same. IP address but no connectivity.
So I called in the Techs who replaced my ethernet cable between my machine and the network port and everything sprung into life -- full connectivity restored.
My question: how did it get an IP address using that broken cable?
Most probably, your laptop assigned itself the last IP it was given by DHCP when it failed to get one from the DHCP server.
Which IP did you get? Windows computers get assigned dummy IPs when they do not get one from a DHCP server, starting with 169 if I recall correctly.
There's too many variables to keep a good educated guess. The best guess I can come up with the facts you've given is this:
The cable wasn't broken when it was initially plugged in. Maybe you were able to get an IP address before the cable broke.
As MrValdez already said, there are really to many unknowns to make a good guess. But one thing to keep in mind is, that just because one event follows another it is not necessarily caused by that event. This is also known as "Correlation does not imply causation".
It might well be, that the time to replace the cable was long enough that the real problem (router, ISP or some other thing along the path) could be solved by someone else (without knowing about your problem) or just vanished on its own.
If the cable was broken, you would get an error network "Not Connected" in the icon in the system tray. If you network connection was up, means the cable was OK.
If the cable was not of the right type, then you could have had connection up, but Ethernet negotiated to 10Mpbs/Half Duplex, which can cause a lot of pain to the use who's not aware of it, including symptoms like no connectivity, dropped packets and hence slow connection, etc.
After that, if you got an IP address beginning 169.184.X.X, that would mean that DHCP failed for whatever reason, and your laptop assigned itself a default configured IP address.
If the IP address you got was what you normally get in your LAN environment (the once with which you usually connect to the internet), then there might be some firewall issues, or something else wrong with your corporate network's router, which the Tech guys might not be too willing to share with you :-)
It's impossible to be sure but here are a few:
Network card driver: I've experienced very random things with HP laptops and ethernet cards. Usually a reboot fixes that. Green connectivity light doesn't always mean 'go', sometimes the drivers are responsible for turning the light on.
Loss of connectivity in the cable or the network plug in the compute.
Duplex negotiation problems between the switch and the computer
Maybe trying gigabit ethernet on a 4 wire cable?
If it was me I'd try an ethernet sniffer (like tcpdump or wireshark) if this happens again, see if you're getting anything in. Ping results would also be nice (to IP addresses, not hosts).
The cable and/or connectors were flaky. DHCP is done using very small UDP packets, and if enough of them are sent, eventually they'll get through. The DHCP retry mechanism is very robust, so I wouldn't be surprised if you lost 95% of the packets, and it was still enough to get an IP.
However, once you start sending larger packets for TCP/IP transactions you'll find that the 95% loss drops enough packets that even with durable TCP/IP, it's too tough to get anything useful through.