That's essentially my question. Isn't the network portion in a computer's IP address so that, when it is sent, other computers can look at that network portion and know where to send it back to? So why do routers have their own IP address?
The router needs to be a node on the same network as the computer using it. When your PC tries to communicate with a system on a different network, it consults it's routing table to figure out which router (there can be several) has the route to the destination. Without an IP on the router, there would be no way to send packets to the router, and thus no way to get out of your network.
I suppose the IP protocol could have been designed to use broadcasts to find the route out, but that would have caused issues with traffic congestion. Thankfully it wasn't designed like that.
Related
I'm trying to send messages between multiple computers on different networks via HTTP.
From my understanding, a computer has an internal IP for their home network, and an external IP for their router.
To send my HTTP packet from one computer to another, I assume it makes at least three hops:
From my device to my router
From my router to another router with a given external IP
From that router to the device with a given internal IP
And that's given there aren't any other subnetworks in the way.
My assumption, therefore, is that to contact such a device, you need a list of at least one IP address. But from what I've seen from tools like cURL or ping, that's not how it works.
What am I misunderstanding, and how do I go about sending a packet to such a device with cURL?
I'm new to the networking world and I'm using Wireshark to learn stuffs about the network.
I was hanging around in Wireshark while I was using my VPN for circumventing the internet filter (living in a dictatorship country).
While I was using the VPN I see packets that their source or destination IP was neither my IP nor VPN server IP.
I considered two things about my problem:
1- I know my VPN uses its VPN server to send my whole packets to that server then forward them to my deserved destination, then take the response and send it to my client (is that correct?).
2- In Wireshark, I just can see the packets that their either source or destination address is my IP address.
My packets before using VPN:
As you can see, their either source or destination IP is my IP (192.168.1.101).
After using VPN, VPN:
Wireshark:
I tried filtering packets with my IP like this ip.addr == 192.168.1.101 to see only the packets that their either source or destination IP was my private IP, and guess what? nothing was changed. Why did this happen? Wasn't that supposed to filter my packets?
I also checked those packets' MAC and compared them with my MAC, and they were identical.
So my main question is why these kinds of wandering packets were showed by Wireshark? Is my VPN client insecure and trying to sending my data to other places? Or I'm wrong about how my VPN works?
Also, I appreciate it If somebody tells me more explanation about how my VPN or Wireshark works so that I have these types of packets in my Wireshark.
First of all your considerations, point no.1 is right, that's how a typical VPN works and point no.2 is wrong.
Wireshark can capture any packet (any source IP or destination IP) flowing in and out of a network adapter technically known as NIC card. NIC cards are the way through which you can connect to a network (Internet). A quick brief of NIC over here
A typical VPN client software would form a virtual NIC to encrypt and send your traffic through it. A quick brief of VPNs over here
So, to see the required traffic in Wireshark, you must capture traffic from an appropriate interface (NIC card). The answer over here might be helpful.
I am trying to understand how exactly routing works:
if 2 computers are on the same network
if they are on different networks.
More specifically I am trying to understand this: Routing
I am also trying to understand the difference between
IP Address,
Net Address,
Mac Address.
From what I understand:
1) IP Address: is used when computers communicate on the internet only.
2) Net Address: is a local version of the IP address and each device on the network has a unique net address. It's used when devices on the same network want to communicate with each other.
3) Mac Address: is a globally unique address and no other computer in the world has the same Mac address. In reality this is not true because it can be changed. It's used when ???
When a computer wants to communicate with another on the same network, they use net address, right? If the computers are on different networks what exactly happens?
Question: Can someone please fix my mistakes if any and explain what I am missing?
Thank you very much.
There are many network types, but since the most used ones are Ethernet and IP networks (and you seem to be asking about them), I will answer shortly based on them.
IP addresses are always used. They may not be used for deciding who gets the packets directly, but they are the basis even in local networks, since it is an IP network. There can also be other network types that have their own mechanisms, but they are not that common.
In local Ethernet the machines ask via ARP protocol "who has this IP address?" and get a reply with a MAC address. After that they send and receive packets based on that MAC address. The packets still have the IP address information, otherwise the receiving machine wouldn't know what is the destination. Do note that the receiving machine might be a firewall or other middleware device, not the actual computer that has the address. Also a single machine and network card may have several IP addresses set up for it.
In IP networks the IP address is used for routing. All routing devices have a routing table that will tell where the packets should go. If it's a simple device, it usually has a local network and everything else goes via a default gw, which will know better what to do with the packets.
A home router will just push them to the operator, there another router will know what addresses go to their networks, others are pushed forward via another connection, until a bigger place is reached where there are inter-operator connections and they choose again the correct route. And then it goes to smaller and smaller pipes the other way around.
Gonna use 'ROUTER ONE' and 'ROUTER TWO', for my examples.
I have two routers, one on wireless one on ethernet. Both have different names. I want windows to just use the internet connection on ROUTER ONE and not use the connection on ROUTER TWO, but I still want to access ROUTER TWO's IP. At the moment to use the network I have to unplug the cable, as I get on the site I want, then the OTHER router takes me too another network saying that the connection is unavailable.
So then, what do I do?
The router names are irrelevant, all that matters is their IP addresses. You can tell a computer which router to use by setting it gateway address to that router's internal IP address. You can do that in the DHCP settings if you want it applied network wide.
As far as accessing both routers it all depends on how your network is set up both physically and its IP scheme. If both routers are on the same physical network and IP scheme you should be able to access them. If they are on the same physical network but on different IP schemes you can assign a second IP address to a computer that is compatible with the second scheme so you will be able to access the second router.
Is there an elegant way to make a program detect a new computer that is connected to the network?
I would like my program to "auto-sense" a new computer being connected on the network (they're on the same network). Like a USB device being connected to the computer.
What I'm doing now is to save a list of all computers in the network from time to time. Another approach is to PING all available IPs on the subnet.
Are there any other elegant approaches?
Thanks!
Listening for ARP requests is the canonical way to do this. Independent of DHCP or not, any connected computer that wishes to communicate with the outside world will have to make an ARP request for the address of the default router. This request will go out as a broadcast, and contain the source interface's MAC and IP adresses.
If the other computer uses DHCP, it will make an ARP request for it's own address as part of duplicate address detection, which is also a broadcast you can snoop on.
(This works more or less the same way for IPv6, except you need to look for neighbor discovery or router soliciation packets instead.)
Like the answer alluded to, if you have a switch to which you can telnet or use SNMP on, you can extract the MAC table. That will give you a list of MAC adresses on each port in the switch. If you want the IP addresses however, you still need to listen for ARP:s.
On the other hand, if you have access to the default gateway on the network, you can also look at the ARP table there. That will give you MAC and IP addresses for anyone that has recently (for different values of recently...) communicated with it.
If you have a managed switch of some kind, you could probably connect to that, that would be a fairly elegant method.
If you're on a domain, you can can get a list of all the machines joined to the domain from the domain controller.
Failing that, all I can think of is either a challenge/response thing (e.g. pinging them) or by detecting traffic sent from them (see this question maybe as a starting point?), neither of which strike me as an elegant approach.