MAC Address Retrieving Methods

Remote Shutdown supports six methods of retrieving MAC addresses from remote Machines. The methods to be used should be specified on the MAC Address Scan preference page. It is also possible to override the methods used to retrieve MAC addresses for each standalone operation. Each method has its pros and cons and is described in detail below.

Neighbor Discovery

The Neighbor Discovery method is based on the local subnet communication protocols. Those are the Address Resolution Protocol (ARP) for IPv4 networks and the Neighbor Discovery Protocol (NDP) for IPv6 networks.

ARP is used to identify the MAC address associated with a certain IPv4 address. If a machine has a packet bound for another IP on a locally connected Ethernet network, it sends a broadcast Ethernet frame containing an ARP request to the Ethernet. That packet will be received by all machines with the same Ethernet broadcast address. If a machine receiving the ARP request hosts the requested IP, it will respond with the link layer address, at which it will receive packets for that IP address. Once the requester receives the response packet, it will start associating the MAC address with the respective IP address. That information is stored in the ARP cache, which is available on individual network adapters as well as on IP routers.

NDP is a protocol in the Internet protocol suite used with IPv6. It operates at the Network Layer of the Internet model, and is responsible for gathering various information required for internet communication, including the configuration of local connections and the domain name servers and gateways used to communicate with more distant systems.

The protocol defines different ICMPv6 packet types to perform functions for IPv6 similar to the Address Resolution Protocol (ARP) and Internet Control Message Protocol (ICMP) Router Discovery and Router Redirect protocols for IPv4. However, it provides many improvements over its IPv4 counterparts. For example, it includes Neighbor Unreachability Detection (NUD), thus improving robustness of packet delivery in the presence of failing routers or links, or mobile nodes.

IPv6 EUI-64

The IPv6 EUI-64 method is based on extracting the Machine MAC address from the IPv6 address that is generated using the Extended Unique Identifier algorithm.

NetBIOS

NetBIOS (Network Basic Input/Output System) provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network.

WinAPI

Windows API is Microsoft's core set of application programming interfaces (APIs) available in the Microsoft Windows operating systems.

WMI

Windows Management Instrumentation (WMI) is a set of extensions to the Windows Driver Model that form an operating system interface through which instrumented components provide information and notification. WMI is used to access and manage data on remote computers. Remote connections in WMI are affected by Windows Firewall and Distributed Component Object Model (DCOM) settings. Windows Firewall is enabled by default and set to block any data requests from remote Machines and callbacks resulting from asynchronous calls. The firewall and DCOM settings must be configured to allow such connections. For Windows Vista and later OS, it is also required to configure User Account Control (UAC).

DHCP

The Dynamic Host Configuration Protocol (DHCP) is an automatic configuration protocol used in IP networks. Computers that are connected to non-DHCP equipped IP networks must be configured before they can communicate with other computers in the network. DHCP allows a computer to be configured automatically thus eliminating the need for intervention by a network administrator. It also provides a central database for keeping track of computers that have been connected to the network. This prevents two computers from accidentally being configured with the same IP address. Also, this allows obtaining client information using the IP address of the client, thus, it is possible to retrieve MAC address information from the DHCP server.

The DHCP servers to be used can be configured on the MAC Address Scan preference page. The servers can either be detected automatically or defined manually. The automatic server detection method uses the information about DHCP servers available on the network adapter.

Administrative privileges are required to communicate with the DHCP server. The credentials to be used to connect to the server can be defined together with the other server information when providing the servers manually. If the credentials are not provided or the automatic detection method is used, Remote Shutdown first tries to connect to the DHCP server using the credentials defined for the local domain or the current user credentials, in case the credentials for the local domain are not specified. Then, the credentials defined for other groups within the Alternate Credentials view are used if connection cannot be established due to insufficient access rights.

Methods comparison