IP and MAC address’

Associate
Joined
26 Jul 2024
Posts
19
Location
Basingstoke
Dear All,
Some of you have been helping me with my network learning, with idea of getting into 1st line support, as a way into that world.
I have been going through the COMPTIA videos, snd was doing fine until he started about the IP stuff. I thought in general I was ok with this kind of thing. But the way he puts it using a moving a house around via trucks has just confused things. I have posted a screen shot of what he has been talking about, with one of his diagrams.

Does anyone have any advice, or a better way of explaining what exactly he is trying to explain> - OK scrap some of that - I have posted the link to his video - the whole first 3 mins was his metaphor, and the screen shot was the picture at 2 mins 49 secs
Thanks for reading,
Matthew

 
Last edited:
He is trying to describe the TCP/IP or OSI model. His way probably not the best way to explain it from what I heard (I have a basic understanding, ie I know layer 2 is MACs and layer 3 is IP addresses), but couldn't off the top of my head go through the other layers (think 1 is physical cabling, hardware etc, and 7 is the piece of software being used, but don't quote me :))

 
Last edited:
The image is an IP packet. this is how the data is packaged up to transmit a frame over the OSI layer 2 data layer. (OSI layers are 1 Physical 2 Data 3 Network 4 Transport 5 Session 6 Presentation and 7 Application)
A packet is made up of several elements, the ethernet header which contains information such as source/destination macaddress, IP version and TTL.
Inside the header you have the payload itself, whether it's TCP or UDP, the data and how many segments it consists of etc.
As you go up (or down depending on how you view the OSI model) the layers different sections of the IP packet are used.

I.e
The Ethernet header is used at layer 2 to route the packet to a destination MAC address, along with telling the destination the sending host's address
the IP segment is used at layer 3 and contains the destination and source IP address
then comes the data which is handled between layers 5-7
the session layer deals with opening and closing communication between devices
the presentation layer handles data preparation to be used by layer 7 the application itself.
 
Thank-you all - the prob was I learnt some about the OSI when I first started all this. He kinda complicated my thinking.
I figured that ask IP was like a sat nav’s end destination, and the MAC address were all the roads one by one, that take you to the end destination. Might be a wrong methaphor - just remember thinking of it like that a few months ago.
 
Dear Everybody,

You were all so helpful before, and I am prob overthinking this a bit, rather than just accepting this is the way it is.
If on the OSI model 'you' can get stuff done with layer 2 - MAC addresses etc, why bother with the IP? Mac addresses bounce stuff backwards and forwards - is it because when one computer doesn't know the MAC address of another, it needs the IP to ping the other machine to get it to respond and then it can see its MAC address? I was going through the CCNA with professor messer - but his methaphor of the OSI I don’t find helpful. I prefer Chuck’s networking YouTube channel - but having said that he does go quite quickly through things.
The whole part of the OSI model doesn't seem to stick with me. I keep trying to think of a metaphor to put IP and Mac addresses, and layer 2 into context.
please help! I am starting to worry I am not picking this stuff up fast enough, but I could prob set up my network now (when I actually sit down and do it), and that should have one normal desktop PC running Windows 11 pro, then my router, which I will switch into modem mode, a switch and I will add in devices I find about my place. I might do a seperatye post about that as it’s gonna detract from my original question.
Many thanks for all your continued help - i find it very reassign and helpful.
Matthew. :-)
 
MAC addresses are the hardcoded location of a specific NIC, IP Addresses are arbitrary and can change upon the whim of the DHCP server.

MAC addresses are burned into every single NIC during manufacture (and as such MAC addresses are also known as the physical address, do ipconfig /all at a command prompt and you'll see Physical address not MAC), the first 3 octets of the MAC address is the OUI, Organisationally Unique Identifier, you can actually work out the manufacturer of a NIC with this. When the computer is connected to a network it will broadcast its

the ethernet frame will contain both MAC and IP addresses for the most part but if the MAC is unknown then ARP will enter the mix and supply the relevant MAC for the IP address.

IP addresses are used because it's easier (with IPv4) to remember 10.10.10.10 than it is 12:A0:BB:34:6F:22, although IPv6 isn't as memory friendly :)

Computer A wants to send an IP packet to computer B, but it does not know the MAC address of computer B.
Computer A will then broadcast an ARP request received by all computers on the local network segment.

The request will essentially say, “This is my IP address. This is my MAC address. And I am looking for the MAC address associated with this IP address. If this IP address is yours, please respond and give me your MAC address.”

in cmd/powershell type arp -s to see the list of IP addresses and their related MAC address
 
I think I am overthinking it all, trying to find a metaphor for it. The basic ARP stuff I get, i think maybe trying to do this using an actual network might help. Thank you for your detailed reply.
 
I spose technically you could think of it this way

MAC address = House Foundation (manufacturer ID)+Postcode
IP Address = House Name+town

it's very rare/unheard of for the postcode of an location to change but the House name can be changed so when you post a letter you address it with the House name,town and postcode the letter will get to the destination ok, but if you leave out the post code the Postoffice (ARP Table) will seach through their database for matching house names and town. (although in this metaphor the post office does not then send you a letter telling you the correct post code)
 
I think I am overthinking it all, trying to find a metaphor for it. The basic ARP stuff I get, i think maybe trying to do this using an actual network might help. Thank you for your detailed reply.
The way I see it, MAC addresses and IP addresses are both the same thing, in the sense that they're identifiers.

So, to know why you don't just use a MAC address, you'd ask the question of what point there is to IPs and what they're connected to.
 
IPs change. MAC addresses don’t.

If we networked by MAC, every time you moved ISP you’d have to tell them the mac of every device you owned so they could route to it.
 
You were all so helpful before, and I am prob overthinking this a bit, rather than just accepting this is the way it is.
If on the OSI model 'you' can get stuff done with layer 2 - MAC addresses etc, why bother with the IP? Mac addresses bounce stuff backwards and forwards - is it because when one computer doesn't know the MAC address of another, it needs the IP to ping the other machine to get it to respond and then it can see its MAC address?

This is actually a really good question, and seasoned pros sometimes struggle with things like this.

You could (if you wanted to) design a network stack that was completely layer-2, where all of the hosts and their applications connect to switches, and they all communicate by 'bouncing stuff backwards and forwards using only MAC addresses - in a small environment it would work perfectly satisfactorily; hosts and their applications could communicate and the system would work.

It would just be terrible, due to everything being on the same broadcast domain - the whole network would sink under it's own broadcast traffic, and programming applications to only work with layer-2 MAC addresses, with no DNS would be brutal, and that's before you have a data centre with 50k hosts in it, or try connecting to the internet :)

By breaking the network up using layer-3 networks into multiple broadcast domains, we can create hierarchies and allow for scale - we can use IP addressing schemes to summarise address space and use routing protocols such as BGP to control the advertisement of address space. This allows the system to grow in scale to a point where it will continue working properly, whether we have 10 hosts connected to a switch, or billions connected to the internet.

IP at layer-3 is fundamental to the function of all of that, without it - every possible source needs to know the explicit path to every destination, which just wouldn't work.
 
Last edited:
Dear Friends,

I have been watching Network Chucks stuff for the CCNA - he does go pretty quickly through some stuff. I think what has been tripping me up a bit is that when he talks about the final stages of someone sending a packet (call this PC1) to a switch then a router, and then onto another PC (or whatever - call that PC 2), on a different network (see link
- the explanation of what he is doing is on the screen, with all the addresses explained its at 13mins 48secs of the video), the router receives the the layer 2 MAC address from a PC 1 (the one sending the info), so the inbound message the router sees is from PC 1’s MAC address to the router’s MAC address, but the layer 3 info the router sees on the inbound message is the IP from the PC 1, but with the IP info for the PC 2. So they don’t always match - it doesn’t see MAC address from PC 1 and its own MAC address, and then the IP from PC and his IP - it needs the IP address from PC 1 to send to PC 2. Does that make sense? The layer 3 info it needs and receives is slightly different to the layer 2 info it receives.
Same with the outbound message from the router - the IP is PC 1’s IP, but the MAC address is from the ROUTER’S MAC address (not PC 1’s - like the IP was). If i think it through slowly it works, but it isn’t something obvious - am I understanding it correctly?
Thank you for reading.
Matthew
 
It's worth noting that IP does not have to run over Ethernet. It supports the idea that other physical network technologies might be in use.

The converse is also true - Ethernet can work with other high-layer protocols. IPX/SPX being a notable, now historical, example.

IP and Ethernet are complementary, but independent.

MAC addresses are related to Ethernet, the data link (and physical) layer. Ethernet is an inherently local technology. Originally with Ethernet, all frames would simply be broadcast on the wire so every device would receive everything. In modern Ethernet networks, switches do a lot of work isolating segments, so devices only see true broadcasts and frames actually intended for them; but that ancient concept of just broadcasting a frame still lurks behind it all. There's sill no mechanism in Ethernet for contacting devices that aren't within that same network and directly contactable through a broadcast. So Ethernet (and use of MAC addreses) can't simply scale beyond a local network.

On the other hand, remember, IP is the inter-net[work] protocol. So it allows communication between local networks. The respective local networks (and intermediate connections) could be completely different physical technologies. It's only once the IP routing logic on a host has determined that the destination host is on a directly connected network are the extra technology-specific steps needed to communicate to that host taken. In the case of Ethernet, that would be using ARP to determine the corresponding MAC address for the destination host, then the IP packet would be incorporated into an Ethernet frame to be broadcast on the local segment with that target MAC address. If something other than Ethernet was in use for the local network those steps could be different.

A principle behind the OSI 7-layer model is that each layer operates independently and you can switch technologies and protocols around. So higher levels don't really care what's happening lower down and whatever happens further up is irrelevant to the lower levels. You only need to worry about the interface between each layer. While the IP "family" doesn't map onto the 7-layers cleanly, there is a simiilar concept involved - you can switch things at each layer around.
 
If the traffic's going through a router, then the two PCs can't talk directly to each other - because they're on different IP subnets.

So the PC sends the traffic to the router with the following headers:
L2 info - PC mac & router mac
L3 info - PC IP & PC2 IP

The router receives the packet (based on the packet's destination mac address)

The router examines the L3 (IP) header to look for the destination IP

Looks in its routing tables to see what interface it needs to go out of to reach the destination IP (PC2)

Sends the packet to the destination PC:
L2 info - router MAC and pc2 Mac
L3 info - pc1 IP and PC2 IP

the L2 headers are used for the logical connectivity between devices at the data link layer of the OSI model
Layer 3 headers at the network layer (which is where IP addresses come in)

Does this help?
 
What Chuck is saying here is layer 3 contains the Source and Destination IP address, layer 2 contains the Source and Destination MAC address.

When the frame arrives at the router the In layer layer 3 contains the Source (PC1) and Destination (Website) IP Addresses while layer 2 contains PC1 MAC and router MAC

once at the router if the ARP table does not contain the MAC address for the Destination IP it will send an ARP broadcast out asking "who owns X IP" when the relevant server responds with its MAC address this is then inserted into the Out layer layer 2 frame with the Source and Destination MACs fully populated and ready for transmission to the required server (via various other routers and switches on the internet)



Don't forget IP is layer 3, MAC layer 2 and all transmission is handled at Layer 2, if a MAC is not known then the router will "ask everyone for directions"
 
Back
Top Bottom