On 2007-10-21, sakradevanamindra@gmail.com <sakradevanamindra@gmail.com> wrote: > > But ISPs know MACs, well that's what I heard, not sure if its true. Depending on their and your network architecture, they may or may not know your MACs. > say I have a linux router, there are 3 pcs behind it and having > internet acess. ISP knows these 3 MACs, that's okay. If you are really doing routing or NAT, and doing it correctly, the ISP knows one MAC (at most), your linux router's external interface. If you're doing routing, then they know about all your IP addresses, but if you're doing routing then they gave you those IPs in the first place. It's more likely you're doing NAT, in which case they have no way of knowing for certain how many machines you have. --keith -- kkeller-usenet@wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt see X- headers for PGP signature information

Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> writes: >On 2007-10-21, sakradevanamindra@gmail.com <sakradevanamindra@gmail.com> wrote: >> >> But ISPs know MACs, well that's what I heard, not sure if its true. >Depending on their and your network architecture, they may or may not >know your MACs. MACs are only known on the subnet on which theirIP address is. Ie, it is only for computers DIRECTLY connected to each other via ethernet. >> say I have a linux router, there are 3 pcs behind it and having >> internet acess. ISP knows these 3 MACs, that's okay. No, the ISP does not know those 3 MACS. He only knows the MACS of your router. >If you are really doing routing or NAT, and doing it correctly, the ISP >knows one MAC (at most), your linux router's external interface. If >you're doing routing, then they know about all your IP addresses, but if >you're doing routing then they gave you those IPs in the first place. >It's more likely you're doing NAT, in which case they have no way of >knowing for certain how many machines you have. Agreed.

On 2007-10-21, Unruh <unruh-spam@physics.ubc.ca> wrote: > Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> writes: > >>Depending on their and your network architecture, they may or may not >>know your MACs. > > MACs are only known on the subnet on which theirIP address is. Ie, it is > only for computers DIRECTLY connected to each other via ethernet. That's right. So, hypothetically, one could imagine being on a cable network over a hub, where your MACs would be available not only to the ISP but to your entire network segment. (I think this scenario is unlikely, but technically it's not impossible. The much more realistic case is what's already been outlined.) --keith -- kkeller-usenet@wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt see X- headers for PGP signature information

On 2007-10-21, sakradevanamindra@gmail.com <sakradevanamindra@gmail.com> wrote: > But ISPs know MACs, well that's what I heard, not sure if its true. > > say I have a linux router, there are 3 pcs behind it and having > internet acess. ISP knows these 3 MACs, that's okay. But if I host a > hundred PCs behind the router, then the ISP may be unhappy because > they know there are 100 different MAC addresses sharing one public IP. The ISP only knows the MAC address of your router. Your router knows the MAC addresses of the machines behind it. -- John (john@os2.dhs.org)

"sakradevanamindra@gmail.com" <sakradevanamindra@gmail.com> writes: >> but I wonder how are you using same public IP for all the computers? >I was just hypothesizing >> They cannot share the same (public) IP when they are in LAN, probably >> you might be using some private ip-range for them but proxying the >> internet network through the router. Could you Confirm? >That's true, I just wanna know if ISP can apply any kind of >restriction on this matter, based on the number of MACs being used No. He could demand that your machine be bridged, not NAT and then if he say nat traffic suspect that you had other machines on your network. But I think he would have a really tought time doing anything about it, or proving it, unless hehad access to your router (not impossible).

John Thompson <john@vector.os2.dhs.org> wrote: > The ISP only knows the MAC address of your router. Your router knows > the MAC addresses of the machines behind it. However :) If the router has an SNMP agent on it, and not configured to keep things closely held (ie default community names or whatnot) the router could be queried for its ARP table and thereby "leak" MAC addresses to the outside world. I don't know if there are common home "rotuers" (those amalgams of router (?) firewall and NAT oh dear...) which are so configured, but it is at leats theoretically possible. rick jones -- Process shall set you free from the need for rational thought. these opinions are mine, all mine; HP might not want them anyway... :) feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

On 2007-10-22, sakradevanamindra@gmail.com <sakradevanamindra@gmail.com> wrote: > On Oct 22, 1:49 pm, Rick Jones <rick.jon...@hp.com> wrote: >> >> However :) If the router has an SNMP agent on it, and not configured >> to keep things closely held (ie default community names or whatnot) >> the router could be queried for its ARP table and thereby "leak" MAC >> addresses to the outside world. >> >> I don't know if there are common home "rotuers" (those amalgams of >> router (?) firewall and NAT oh dear...) which are so configured, but >> it is at leats theoretically possible. The handful of home routers I've seen either don't have any SNMP support, or have it disabled by default. > Thanks... So there's more than 1 method to crack the NAT, at least > theoretically... Technically, it's not cracking NAT, it's cracking the router and fooling it into telling you which MACs are on it. (I know, this is really splitting hairs.) --keith -- kkeller-usenet@wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt see X- headers for PGP signature information

On 2007-10-22, sakradevanamindra@gmail.com <sakradevanamindra@gmail.com> wrote: > >> There are a few statistical methods to determine the number of >> machines behind a NAT, by analysing the package headers, >> specifically those parts that tell the NAT to which machine in >> the private network send the packages it gets in return over the >> connection. [snip] > Bang on! This is the point I want to know. If that was what you wanted to know, it would have been nice of you to ask that in the first place. You asked "do MACs leak out to the internet?" which is not really a helpful start to your question. Even if you'd asked, "Is there any way for my ISP to tell how many nodes I have behind my router?" it'd have been a much more direct way of getting to the information you really wanted. I hope this can teach you and others the importance of asking good questions (or at the very least providing more background on your question, so that it's more likely your actual issue will be addressed, instead of veering off into nowhere-land where all sorts of issues get discussed except the one you really wanted answered). --keith -- kkeller-usenet@wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt see X- headers for PGP signature information

On Mon, 22 Oct 2007, in the Usenet newsgroup comp.os.linux.networking, in article <471c048b$0$29252$ba620e4c@news.skynet.be>, goarilla wrote: >Unruh wrote: >> What is "cable"? IF you are one segment, one subnet of an ethernet, >> all connected together on that ethernet with the same network AND >> netmask, then all can see all. However, that is almost never the case >> of an isp. The isp is insulated from your system by a modem and that >> modem isolates your network. >huh all can see all ? what if you're on a switch ? Well, we can "think" this problem out, or you could simple turn on a packet sniffer and see what's on the wire. It may take some time, but you will likely see a lot more MAC addresses than you thought. The cable modem (or similar device) may be acting like a switch in blocking monocast packets that are not for "your" IP address, but they often pass _broadcast_ packets (such as DHCP stuff). >cable is like cable tv >one line in the ground were people with subscriptions and modems get >attached to >i think it's arranged in a bus like fashion but i'm not sure since i >have no real clue how it works. As a simple explanation, you are correct. >disadvantage of cable is 1 global LIMIT per cable in which every >customer is limited by. >this means if a lot of people are downloading the max download speed >available to you can be only a fraction of the line's limit. Yes, there are very few infinite width pipes in the world. >I'm asking this simply because although i have a decent understanding >of my own LAN network i would like to know more about bigger networks >like the ones ISP's administer. Not knowing exactly what your LAN looks like, none the less it's _probably_ something similar. But tell us - do you monitor every packet on your LAN? Do you expect your ISP to do so? Why? Noted else-thread, the ISP is worried about the total number of packets on a segment. They planned the system based on so many customers on each segment, up/down-loading so many packets. That is a cost decision. Now someone _could_ draw attention to themselves by hogging the bandwidth (up to the limit that their router/modem allows), and perhaps the ISP administrator would look at the traffic. They _might_ notice multiple usernames from a single connection (as one crude example - there are others), so even if you are masquerading everything through a single NIC, they might get an indication of something funny. Old guy