I have an existing Fibre Channel SAN and existing Ethernet Network. The SAN consists of FC Disk Storage an FC switch and a couple Hosts connected to the Switch via the FC cards in them. The Ethernet net work is all connected via a Gigabit switch.
I would like to Utilize a FCoE compatible card in another host however i do no know how to connect this card to gain access to my IP Ethernet infrastructure and also the FC SAN infrastructure.
Do i need a FCoE to FC gateway?
Yes. You need an FCoE-capable switch. You may also need to upgrade your Ethernet switches. What brand and model is your existing FC switch? Also, FCoE does not run over IP, it runs over Ethernet only and is not routable.
Related
I know that MAC address is used for local routing and error free data transfer, but is it used regardless the transmission medium infrastructure? I know it is used for Ethernet, but is it used for fiber, copper...etc?
Also, do we use MAC address when routing traffic between two adjacent routers? If we do, does that mean we have MAC address over serial connections?
Thanks
MAC addresses are used in most IEEE 802 network technologies, like Ethernet (802.3) and Wifi (802.11), but not all technologies use them. For instance, Fibre Channel use a different and more modern address type, called World Wide Name. It's longer and can be 64-bits or 128-bits.
So, to answer your questions, a router can use MAC addresses if it forwards packets over Ethernet interfaces, regardless of the physical medium. But it could also use other technologies or even label-switching protocols like MPLS. A serial link does not have medium access control and therefore has no MAC layer.
is it used regardless the transmission medium infrastructure? I know it is used for Ethernet, but is it used for fiber, copper...etc?
You mix OSI layer 1 (transmission medium) and layer 2 (Ethernet). If we use Ethernet as our data link layer, Ethernet MAC addresses will be there regardless of transmission medium. More on that on Wikipedia:
https://en.wikipedia.org/wiki/OSI_model
do we use MAC address when routing traffic between two adjacent routers?
Yes, if the router are connected using Ethernet. Even if we use a back-to-back cable to connect two routers.
does that mean we have MAC address over serial connections?
For the most of serial connections we do not use Ethernet, but use other layer 2 protocols, like ppp, Frame-Relay or HDLC. Note, that all of those protocols use their own addressing, but it is just one or two bytes, not 6 as in the Ethernet MACs. More on those protocols on Wikipedia:
https://en.wikipedia.org/wiki/Point-to-Point_Protocol
https://en.wikipedia.org/wiki/High-Level_Data_Link_Control
https://en.wikipedia.org/wiki/Frame_Relay
How do we retrieve the Local Ip address set of the NIC in NDIS 6. I will be doing some IP header modifications on the received Ethernet Frames, so will be looking for local ip of NIC card that my Filter Attached to.
It's generally a layering violation for an NDIS LWF driver (which operates at layer 2 of the OSI stack) to get involved with IP addresses (which are at layer 3 of the OSI stack).
If you have a very good reason do to this, you can query GetUnicastIpAddressTable. Keep in mind that a NIC may not have any IP address (e.g., it's used for non-IP protocols). Or it may carry IP traffic, but the OS doesn't know about any IP address (e.g., a guest VM is sending IP traffic through the host's NIC, but only the guest really knows the IP address).
In other words, NICs don't really have IP addresses. At best, you can say that the NIC may be associated with an IP interface which has some number of IP addresses.
I'm working on a machine that has multiple local network interfaces. Each interface is on a distinct network: for example, en0 might be 10.0.0.x, en1 192.168.1.x, etc.
I'd like to programatically answer the question: "Which interface is likely to be able to get to the given local IP address?"
For instance, if I wanted to talk to 10.0.0.75, that would be en0, 192.168.1.4 would be en1. I'm sure there's a smarter way to do this than manually comparing IP address fragments.
Bonus points if this works on iOS as well as Mac OS X - iOS does support multiple local interfaces, even if it's rare.
The approach I'd consider is to enumerate all the configured interfaces and get their IP-address and netmask. You can then calculate the Hostmin and Hostmax for that subnet, if your candidate falls within the Hostmax-Hostmin IP-range this host should be reachable directly on the local subnet of that interface.
You can find an online tool for these types of calculations at http://jodies.de/ipcalc. It's fairly straightforward bit-operations to do these calculations programatically.
There are IP-address functions you can use in arpa/inet.h, inet_addr for instance will give you a 32-bit value from a dotted-decimals formatted IP-address.
I would like to do a scan in a LAN network to find devices linked.
I'm developping an app in IOS for IPAD
How do I do???
Because those are mobile devices I will assume you want to find devices on a wireless network. Theoretically, since wifi uses shared medium for communication, you can passively listen for traffic flowing through the network and collect data about client without sending any packets. This is something that is commonly referred to as a promiscuous mode. In practice there is 99% chance that the network adapter driver will allow you only to get traffic destined for your MAC address. In that case you will need to resort to actively scanning the network subnet which is not 100% accurate and depending on how the network is implemented can be considered as a possible attack.
The simple way of scanning is sending ICMP requests (ping) to every IP address in the subnet and collecting data from those who send back the echo reply. This is not reliable because some hosts won't respond to ICMP echo request even if they are active. First thing you need is to find out your own IP address and the subnet mask, and calculate the range of possible addresses in your subnet. The range is obtained by using logical AND operator where operands are binary values of your IP address and subnet mask. This is an example from the program that calculates this for typical 192.168.1.1 subnet with 255.255.255.0 subnet mask (192.168.1.1/24 in CIDR notation):
Address: 192.168.1.1 11000000.10101000.00000001 .00000001
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111 .00000000
Wildcard: 0.0.0.255 00000000.00000000.00000000 .11111111
Network: 192.168.1.0/24 11000000.10101000.00000001 .00000000
Broadcast: 192.168.1.255 11000000.10101000.00000001 .11111111
HostMin: 192.168.1.1 11000000.10101000.00000001 .00000001
HostMax: 192.168.1.254 11000000.10101000.00000001 .11111110
Then you would iterate through the range and ping every address. Another thing you can consider is listening for broadcast traffic such as ARP and collecting some of the information that way. I don't know what are you trying to make but you can't get many useful information this way, except for vendor of a host's network adapter.
Check my LAN Scan on Github. It does exactly what you want.
I recently used MMLANScan that was pretty good. It discovers IP, Hostname and MAC Address.
Bonjour have been around since 2002, have a look at it!
I mean, just look at their current tagline:
Bonjour, also known as zero-configuration networking, enables automatic discovery of devices and services on a local network using industry standard IP protocols. Bonjour makes it easy to discover, publish, and resolve network services with a sophisticated, yet easy-to-use, programming interface that is accessible from Cocoa, Ruby, Python, and other languages.
I live in a place with an oppressive network policy where everything is aggressively monitored. Among the many rules is a prohibition on using any device that generates Network Address Translation traffic (i.e. Wireless routers, vms...). They monitor network logs and disconnect anyone who uses such. Is there any way I can mask traffic (i.e the nat transltion generated by routers or virtual network devices) via encryption or the like so that it is indistinguishable from normal network traffic that would be generated by a single device using a single ip address to a monitor that is sniffing packets on the network?
(I already use a VPN to encrypt any sensitive traffic, but the NAT is applied post VPN encryption. )
I am not really sure why you need to dodge security, but one way to achieve this in your case is to use a trojan horse-like mecanism. Instead of having any peer or devices on your LAN trying to connect to the WAN, install some kind of application on a valid node behind the LAN to propagate traffic in an out of the LAN for other nodes. If necessary, have this node connect to another fix node on the WAN. Since it will use a valid connection, it won't be filtered.
Each device on your LAN should connect to the trojan node instead of trying to connect outside. The bandwidth will be slower, but this should work. That being said, this is most probably breaking the intentions of those who have implemented the security policy on your LAN. If they catch you, you're good for the electric chair...