UNIT FOUR:

MAC address
A Media Access Control (MAC) address is an address that is used for communication
between two hosts in an Ethernet environment. It is a hardware address, which means
that it is stored in the firmware of the network card.

MAC (Media Access Control) addresses are used on an Ethernet network as a unique
identifier for each network device. It is a 48-bit address, typically written in hexadecimal.
Each network card comes with a MAC addresses that has been assigned by the vendor.

Every network card manufacturer gets a universally unique 3-byte code called
the Organizationally Unique Identifier (OUI). Manufacturers agree to give all NICs a
MAC address that begins with the assigned OUI. The manufacturer then assigns a
unique value for the last 3 bytes, which ensures that every MAC address is globaly
unique.

MAC addresses are usually written in the form of 12 hexadecimal digits. For example,
consider the following MAC address:
D8-D3-85-EB-12-E3

Every hexadecimal character represents 4 bits, so the first six hexadecimal characters
represent the vendor

How to find out your own MAC address?

If you are using Windows, start the Command Prompt (Start – Programs – Accessories –
Command Prompt). Type the ipconfig/all command and you should see a field
called Physical Address under the Ethernet adapter settings:
MAC Learning:
Switches only learn the source MAC address from a frame. The switch stores the
MAC information in a table called the CAM table or the MAC table. CAM Table
Stores:
1. MAC address
2. The interface
VLAN MAC address belongs to how the MAC address is learned is statically or
dynamically.

Whenever a frame hits the interface of the switch it first checks the source MAC
address and tries to find an entry for it in its CAM table if the entry doesn’t exist an
entry is created, if it already exists then the aging timer for that entry is refreshed.
Dynamic Learning of MAC Addresses:
Dynamic MAC learning occurs when a frame whose source MAC entry does not
exist in the CAM table. Consider the topology given below:

In this topology when we ping PC2 using PC1 then the following events occur:
1. Since PC1 doesn’t have the MAC address of PC2 to generate an Internet
Control Message Protocol (ICMP) request, an ARP request is generated.
Since IP does not have an inbuilt mechanism for sending error and control
messages. It depends on Internet Control Message Protocol (ICMP) to provide
an error control. It is used for reporting errors and management queries. It is a
 supporting protocol and is used by networks devices like routers for sending
error messages and operations information, e.g. the requested service is not
available or that a host or router could not be reached.
Most of the computer programs/applications use logical address (IP
address) to send/receive messages, however, the actual communication
happens over the physical address (MAC address) i.e from layer 2 of the OSI
model. So our mission is to get the destination MAC address which helps in
communicating with other devices. This is where ARP comes into the picture,
its functionality is to translate IP address to physical addresses.

2. When the ARP request hits the switch e0/0 interface, the switch first looks at
the source mac address. Since the switch doesn’t have an entry for the PC1
MAC address the switch it adds an entry for PC1 and floods the request on all
of its interfaces with the same VLAN.
3. When PC2 generates a reply to the PC1 ARP request the same event occurs
but this time the switch performs unicast switching instead of flooding the
packet.
Dynamically learned MAC addresses are flushed after 5 minutes of no
communication. You can check the dynamically learned MAC address with this
command:
show mac address-table dynamic

The acronym ARP stands for Address Resolution Protocol which is one of the
most important protocols of the Network layer in the OSI model.
Note: ARP finds the hardware address, also known as Media Access Control
(MAC) address, of a host from its known IP address.
Port Addressing

Ports explained
A port is a 16-bit number used to identify specific applications and services.

TCP and UDP specify the source and destination port numbers in their packet
headers and that information, along with the source and destination IP addresses
and the transport protocol (TCP or UDP), enables applications running on hosts
on a TCP/IP network to communicate.

Applications that provide a service (such as FTP and HTTP servers) open a port
on the local computer and listen for connection requests. A client can request the
service by pointing the request to the application’s IP address and port. A client
can use any locally unused port number for communication. Consider the following
example:
In the picture above you can see that a host with an IP address of 192.168.0.50
wants to communicate with the FTP server. Because FTP servers use, by default,
the well-known port 21, the host generates the request and sends it to the FTP
server’s IP address and port. The host use the locally unused port of 1200 for
communication. The FTP server receives the request, generates the response,
and sends it to the host’s IP address and port.

Port numbers are from 0 to 65535. The first 1024 ports are reserved for use by
certain privileged services:
The combination of an IP address and a port number is called a socket. In our
example the socket would be 192.168.0.50:1200.

Port Address Translation (PAT) configuration

With Port Address Translation (PAT), a single public IP address is used for all
internal private IP addresses, but a different port is assigned to each private IP
address. This type of NAT is also known as NAT Overload and is the typical form
of NAT used in today’s networks. It is even supported by most consumer-grade
routers.

PAT allows you to support many hosts with only few public IP addresses. It works
by creating dynamic NAT mapping, in which a global (public) IP address and a
unique port number are selected. The router keeps a NAT table entry for every
unique combination of the private IP address and port, with translation to the global
address and a unique port number.

We will use the following example network to explain the benefits of using PAT:
As you can see in the picture above, PAT uses unique source port numbers on
the inside global (public) IP address to distinguish between translations. For
example, if the host with the IP address of 10.0.0.101 wants to access the server
S1 on the Internet, the host’s private IP address will be translated by R1 to
155.4.12.1:1056 and the request will be sent to S1. S1 will respond to
155.4.12.1:1056. R1 will receive that response, look up in its NAT translation table,
and forward the request to the host.

IP Addressing

An IP address is a 32-bit number that identifies a host on a network. Each device

that wants to communicate with other devices on a TCP/IP network needs to have
an IP address configured. For example, in order to access the Internet, your
computer will need to have an IP address assigned (usually obtained by your
router from the ISP).

An IP address is usually written in the form of four decimal numbers separated by

periods (e.g. 10.0.50.1). The first part of the address represents the network the
 device is on (e.g. 10.0.0.0), while the second part of the address identifies the host
device (e.g. 10.0.50.1).

In contrast to MAC address, an IP address is a logical address. It can be

configured manually or it can be obtained from a DHCP server.

NOTE:

The term IP address is usually used for IPv4, which is the fourth version of the IP
protocol. A newer version exists, IPv6, and uses 128-bit addressing.

Private IP addresses

There are three ranges of addresses that can be used in a private network (e.g.
your home LAN). These addresses are not routable through the Internet.

Private addresses ranges are:

• 10.0.0.0 – 10.255.255.255
• 172.16.0.0 – 172.31.255.255
• 192.168.0.0 – 192.168.255.255

How to find out your IP address

If you are using Windows, start the Command Prompt (Start – Programs –
Accessories – Command Prompt). Enter the ipconfig command. You should see a field
called IP Address:

Two most important functions in a data network are:

1. To uniquely identify each host or computer or device participating in network. This

is called addressing.
 2. To be able to connect and move data packets between any devices in a
network. This is often called switching and routing by connecting devices to
switches and routers respectively.

An IP address and Subnet Mask are very basic entities of data network.

What is an IP Address?

An IP address is a 32 bit number like 11000000101010000000000100000001 in binary or

3232235777 in decimal. So it is written in 4 parts like
11000000.10101000.00000001.00000001 in binary form and 192.168.1.1 in decimal form.
This way it is easier to understand.

Now, a unique number is sufficient to identify each host in a network but that alone cannot
help in reaching from one host to another. Imagine if every house in world had a unique
number or some name, but no state, city and country info. Would it be possible to reach a
particular house even if its number is known?

So logically, addresses are made up of parts, like state, city, street and finally house
number. Most of the parts of an address are common to many people, like people living at
same street or city. Generally only the house number and name finally differentiates
between any two similar addresses.

Similarly in case of IP address, we logically partition an IP address in parts so that we can

reach a computer from anywhere (yes, obviously if the route exists). Also not that logically
partitioning an IP address is different than writing an IP address in 4 parts, that’s just a
notation.

So to keep things simple we generally divide an IP address in two logical parts. One is
network part and the other is host part. Network part is like street, city, state which is shared
by multiple IP addresses. Host part is like house number and name of the person. Both
parts together uniquely identifies a host or computer. We can also partition an IP address
in more than two parts.