9

I'm trying to figure out why wake on lan frames, in the simplest form, are designeted to the ethernet broadcast address (FF:FF:FF:FF:FF:FF) and not to the address of the machine to be powered on.

Does it has to do with the network switch internal table that assings a mac address to ports?

ApriOri
  • 325
  • 1
  • 10

2 Answers2

13

According to AMD's spec the destination doesn't have to be the all-ones address. It can also be the receiving station's address or a multicast address. The payload is a different story. It must be the sequence ff:ff:ff:ff:ff:ff followed by the receiving station's MAC address repeated 16 times.

The presence of absence of the station's entry in the switch's CAM table shouldn't matter in this case. If the entry isn't present the packet should be forwarded out all ports.

John Gardeniers
  • 27,262
  • 12
  • 53
  • 108
Gerald Combs
  • 6,331
  • 23
  • 35
  • Is there a reson for sending the broadcast address specifically, a special case that only broadcast (in the ethernet frame) works? – ApriOri May 31 '12 at 17:13
  • @Erb Not that I'm aware of. The broadcast address can be *less* useful in practice. I ran a quick test using the `etherwake` and `wakeonlan` utilities. The source machine has multiple interfaces. Etherwake sends to the station MAC address by default and lets you specify the interface. Wakeonlan sends to the broadcast MAC address address and I had to specify a destination IP address, otherwise it sent the packet out the wrong interface. – Gerald Combs May 31 '12 at 18:32
  • According to the AMD spec you mentioned it seems that there is a relation to directed broadcast, when you need to wake up machines on another network.it seems like only when the broadcast address is used the WOL packet will pass to the foriegn subnet. – ApriOri Jun 01 '12 at 12:17
  • 1
    Let's back up a bit here. There are up to two (maybe more than two but let's keep things simple) addresses types in the packet: data link and network. If you're trying to wake up a machine on the same subnet you can use a unicast, multicast, or broadcast link layer address. For a machine on a different subnet you have to use an address that the router(s) will forward *and* will show up at the destination NIC even after being mangled en route. This usually means the broadcast network address on the destination subnet, hence "subnet directed broadcast". – Gerald Combs Jun 01 '12 at 16:46
  • The "Infrastructure Implications" section of the spec explains it better than I can. – Gerald Combs Jun 01 '12 at 16:47
8

Yes. Since the mappings expire after some time (generally it's 4 hours if I recall correctly), it needs to be broadcast so it has a chance of reaching the target machine after the mappings are gone.

Edit:

Correction: If the mappings expire, the message is broadcast anyway.

The only reason why you would need to use broadcast is in case the machine physically moved to a different port and you tried to use Magic packets to wake up the machine before the mappings expired. Sounds like that would be handy in a datacenter, but I can't say if it's actually used.

While the example I've given probably never happens, it's likely the reason why broadcast is generally chosen - it's more reliable in case of bad/outdated mappings.

Sašo
  • 1,464
  • 2
  • 9
  • 13