The path an IP packet takes up the network "tree" is pretty clear to me (or so I think):
Am I in the right network?
No: Forward to the gateway address.
Yes: Go to the final destination address.
Am I there yet?
No: Repeat step one.
Yes: Done!
This only really accounts for going up the network. I'm not sure how to reconcile this with getting back down, say across the internet through all the gateways in between two personal computers. I know about NAT, so a gateway can receive a packet intended for it, and forward it to a device on its network, but that's surely not the whole story - for example, what if is no NAT (perhaps with IPv6)?
It would seem routers would need tables to guide packets to the right branches, (alternative destination instead of another gateway), and that top level internet routers would need huge tables to reliably route packets.
Well for the most part that is the case, you have huge routing tables that help route a packet from source to destination.
I'm not really sure what you meant by "going down the tree", but in the end of the day your private router at home get's a unique IP address from your ISP.
Your router probably doesn't have a specific route for a packet destined to facebook servers, but it also has a default gateway.
This means you'll keep getting through default gateways until your packet reaches a router that doe's know the specific router for a destination IP of a packet.
When the packet (let's say from facebook servers) get's back, the destination would be the unique IPv4 address (or IPv6, but we'll focus on 4) of your router.
Again it would go through all the default gateways, until reaching some router that knows what to do with the destination IP.
To help with routing, there are few predefined rules/ranges of addresses for each country/organization, and that helps route packets to/from them over the internet.
Btw, between the same organization. a lot of times they use tunneling - which i recommend reading on since it might help you get an even better understanding on the topic.
Related
That's essentially my question. Isn't the network portion in a computer's IP address so that, when it is sent, other computers can look at that network portion and know where to send it back to? So why do routers have their own IP address?
The router needs to be a node on the same network as the computer using it. When your PC tries to communicate with a system on a different network, it consults it's routing table to figure out which router (there can be several) has the route to the destination. Without an IP on the router, there would be no way to send packets to the router, and thus no way to get out of your network.
I suppose the IP protocol could have been designed to use broadcasts to find the route out, but that would have caused issues with traffic congestion. Thankfully it wasn't designed like that.
I am trying to understand how exactly routing works:
if 2 computers are on the same network
if they are on different networks.
More specifically I am trying to understand this: Routing
I am also trying to understand the difference between
IP Address,
Net Address,
Mac Address.
From what I understand:
1) IP Address: is used when computers communicate on the internet only.
2) Net Address: is a local version of the IP address and each device on the network has a unique net address. It's used when devices on the same network want to communicate with each other.
3) Mac Address: is a globally unique address and no other computer in the world has the same Mac address. In reality this is not true because it can be changed. It's used when ???
When a computer wants to communicate with another on the same network, they use net address, right? If the computers are on different networks what exactly happens?
Question: Can someone please fix my mistakes if any and explain what I am missing?
Thank you very much.
There are many network types, but since the most used ones are Ethernet and IP networks (and you seem to be asking about them), I will answer shortly based on them.
IP addresses are always used. They may not be used for deciding who gets the packets directly, but they are the basis even in local networks, since it is an IP network. There can also be other network types that have their own mechanisms, but they are not that common.
In local Ethernet the machines ask via ARP protocol "who has this IP address?" and get a reply with a MAC address. After that they send and receive packets based on that MAC address. The packets still have the IP address information, otherwise the receiving machine wouldn't know what is the destination. Do note that the receiving machine might be a firewall or other middleware device, not the actual computer that has the address. Also a single machine and network card may have several IP addresses set up for it.
In IP networks the IP address is used for routing. All routing devices have a routing table that will tell where the packets should go. If it's a simple device, it usually has a local network and everything else goes via a default gw, which will know better what to do with the packets.
A home router will just push them to the operator, there another router will know what addresses go to their networks, others are pushed forward via another connection, until a bigger place is reached where there are inter-operator connections and they choose again the correct route. And then it goes to smaller and smaller pipes the other way around.
I'm trying to develop an applicaton for p2p communication between two android devices. In order to punch a hole through my NAT(s), I'd need to know my external ip address and port.
To that end, I've developed a java server on GAE to report my "remote" ip address and port. The problem is that on GAE I can get my ip address, but not my port. Without it, I'm unable to successfully punch the hole.
So, my question is what's the best, free method to find out my external IP address and port?
That's a question that has no answer with TCP.
Here's the problem: your "port" is not a fixed value. You don't have "an" external port. You typically get one dynamically assigned for each outbound connection.
As answers you should see from the test sites posted in another answer clearly indicate, it's a moving target (though it may stay stationary for a short time due to the browser using HTTP/1.1 keepalives and actually reusing the same connection, not just the same port)... but if you hit the site repeatedly, you'll see it either drift around randomly, or increment. Trying it from two different web browsers on the same machine, you'd never see the same port number -- the port corresponds to the specific source connection, not the machine sourcing the connection.
Sometimes, you may find that it's the same port number as the port your machine's stack opened for the outbound connection, but even when it is, it doesn't matter, because no traffic should be able to return to your machine on that port unless it is from the IP address and port of the machine to which you made the outbound connection. Any decent network address translating device would never accept traffic from another source IP address and/or port, other than the one you addressed in the outbound connection.
There is no standard, simple, predictable, reliable, or consistent way to punch a hole in TCP NAT and then exploit that hole for a peer-to-per connection. To the extent that such things are possible in a given NAT implementation, that is an implementation that is shoddy, broken, defective, and insecure.
See also: https://www.rfc-editor.org/rfc/rfc5128
Sounds like your app could use a STUN server to get its external address.
How does a router know which is the best line on which to send packets. I mean, the routing table most often does not contain the entry for the destination network number of the IP packet. It only knows the destinations adjacent to it or nearby. It does not know if the address exists or not. Say I make a request for stackoverflow.com to my LAN proxy. Next it sends the request to a router. How is it that the packet is transported all the way to a server in the US using an optimal path seeing that that router knows only nearby addresses?
Thank you in advance...
Towards the edges of the Internet, each router has one or more default routes. The default route is used for all destination addresses for which the router doesn't have a specific route, and points "inward" - ie. it is assigned to the router's upstream link.
Each packet will therefore tend to flow upstream, towards the core of the network. As you get closer towards the network core, the routers tend to have larger and larger routing tables - they "know about" more networks. The core routers themselves do not have default routes - if they don't know how to get to the destination, they just drop the packet. The routers at this level use an exterior routing protocol, BGP, to exchange routes with other core routers. If your packet makes it this far, it will then start flowing downstream again, until it reaches its destination.
A router has a list of IP address/netmask pairs for each interface. Anything that is destined for that network will be sent directly on that network.
Anything farther away will be listed under a "next-hop" router. Your router will forward the packet to the next-hop router, using the appropriate local interface.
If the router doesn't have a map for the given destination, it will instead be sent to the default "next-hop". This is the default for your local computer or for a home router/firewall combination.
Is there an elegant way to make a program detect a new computer that is connected to the network?
I would like my program to "auto-sense" a new computer being connected on the network (they're on the same network). Like a USB device being connected to the computer.
What I'm doing now is to save a list of all computers in the network from time to time. Another approach is to PING all available IPs on the subnet.
Are there any other elegant approaches?
Thanks!
Listening for ARP requests is the canonical way to do this. Independent of DHCP or not, any connected computer that wishes to communicate with the outside world will have to make an ARP request for the address of the default router. This request will go out as a broadcast, and contain the source interface's MAC and IP adresses.
If the other computer uses DHCP, it will make an ARP request for it's own address as part of duplicate address detection, which is also a broadcast you can snoop on.
(This works more or less the same way for IPv6, except you need to look for neighbor discovery or router soliciation packets instead.)
Like the answer alluded to, if you have a switch to which you can telnet or use SNMP on, you can extract the MAC table. That will give you a list of MAC adresses on each port in the switch. If you want the IP addresses however, you still need to listen for ARP:s.
On the other hand, if you have access to the default gateway on the network, you can also look at the ARP table there. That will give you MAC and IP addresses for anyone that has recently (for different values of recently...) communicated with it.
If you have a managed switch of some kind, you could probably connect to that, that would be a fairly elegant method.
If you're on a domain, you can can get a list of all the machines joined to the domain from the domain controller.
Failing that, all I can think of is either a challenge/response thing (e.g. pinging them) or by detecting traffic sent from them (see this question maybe as a starting point?), neither of which strike me as an elegant approach.