MAC Address Retrieving Methods
Remote Shutdown supports six methods of retrieving MAC addresses from remote Machines. The methods to be used should be specified on the MAC Address Scan preference page. It is also possible to override the methods used to retrieve MAC addresses for each standalone operation. Each method has its pros and cons and is described in detail below.
Neighbor Discovery
The Neighbor Discovery method is based on the local subnet communication protocols. Those are the Address Resolution Protocol (ARP) for IPv4 networks and the Neighbor Discovery Protocol (NDP) for IPv6 networks.
ARP is used to identify the MAC address associated with a certain IPv4 address. If a machine has a packet bound for another IP on a locally connected Ethernet network, it sends a broadcast Ethernet frame containing an ARP request to the Ethernet. That packet will be received by all machines with the same Ethernet broadcast address. If a machine receiving the ARP request hosts the requested IP, it will respond with the link layer address, at which it will receive packets for that IP address. Once the requester receives the response packet, it will start associating the MAC address with the respective IP address. That information is stored in the ARP cache, which is available on individual network adapters as well as on IP routers.
NDP is a protocol in the Internet protocol suite used with IPv6. It operates at the Network Layer of the Internet model, and is responsible for gathering various information required for internet communication, including the configuration of local connections and the domain name servers and gateways used to communicate with more distant systems.
The protocol defines different ICMPv6 packet types to perform functions for IPv6 similar to the Address Resolution Protocol (ARP) and Internet Control Message Protocol (ICMP) Router Discovery and Router Redirect protocols for IPv4. However, it provides many improvements over its IPv4 counterparts. For example, it includes Neighbor Unreachability Detection (NUD), thus improving robustness of packet delivery in the presence of failing routers or links, or mobile nodes.
IPv6 EUI-64
The IPv6 EUI-64 method is based on extracting the Machine MAC address from the IPv6 address that is generated using the Extended Unique Identifier algorithm.
NetBIOS
NetBIOS (Network Basic Input/Output System) provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network.
WinAPI
Windows API is Microsoft's core set of application programming interfaces (APIs) available in the Microsoft Windows operating systems.
WMI
Windows Management Instrumentation (WMI) is a set of extensions to the Windows Driver Model that form an operating system interface through which instrumented components provide information and notification. WMI is used to access and manage data on remote computers. Remote connections in WMI are affected by Windows Firewall and Distributed Component Object Model (DCOM) settings. Windows Firewall is enabled by default and set to block any data requests from remote Machines and callbacks resulting from asynchronous calls. The firewall and DCOM settings must be configured to allow such connections. For Windows Vista and later OS, it is also required to configure User Account Control (UAC).
Changing DCOM settings may allow remote access to the Machine for low-rights users. Refer to the Setting DCOM Security to Allow a User to Access a Computer Remotely document for the instructions on DCOM security configuration.
DHCP
The Dynamic Host Configuration Protocol (DHCP) is an automatic configuration protocol used in IP networks. Computers that are connected to non-DHCP equipped IP networks must be configured before they can communicate with other computers in the network. DHCP allows a computer to be configured automatically thus eliminating the need for intervention by a network administrator. It also provides a central database for keeping track of computers that have been connected to the network. This prevents two computers from accidentally being configured with the same IP address. Also, this allows obtaining client information using the IP address of the client, thus, it is possible to retrieve MAC address information from the DHCP server.
Remote Shutdown can retrieve MAC addresses from a DHCP server only within network environments that use a Microsoft Windows Server machine as the DHCP server.
The DHCP servers to be used can be configured on the MAC Address Scan preference page. The servers can either be detected automatically or defined manually. The automatic server detection method uses the information about DHCP servers available on the network adapter.
Administrative privileges are required to communicate with the DHCP server. The credentials to be used to connect to the server can be defined together with the other server information when providing the servers manually. If the credentials are not provided or the automatic detection method is used, Remote Shutdown first tries to connect to the DHCP server using the credentials defined for the local domain or the current user credentials, in case the credentials for the local domain are not specified. Then, the credentials defined for other groups within the Alternate Credentials view are used if connection cannot be established due to insufficient access rights.
Methods comparison
Method |
Advantages |
Disadvantages |
---|---|---|
Neighbor Discovery |
High processing speed. Administrative privileges on remote Machines are not required. |
Ability to process Machines only within a local subnet. |
IPv6 EUI-64 |
Extremely high processing speed. No network communication is required. |
Only the Machines with IPv6 addresses of specific (EUI-64) format can be handled. |
NetBIOS |
High processing speed. Administrative privileges on remote Machines are not required. |
Ability to process Machines only within a single physical network. Requires that the NetBIOS protocol should be enabled. A Machine should be turned on for the method to succeed, thus it is not used for retrieving MAC address while performing Wake-on-LAN. |
WinAPI |
Ability to process any kind of Machine regardless of its location. |
Lower processing speed compared to other methods. Requires administrative privileges on remote Machines. A Machine should be turned on for the method to succeed, thus it is not used for retrieving MAC address while performing Wake-on-LAN. |
WMI |
Ability to process any kind of Machine regardless of its location. |
Requires administrative privileges on remote Machines. Turned off by default on most Machines. A Machine should be turned on for the method to succeed, thus it is not used for retrieving MAC address while performing Wake-on-LAN. |
DHCP |
High processing speed. Ability to process any kind of Machine regardless of its location. Ability to retrieve MAC addresses for Machines that are turned off. |
The DHCP server must be available. Administrative privileges are required to connect to the DHCP server. Ability to operate only with Microsoft DHCP servers. |