Warning: This is a very long technical post.
I will try to explain the background and the problems with wake-on-lan and wake-on-wan (internet).
Let's start with some technical background on TCP/IP.
TCP/IP Addressing
TCP/IP uses an IP-Address to identify a network station. This is a logical number and consists of two parts, an identifier for the network and a second identifier for the network node in that network.
Example network 567
Machine (node) 365
These two numbers 567.365 are now used to unambiguously identify each machine in each network.
But these two numbers must fit together in 4 bytes (IPv4). Each byte has a range from 0..255.
If we use the first two bytes for the network 556 we get 2x256+44=556, this is written as
2.44
The machine number 365 is 1x256+109, written as
1.109
Together we get the IP address 2.44.1.109.
Now we face the first problem: We can move the boundary between network and machine number.
For example we can use 1 byte for the network and 3 for the machine, or vice versa.
That’s why we need an additional number which is used to calculate the range of network and machine number.
This number is called the network mask, for our example above it is 255.255.0.0.
To understand the network mask we have to write the number in bits:
00000010.00101100.00000001.01101101 IP address
11111111.11111111.00000000.00000000 Netmask
00000010.00101100.00000000.00000000 Binary AND
A binary AND operation gives the network part 2.44.0.0
In the same way we can calculate the node number using an inverse mask:
00000010.00101100.00000001.01101101 IP address
00000000.00000000.11111111.11111111 Netmask
00000000.00000000.00000001.01101101 Binary AND
A binary AND operation gives the node number 0.0.1.109
And finally TCP/IP uses a special address, called the broadcast address. This broadcast address is used to send data to all nodes in the same network.
This address uses a node number where all bits are 1. For our example above this is
2.44.255.255
Again the netmask is used to calculate the broadcast address, but with a binary OR:
00000010.00101100.00000001.01101101 IP address
00000000.00000000.11111111.11111111 Netmask
00000010.00101100.11111111.11111111 Binary OR
A binary OR operation gives the node number 2.44.255.255
In a typical small office/home office (SoHo) environment we have a network mask of 255.255.255.0
This means we use 3 bytes for the network and 1 byte for the nodes (which allows the use of around 250 devices).
A typical example is 192.168.x.y
The broadcast address is now 192.168.x.255.
This information is shown when you run the command ipconfig.
Physical addressing
TCP/IP is the logical view of a network. At the end of the day we always have a physical device, so we need the physical address to transmit data. This address is called media-access address (mac in short). TCP/IP has a mapping table to map a logical IP address to a physical mac address.
On a windows machine you can see that table if you open a command prompt and enter
Arp –a
This mapping is built by the address resolution protocol (arp in short). The entries in that table are only valid for 10-15 minutes. When a system is offline, the mac address is dropped after that period.
Now it’s impossible to send data to that system because we no longer have the physical address. It does NOT help to use a fixed (static) IP address because we still miss the mac address. The only way is a broadcast!
Wake-On-Lan
Wake-on-lan uses a special data packet (a magic packet). This is sent with a broadcast in a local network to wake a machine. The sleeping machine is not able to orivide their mac address, so the arp table is empty and only a broadcast can reach the network interface.
Wake-On-Wan
If we send a magic packet from outside of our network, we can only see and access the public IP of our router. We have no access to the internal network (which is a good thing). The router has to forward this magic packet into our network. But again we need a broadcast to wake a sleeping machine.
Professional router![:D]()
A good (professional) router can forward an external packet to the internal broadcast address.
So a forwarding rule for our example network above looks like:
Routers which support that feature are for example routers from Lancom http://www.lancom-sy...de/en/homepage/
But THIS IS NOT POSSIBLE with almost all cheap SoHo routers. They do not allow to use the broadcast address (most often for security and support reasons).
Semiprofessional router![:)]()
Some routers allow you to add a static arp entry to the arp table. If this is supported (sometimes only via telnet and a command line) we can add a static arp entry for our home server with a fixed IP.
Now a forward to our static IP will work because we have a mapping to a mac address. For example if our server runs on 192.168.1.128 and we assign the mac 00-18-cb-96-32-fa we can simply use
If we want to wake more than one machine, we need a little bit more advanced setting. We need to add a static arp entry for an unused IP address, say 222 and use the reserved mac address FF-FF-FF- FF-FF-FF. This mac address is the physical broadcast address. Again we use a forward to that IP which can now be used to wake more than one machine:
Router with special wake-up support![:mellow:]()
AVM implemented a special wake-up feature in their latest Fritz!Box router firmware. As soon as the router detects external access to one of the forwarded ports, the router can send a wol signal to the machine. This works very well and requires no special configuration but has a disadvantage: Every port scan and any access will now wake your server! If you use the standard HTTP(S) ports 80 and 443 this will in fact prevent a server standby.
SoHo router![:(]()
If your router does not support broadcasts and does not support static arp entries and is not a Fritz!Box you HAVE NO CHANCE to get Wake-on-Wan working!
Router with other firmware![B)]()
Some routers can be flashed with an open source firmware like http://dd.wrt.com. I've not done that myself and have no experience here.
Using a wol proxy![:ph34r:]()
This is the option that will work with every router - but this requires a machine or an additional device which is running 24/7. You can forward the magic packet to that device and run a special wol proxy software which will receive the magic packet from the router and resend the packet via a broadcast. Running such a proxy on a windows machine makes no sense, so we need a little, cheap, energy optimized device to do that. Raspberry Pi to the rescue http://www.raspberrypi.org/ . This is a single board ARM based minicomputer running Linux.
UPDATED July 27, 2012
This project is now live: http://forum.wegotserved.com/index.php/topic/24881-wolproxy-with-raspberry-pi/
I will try to explain the background and the problems with wake-on-lan and wake-on-wan (internet).
Let's start with some technical background on TCP/IP.
TCP/IP Addressing
TCP/IP uses an IP-Address to identify a network station. This is a logical number and consists of two parts, an identifier for the network and a second identifier for the network node in that network.
Example network 567
Machine (node) 365
These two numbers 567.365 are now used to unambiguously identify each machine in each network.
But these two numbers must fit together in 4 bytes (IPv4). Each byte has a range from 0..255.
If we use the first two bytes for the network 556 we get 2x256+44=556, this is written as
2.44
The machine number 365 is 1x256+109, written as
1.109
Together we get the IP address 2.44.1.109.
Now we face the first problem: We can move the boundary between network and machine number.
For example we can use 1 byte for the network and 3 for the machine, or vice versa.
That’s why we need an additional number which is used to calculate the range of network and machine number.
This number is called the network mask, for our example above it is 255.255.0.0.
To understand the network mask we have to write the number in bits:
00000010.00101100.00000001.01101101 IP address
11111111.11111111.00000000.00000000 Netmask
00000010.00101100.00000000.00000000 Binary AND
A binary AND operation gives the network part 2.44.0.0
In the same way we can calculate the node number using an inverse mask:
00000010.00101100.00000001.01101101 IP address
00000000.00000000.11111111.11111111 Netmask
00000000.00000000.00000001.01101101 Binary AND
A binary AND operation gives the node number 0.0.1.109
And finally TCP/IP uses a special address, called the broadcast address. This broadcast address is used to send data to all nodes in the same network.
This address uses a node number where all bits are 1. For our example above this is
2.44.255.255
Again the netmask is used to calculate the broadcast address, but with a binary OR:
00000010.00101100.00000001.01101101 IP address
00000000.00000000.11111111.11111111 Netmask
00000010.00101100.11111111.11111111 Binary OR
A binary OR operation gives the node number 2.44.255.255
In a typical small office/home office (SoHo) environment we have a network mask of 255.255.255.0
This means we use 3 bytes for the network and 1 byte for the nodes (which allows the use of around 250 devices).
A typical example is 192.168.x.y
The broadcast address is now 192.168.x.255.
This information is shown when you run the command ipconfig.
Physical addressing
TCP/IP is the logical view of a network. At the end of the day we always have a physical device, so we need the physical address to transmit data. This address is called media-access address (mac in short). TCP/IP has a mapping table to map a logical IP address to a physical mac address.
On a windows machine you can see that table if you open a command prompt and enter
Arp –a
Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten. C:\Windows\System32>arp -a Schnittstelle: 192.168.1.139 --- 0xa Internetadresse Physische Adresse Typ 192.168.1.84 00-0d-29-aa-81-db dynamisch 192.168.1.101 00-25-e9-74-47-1c dynamisch 192.168.1.128 00-18-cb-96-32-fa dynamisch 192.168.1.134 00-81-78-37-cc-18 dynamisch
This mapping is built by the address resolution protocol (arp in short). The entries in that table are only valid for 10-15 minutes. When a system is offline, the mac address is dropped after that period.
Now it’s impossible to send data to that system because we no longer have the physical address. It does NOT help to use a fixed (static) IP address because we still miss the mac address. The only way is a broadcast!
Wake-On-Lan
Wake-on-lan uses a special data packet (a magic packet). This is sent with a broadcast in a local network to wake a machine. The sleeping machine is not able to orivide their mac address, so the arp table is empty and only a broadcast can reach the network interface.
Wake-On-Wan
If we send a magic packet from outside of our network, we can only see and access the public IP of our router. We have no access to the internal network (which is a good thing). The router has to forward this magic packet into our network. But again we need a broadcast to wake a sleeping machine.
Professional router
A good (professional) router can forward an external packet to the internal broadcast address.
So a forwarding rule for our example network above looks like:
External UDP data on port 9 forwarded to internal port 9, address 192.168.1.255
Routers which support that feature are for example routers from Lancom http://www.lancom-sy...de/en/homepage/
But THIS IS NOT POSSIBLE with almost all cheap SoHo routers. They do not allow to use the broadcast address (most often for security and support reasons).
Semiprofessional router
Some routers allow you to add a static arp entry to the arp table. If this is supported (sometimes only via telnet and a command line) we can add a static arp entry for our home server with a fixed IP.
Now a forward to our static IP will work because we have a mapping to a mac address. For example if our server runs on 192.168.1.128 and we assign the mac 00-18-cb-96-32-fa we can simply use
External UDP data on port 9 forwarded to internal port 9, address 192.168.1.128
If we want to wake more than one machine, we need a little bit more advanced setting. We need to add a static arp entry for an unused IP address, say 222 and use the reserved mac address FF-FF-FF- FF-FF-FF. This mac address is the physical broadcast address. Again we use a forward to that IP which can now be used to wake more than one machine:
External UDP data on port 9 forwarded to internal port 9, address 192.168.1.222
Router with special wake-up support
AVM implemented a special wake-up feature in their latest Fritz!Box router firmware. As soon as the router detects external access to one of the forwarded ports, the router can send a wol signal to the machine. This works very well and requires no special configuration but has a disadvantage: Every port scan and any access will now wake your server! If you use the standard HTTP(S) ports 80 and 443 this will in fact prevent a server standby.
SoHo router
If your router does not support broadcasts and does not support static arp entries and is not a Fritz!Box you HAVE NO CHANCE to get Wake-on-Wan working!
Router with other firmware
Some routers can be flashed with an open source firmware like http://dd.wrt.com. I've not done that myself and have no experience here.
Using a wol proxy
This is the option that will work with every router - but this requires a machine or an additional device which is running 24/7. You can forward the magic packet to that device and run a special wol proxy software which will receive the magic packet from the router and resend the packet via a broadcast. Running such a proxy on a windows machine makes no sense, so we need a little, cheap, energy optimized device to do that. Raspberry Pi to the rescue http://www.raspberrypi.org/ . This is a single board ARM based minicomputer running Linux.
UPDATED July 27, 2012
This project is now live: http://forum.wegotserved.com/index.php/topic/24881-wolproxy-with-raspberry-pi/