LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-31-2006, 09:31 AM   #1
basilio
LQ Newbie
 
Registered: Aug 2006
Location: Italy
Distribution: Ubuntu
Posts: 6

Rep: Reputation: 0
Mapping IP addresses to MAC addresses


Hi! I need to connect three devices via ethernet, through a Nilox Switch8Premium, to the same computer. The problem is that these devices have the same IPs, i.e. 192.168.0.181, and when I address to or get data from one of them, I can't tell which device I'm actually talking to. The devices are three items of the same product, and their IP cannot be changed, as it has been written in the firmware and they canot be re-programmed. Besides, I know the (three different) MAC addresses of the three devices. Is there any way to assign an arbitrary IP address to each mac address, so that my PC sees the IPs I chose? I need it to be transparent to my pc, so that if I ping one of the new IPs, I get packets from it, exactly as if they were three different IPs. Thanks for your help!
Basilio
 
Old 08-31-2006, 12:42 PM   #2
uselpa
Senior Member
 
Registered: Oct 2004
Location: Luxemburg
Distribution: Slackware, OS X
Posts: 1,507

Rep: Reputation: 46
Try setting the arp table before contacting one of the three devices:
Code:
arp -s 192.168.0.181 00:00:00:00:00:00:00
replacing the "00:00:00:00:00:00:00" with the mac address of the device you want to talk to.
But no, you cannot assign an arbitrary IP address from outside the device and I'm certain that you will run into trouble by using the above method if you actually communicate with more than one machine.
 
Old 08-31-2006, 12:45 PM   #3
ramram29
Member
 
Registered: Jul 2003
Location: Miami, Florida, USA
Distribution: Debian
Posts: 848
Blog Entries: 1

Rep: Reputation: 47
If you have all 3 devices connected to the same switch then they may cancel each other out.

One thing you can do is change your arp table by adding and deleting MAC addresses mapped to IP addresses; maybe through a script. There is a way to modify the arp table manually and set it as you go.

The other thing you can do is use a swith with VLAN capabilities that will allowyou to use the same network virtually; and a NAT router with several network ports. I don't see how this could be possible, though.
 
Old 08-31-2006, 12:53 PM   #4
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
Multiple devices with the same IP on one network is not going to work.
The simplest solution that I can perceive is to put a three-ported router between the PC and the three devices. One device can be on the same network as the PC, and the others would be NATted behind the router. This could be done with a relic PC running linux + iptables and cheap ethernet cards.
I would be interested to hear potential solutions from others.

--- rod
 
Old 08-31-2006, 01:27 PM   #5
KenJackson
Member
 
Registered: Jul 2006
Location: Maryland, USA
Distribution: Fedora, Arch
Posts: 572

Rep: Reputation: 64
Wow! While I was preparing this, a bunch of other answers slipped in infront of me. I was trying to come up with an iptables solution. This is incomplete, but I'll post it anyway.

I'm pretty sure you can map the incoming MAC addresses to unique IP addresses with an iptables rule. Maybe something like this:
Code:
iptables -t nat -A PREROUTING -s 192.168.0.181 \
    -m mac --mac-source XX:XX:XX:XX:XX:XX      \
    -j DNAT --to-destination 192.168.0.XX
iptables -t nat -A POSTROUTING -s 192.168.0.XX \
    -j SNAT --to-source 192.168.0.XX
Hmmm. This isn't right, but it's a start. You may need to use the mangle table.

You may need to give your PC's ethernet port three different IP addesses.
(Edited for typos.)

Last edited by KenJackson; 08-31-2006 at 01:29 PM.
 
Old 08-31-2006, 02:04 PM   #6
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
Some more fodder...

How does any mapping of IP's to MAC's get around what happens when an ARP request is broadcast? Multiple responses with different MAC's is sure to violate all the rules and purposes of ARP. Only if you can keep the broadcasts from happening, by somehow refreshing the internal ARP table can any single-net scheme work, IMHO. The original poster did not state that the 'PC' was a Unixish host, and I don't know how or if you can even touch the ARP tables on a Windows PC. My bet is that any box that can't be IP configured must be a dedicated Windows toy.

--- rod.
 
Old 08-31-2006, 02:25 PM   #7
ramram29
Member
 
Registered: Jul 2003
Location: Miami, Florida, USA
Distribution: Debian
Posts: 848
Blog Entries: 1

Rep: Reputation: 47
Manually modifying the arp table is called 'arp cache poisoning' and with it you can do 'man in the middle attacks' where you can fake an ethernet addresses to send packets to another with a totally different IP address. For this to work you have to understand the data link layer of the OSI which is the underlying layer of TCP/IP. It's best done using BSD. Some kernels do not allow it such as Solaris. It's far too complicated and not worth the time, hacking network communications, unless you are a super-nerd.
 
Old 08-31-2006, 03:16 PM   #8
KenJackson
Member
 
Registered: Jul 2006
Location: Maryland, USA
Distribution: Fedora, Arch
Posts: 572

Rep: Reputation: 64
Quote:
Originally Posted by theNbomr
How does any mapping of IP's to MAC's get around what happens when an ARP request is broadcast?
A good question. I was figuring that iptables could be used to explicitely set the outgoing MAC address and outgoing interface. The interface can be set like so: "-j ROUTE -oif eth0". But I don't see how to set the outgoing MAC address.

Quote:
Originally Posted by theNbomr
The original poster did not state that the 'PC' was a Unixish host, and I don't know how or if you can even touch the ARP tables on a Windows PC. My bet is that any box that can't be IP configured must be a dedicated Windows toy.
Note that we are in the Linux - Networking forum, so I'm guessing it is a GNU/Linux PC.
And those Nilox devices are Italian ethernet switches.

Edit: BTW, Windows comes with an arp command.

Last edited by KenJackson; 08-31-2006 at 03:19 PM.
 
Old 09-01-2006, 06:07 AM   #9
basilio
LQ Newbie
 
Registered: Aug 2006
Location: Italy
Distribution: Ubuntu
Posts: 6

Original Poster
Rep: Reputation: 0
Of course, I need to do that on a Linux pc. I'm currently running Ubuntu Dapper.
I'm also thinking of solutions such as mounting three different ethernet cards, but still the issue is: they all have the same "built in" ip: 192.168.0.181. How can I read from each of the three devices simultaneously? The general idea/question would be: how can I easily (and low cost) map a device mac address to an arbitrary IP? Once I get an answer to this question, my problem is solved!
Thanks to everybody!
basilio
 
Old 09-01-2006, 06:31 AM   #10
uselpa
Senior Member
 
Registered: Oct 2004
Location: Luxemburg
Distribution: Slackware, OS X
Posts: 1,507

Rep: Reputation: 46
as I said, arp -s
 
Old 09-01-2006, 08:33 AM   #11
basilio
LQ Newbie
 
Registered: Aug 2006
Location: Italy
Distribution: Ubuntu
Posts: 6

Original Poster
Rep: Reputation: 0
Thanks, but it doesn't work...
If I remove any previous arp entry for 192.168.0.181 and, e.g., I do:

arp -s 192.168.0.190 00:90:c2:c8:b4:8a

I either can't ping the new (fake) address or cannot read data from it.

But now I put another question:
what if using a (cheap) router (as suggested by rod) ?

---
bas
 
Old 09-01-2006, 10:10 AM   #12
basilio
LQ Newbie
 
Registered: Aug 2006
Location: Italy
Distribution: Ubuntu
Posts: 6

Original Poster
Rep: Reputation: 0
I'm seriously thinking about using a router and NATting the IPs.
Is it possible to change the packets' source IP according to a desired router
ethernet port? In other words, is it possible to specify a NAT rule for packets incoming from (and outgoing to) a specific router port?

---
bas
 
Old 09-01-2006, 10:48 AM   #13
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
Quote:
Originally Posted by basilio
Thanks, but it doesn't work...
If I remove any previous arp entry for 192.168.0.181 and, e.g., I do:

arp -s 192.168.0.190 00:90:c2:c8:b4:8a

I either can't ping the new (fake) address or cannot read data from it.

But now I put another question:
what if using a (cheap) router (as suggested by rod) ?

---
bas
I don't think this is the method that was suggested. What you are doing above, is creating a fictitious IP in the ARP table. When a packet arrives at the doorstep of ethernet hardware containing that MAC, it will be discarded, because the IP header will identify it as destined for some other IP.
I think the method that was suggested involves setting the ARP table entry for the device immediately before sending to it, so that there does not have to be an ARP broadcast used to determine the MAC address. There are probably reasons why even this wouldn't work. At best it would be extremely clumsy. If there is more than one machine trying to access these mysterious boxes, then the degree of clumsiness increases exponentially.

Just before you proced any further, there is another potential obstacle. If you use a router with NAT like this:
Code:
                              [ Nilox Switch ]
         [ PC ]---------------[ Port 1 ]
                    +---------[ Port 2 ]               [ Router ]
                    |         [ Port 3 ]---------------[ eth0 ]
                    |         [ Port 4 ]               [ eth1 ]--------[ Mystery Box 2 ]
                    |                                  [ eth2 ]--------[ Mystery Box 3 ]
             [Mystery Box 1]
you would address 'Mystery Box 2 & 3' using different IP's. Is your software on the PC modifiable, to use IP's that are not the default addresses hardwired into the Mystery Boxes? Unless the answer is yes, I don't see any solution better than the ARP cache poisoning scheme.

--- rod.
 
Old 09-02-2006, 05:14 AM   #14
basilio
LQ Newbie
 
Registered: Aug 2006
Location: Italy
Distribution: Ubuntu
Posts: 6

Original Poster
Rep: Reputation: 0
Thanks Rod!
The code on my pc is fully modifiable, as is written by myself. The only thing that is fixed is just the devices'ip (on the devices' side).
Besides, there's only one machine (my pc, with one ethernet interface) trying to access the "Mistery Box" devices. But, in practice, how can use ARP to get the work done? All I have to do is:
- sending data to the devices
- reading data from the devices
How can I do both by simply using arp (and a three ports switch or hub)?

---
bas
 
Old 09-02-2006, 10:53 AM   #15
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
I will explain by giving a brief tutorial of what ARP does (please feel free to bring up corrections or point out errors).
Devices on an ethernet communicate by sending packets of data to either the entire ethernet segment or set of bridged segments (a broadcast), or else to the single specific node that is intended to receive the packet. Each node is identified by a unique MAC address, which is the only way of uniquely identifying an ethernet node on a netork. The TCP/IP protocol, howver, uses it's own addressing scheme, and knows only how to send packets or streams to addresses within it's addressing domain. ARP is the protocol that is used to translate between IP and ethernet addressing (may be used for other link-layer and physical layer protocols, too). When the IP stack wishes to send a packet to a specific other IP node, it must be able to encapsulate that packet in the correctly formatted ethernet packet header, which contains the MAC of the target node. In order to know that MAC, it uses ARP. If the MAC is unknown to the sending node, it braodcasts a request for it (broadcast at the ethernet level). The broadcast says, "Who knows the MAC for XXX.XXX.XXX.XXX?". Any node that already knows the answer may reply, including the target node, itself. Having learned the answer, the sender typically caches the MAC-IP mapping locally, so it doesn't have to ask later (does anyone know whether other nodes also cache the reply, or is it sent uni-cast?). This is the ARP cache that you can dump with 'arp -a'.
How does this relate to your problem? Well, clearly, there is more than one correct answer to the ARP request packet, and that is outside the universe of acceptable conditions. In order to avoid the situation of getting multiple different replies to an ARP Request packet, the strategy is to 'poison' the arp cache with a mapping that we already know we want to use (in this case, it might be more appropriate to descibe it as 'sweetening' the cache, but I digress). This prevents the request from being broacast. In your situation, you would have to 'sweeten' the cache with the desired MAC immediately before sending messages to the Mystery Boxes. This would have to be done manually, using arp. You would have to sweeten the cache every time you wanted to use a different Mystery Box, or whenever the MAC was dropped from the cache due to expiry timeout. If the software that is used to communicate with the Mystery Boxes is open source, it could probably be modified to do this cache sweetening automatically.



Hope this helps.

--- rod.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
can MAC addresses be tracked? m00 Linux - Security 7 11-16-2004 09:50 PM
can duplicate MAC addresses exist ? mehargags Slackware 3 03-22-2004 01:46 PM
Viewing MAC addresses ivanatora Linux - Networking 1 09-26-2003 12:47 PM
Mac Addresses nixdisciple Linux - Security 6 07-01-2002 10:55 PM
Finding mac addresses Chijtska Linux - Security 5 02-27-2002 04:34 AM


All times are GMT -5. The time now is 04:37 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration