Mac addresses and arp, Internet security and firewalls – NETGEAR ME103 User Manual

Page 92

Advertising
background image

Reference Manual for the ME103 802.11b ProSafe Wireless Access Point

C-10

Network, Routing, Firewall, and Cabling Basics

August 2003

MAC Addresses and ARP

An IP address alone cannot be used to deliver data from one LAN device to another. To send data
between LAN devices, you must convert the IP address of the destination device to its media
access control address (MAC address). Each device on an Ethernet network has a unique MAC
address, which is a 48-bit number assigned to each device by the manufacturer. The technique that
associates the IP address with a MAC address is known as address resolution. Internet Protocol
uses the ARP to resolve MAC addresses.

If a device sends data to another station on the network and the destination MAC address is not yet
recorded, ARP is used. An ARP request is broadcast onto the network. All stations on the network
receive and read the request. The destination IP address for the chosen station is included as part of
the message so that only the station with this IP address responds to the ARP request. All other
stations discard the request.

The station with the correct IP address responds with its own MAC address directly to the sending
device. The receiving station provides the transmitting station with the required destination MAC
address. The IP address data and MAC address data for each station are held in an ARP table. The
next time data is sent, the address can be obtained from the address information in the table.

For more information about address assignment, refer to the IETF documents RFC 1597, Address
Allocation for Private Internets,
and RFC 1466, Guidelines for Management of IP Address Space.

Internet Security and Firewalls

When your LAN connects to the Internet through a router, an opportunity is created for outsiders
to access or disrupt your network. A NAT router provides some protection because by the very
nature of the process, the network behind the router is shielded from access by outsiders on the
Internet. However, there are methods by which a determined hacker can possibly obtain
information about your network or at the least can disrupt your Internet access. A greater degree of
protection is provided by a firewall router.

Advertising