What's the point of having MAC address at all, if we are still communicating via private IP address, even if we are on the same LAN?

Question

I am new to computer networking. I understand the benefit of layering in network protocols and the "separation between link layer and IP layer". When back in the 90s there were multiple competing link layer protocols, it might have made sense for this separation.

However, my understanding is that nowadays Ethernet is the de-facto link layer protocol, but on the same Ethernet, we are still communicating via private IP address! Moreover, that private IP address has to be translated to a MAC address via ARP protocol. The link and internet layer are not "separated" at all, the only thing MAC address bought to the process is the ARP overhead.

Then I want to ask: why the hassle? why cannot we just use IP address to deliver packets to another machine on the same Ethernet?

The only good reason I can think of is cost. If we route everything via private IP address only, then everything needs to be connected directly to a router, which is typically more expensive than a link layer switch.

Also, there may be less common non-IP L3 protocols still in use, where Ethernet is running underneath. However, I don't know if it makes sense for the majority of the use cases to cater to these minor cases, by paying the seemingly unnecessary overhead of ARP.

Last, I hear the argument that "MAC address is globally unique", but I don't think it has much to do with routing... Private IP addresses can also be unique, the fact it changes when being moved around doesn't really matter for the success of routing.

Are there any other good reasons for the MAC address to be used for routing?

Answer 1

You could indeed do this if you were designing the entire stack from ground up. (For example, that's more or less how ATM 'switches' worked – ATM was one of the competing network technologies, and had much tighter integration between L2 and L3.)

But these days it's big change really not worth making, perhaps because the protocols you mention are "de facto standard" – the deployment base of existing Ethernet LANs is so massive that making such changes would be impossible, considering the minimal gains in performance.

When back in the 90s there were multiple competing link layer protocols, it might have made sense for this separation.

No, MAC addresses are more related to there being multiple competing network layer protocols¹ – they allow Ethernet switches to do their job work independently of the upper-layer protocol being IPv4 vs IPv6 vs EtherTalk vs DECnet vs NetWare IPX.

(I think it's important to note here that IP was not the first protocol to use Ethernet – originally Ethernet was built for Xerox's XNS and Pup protocols, until being adopted by various other LAN systems years later (some of which were considerably more popular than IP at the time). So in the end, having separate L2 addressing is what allowed IP to be put on Ethernet in the first place.)

One of the biggest enhancements that Ethernet has received is moving from a shared bus (where everyone received everything all filtering was done by hosts) to a switched network (where Ethernet switches direct every frame only to the correct output port). But for this to work, switches have to actually understand the outermost layer of addressing – they work by building a kind of "L2 routing" table by looking at the forwarded L2 headers. Typically this is done in hardware, with learning and forwarding being baked directly into the ASICs.

So if you were to directly send IPv4 packets without an Ethernet header, you couldn't actually use any of the existing Ethernet switches – they would misinterpret the IP header (as they're still hard-coded to look for a 6-byte address in a specific position, while IP uses 4-byte addresses and the positions are different), so neither learning nor 'dumb' forwarding would work well in that situation. In other words, to perform this upgrade you'd need to rip out and replace your entire network at once, something that Ethernet has quite successfully avoided for decades.

But if you replaced all of them with "IPv4 switches" (which could indeed be auto-learning IPv4 routers, like the aforementioned ATM), you would have had to replace them again in order to start using IPv6 (just like many network operators had to upgrade their old IPv4-only routers to dual-stack ones). So the way that the Ethernet MAC layer abstracts away different network-layer protocols still turns out to be very useful today – even as hard as the IPv6 transition is now, it would still have been some 100 times more expensive if every switch, not just every router, had to be swapped.

Finally, there is slightly more than just IP that's running over Ethernet-based LANs – larger networks are likely to have several kinds of "management" protocols that aren't IP-based at all, instead having their dedicated L2 packet types. One of the most important examples would be RSTP (Spanning Tree Protocol), which is used by Ethernet switches to avoid loops in large networks; it would need to be rebuilt to be IP-based, as would LACP, LLDP, 802.1X, and so forth. (Not to mention IS-IS, which runs over ISO CLNP – a remnant of the "true" OSI protocol stack – and is one of the most common dynamic routing protocols seen in enterprise networks.)

¹ (And similarly, it's the network layer protocol – IP, etc – that abstracts away the different link layer protocols. Of which there are still many – for example, "Cable internet" with DOCSIS is not Ethernet-compatible, neither is the protocol suite used by 3G/4G/LTE connections.

---

Also, there may be less common non-IP L3 protocols still in use, where Ethernet is running underneath. However, I don't know if it makes sense for the majority of the use cases to cater to these minor cases,

Those are not minor cases at all – they're very common outside home environments. (Actually, even my home LTE gateway runs STP by default...) But yes, it still makes sense because it allows the same equipment, without any changes, to work in all environments – you can use the same switches, the same printers, you don't need to reconfigure PCs² when moving from "large enterprise" networks to "home" networks, etc.

But ARP has almost no overhead – it's just one request/reply and then it gets out of the way. I'm assuming you mean the overhead of the actual MAC headers? That's 8 bytes out of 1508, which is still just 0.5% overhead. It's much smaller than the overhead of the IP header, for example (which is 20 bytes for IPv4, twice that for IPv6).

So you gain very little by removing the MAC layer overhead, but you lose more than the change is worth.

An easier way to reduce the relative overhead of both IP and Ethernet headers is to just use bigger frames, such as ~4096 or even ~9000 byte payload (known as "jumbo frames") instead of the usual 1500 bytes, so that you get a higher payload:overhead ratio. Large frames are nowadays widely supported by Ethernet hardware, but they still requires reconfiguration of every single host within the subnet, though, so it's only seen in places like storage networks.

² (That's actually something that was needed for NetWare's IPX, which had four different L2 encapsulation options. In addition to the modern "Ethernet II" format, it could use the older "802.3 Ethernet" header type, and that had 3 different variants as well – basic LLC, LLC+SNAP, and "raw" IPX.)

Answer 2

Are there any other good reasons for the MAC address to be used for routing?

No, there isn't any good reason for the MAC address to be used for routing, because it is not used for routing!

You do not understand the routing concept just yet. Routing takes place on OSI layer 3 through IP addresses. MAC addresses operate on OSI layer 2. Note that OSI layer 1 and 2 are combined within the first layer of the Internet protocol suite. Strictly speaking, an IP address wouldn't be necessary as long as the devices are on the same LAN. That means that using IP between devices on the same LAN is "the overhead" because it adds a network layer that wouldn't be necessary (because routing within a LAN is not necessary, only between different LANs).

So your question should actually be "Why do we need IP addresses when the communication takes place on the same LAN?" And the answer to that, in layman's terms, we want to have an "address" to reach a computer "regardless" of its location.

I would suggest that you try to think the "other way around". Start with a small network and build up from there (just two devices connected to each other via a switch. Or just two devices connected directly which theoretically wouldn't even require MAC addresses). Then you will understand why, how, and when routers and routing come into the picture.

PS. Note that Ethernet includes standards from OSI layer 1 as well as layer 2, so it doesn't fit completely into a single OSI layer but it does fit "completely" into the first layer of the internet protocol suite.

Answer 3

Both MAC Address and IP Address are used to uniquely define a device on the network. NIC card’s manufacturer provides the MAC Address, and the DHCP server provides (usually) the IP Address.

These two operate on different layers of the protocol : MAC Address operates on the data link layer, while IP Address operates on the network layer.

In other words, you may liken the MAC address to your street address, while the IP address is the name on your mail box. In order for the mail to be delivered, the street address need to be consulted, to find out where to look for your mail box.

In order for the IP address to be found, the Address Resolution Protocol (ARP) works like a phone-book, searching your name/IP in order to find out your address/MAC, which is the physical path that the message needs to take. Once the path is known, the message can be delivered.

None of the two protocols is superfluous - both are required for messages to be delivered.

Answer 4

An Ethernet frame has a fixed format. Then when received, the included addresses are analysed as Ethernet addresses.

Sendind IP frames without Ethernet addresses would need to change the whole L2 Ethernet protocol then : using either a new field “address type” (this would complexify the protocol), or use systematically a local IP address instead of Ethernet addresses (this would not be compatible with legacy network interfaces). This would change a lot of things (including in the hardware since L2 address filtering is done by the network interface) without helping more since the ARP address resolution is done once and cached for further exchanges. You would also hurt since their are no address initialization like MAC addresses (Vendor ID+serial number).

Answer 5

Been a while since I looked into this...

What's the point of having MAC address at all, if we are still communicating via private IP address, even if we are on the same LAN?

Well, that's a big if. Very hypothetical, at least from a historical perspective. IP is one of various possible network protocols at layer 3 of the OSI ISO reference model. Seems very universal now but it wasn't always. There used to be a thing called IPX that some apparently used up to the Win XP era. https://en.wikipedia.org/wiki/IPX/SPX Though I never saw IPX, and I got online around the Win98 days.

We have ethernet network switches, they use MAC addresses (Level 2 on OSI ISO).

But let's say looking now, and supposing there is only IP. Maybe switches are faster. IP addresses are hierarchical and require routing.

If you have a very large number of nodes / network interfaces, then sure routing is better. But for a smaller number, a non-hierarchical algorithm might be faster or if not faster then simpler. Or cheaper to build or something like that.

And looking to the future, Suppose you go from IPv6 to some later version of IP. A network switch will still work because it doesn't work with IPs.

However, my understanding is that nowadays Ethernet is the de-facto link layer protocol, but on the same Ethernet, we are still communicating via private IP address!

I think when we speak of Ethernet, we are speaking purely of layers below layer 3, so, no IP addresses. You can say that a network that uses Ethernet, usually also uses IP.

Also, you say Ethernet is a link layer protocol.. Well, i'm more familiar with the terminology of the OSI ISO reference model... which would say Ethernet is a data link layer protocol.

The TCP/IP architecture was chosen over the OSI ISO architecture, maybe 'cos the TCP/IP architecture got there first. But we tend to use the OSI ISO reference model to refer to the TCP/IP Architecture.

Moreover, that private IP address has to be translated to a MAC address via ARP protocol. The link and internet layer are not "separated" at all, the only thing MAC address bought to the process is the ARP overhead.

Well, so looking at the TCP/IP reference model.. you have the Internet Layer, and from what I understand, below that, you have the Network Access Layer which is also known as the the Link Layer.

ARP could I suppose be seen as both Link Layer and Internet layer. Or some might say between them.

If we take the term "packet" not as an Internet layer term, but if we use the telecomunications meaning of the term and refer to refer to the whole thing.

Then you see you have a record and fields.

The data link layer fields , and then the network layer fields, and then the transport layer fields..

And protocols at "layers".

So layer 2 encapsulating layer 3, which encapsulates layer 4.

With ARP, if we can speak fo ARP encapsulating any protocols, it encapsulates, layers 2 and 3. (which isn't the normal rule with encapsulation of layer 2 encapsulating layer 3 encapsulating layer 4 etc).

I don't find the concept of layers that useful, I think a record and fields is more clear and what we are looking at.

I just did a search for wireshark(a packet sniffer), and ARP, to check and show what ARP looks like, in terms of what protocols are in what protocols.. what the whole record looks like

The "layers" concept shouldnt' doesn't need to be thrown out the window, it just doesn't apply that much with ARP. And I think thinking in terms of a record and fields is simpler anyhow and covers ARP too.

Then I want to ask: why the hassle? why cannot we just use IP address to deliver packets to another machine on the same Ethernet?

The only good reason I can think of is cost. If we route everything via private IP address only, then everything needs to be connected directly to a router, which is typically more expensive than a link layer switch.

Also, there may be less common non-IP L3 protocols still in use, where Ethernet is running underneath. However, I don't know if it makes sense for the majority of the use cases to cater to these minor cases, by paying the seemingly unnecessary overhead of ARP.

Last, I hear the argument that "MAC address is globally unique", but I don't think it has much to do with routing... Private IP addresses can also be unique, the fact it changes when being moved around doesn't really matter for the success of routing.

Are there any other good reasons for the MAC address to be used for routing?

MAC addresses are pretty good.. so good infact that when have you ever had to fiddle around in regard to MAC addresses?

Also, the reason I mentioned re new versions of IP appearing. Whereas switches with their simple protocol, still apply.

There's perhaps no technical reason why we have to have MAC or layer 2 addresses.

Routers do actually work with MAC addresses too I think.. 'cos if they receive a packet (usually 'cos it needs to be routed elsewhere), they see it should be routed somewhere, and they write in the correct MAC address.

In theory maybe routing protocols could be rewritten to not bother, and network switches could be gotten rid of.

By the way let's say people did switch to just routers. And routers were rewritten to not bother with data link layer / link layer addresses. Bear in mind also that most routers nowadays are considered to be a bit of a joke and barely routers e.g. they are really a router with 2 "arms", and a network switch built in. Their routing is pretty minimal. And apparently when people want to do something more like routing, they don't tend to get a router, they get a device that can do "VLANS". I haven't looked into VLANs for a while, but VLANs are considered to be layer 2. If I had Wendell Odom's "Networking first step" book near me i'd say something more re VLANs! Cisco would still do "proper routers" no doubt i.e. routers that aren't just two "arms" and a network switch built in.

It wouldn't surprise me if IP addresses are somewhat human readable, whereas MAC addresses might be processed faster. Though I doubt that speed difference would ever translate to a speed drop overall 'cos I doubt that that any "slowness" there would ever be a bottleneck.