Let's say host A want to send a package to 10.3.3.3, 10.3.3.3 is host B in the same subnet with A. But A thinks B is in the other net, will A try to use arp to get the mac address of B?
Will A set MAC to the route's MAC and send the package to the router directly? What will the router do if it received the package, it will send it to B directly?
Contrarily, if A think B is in the same net and actually, B is not, will A find B finally? A might send an arp but no one would response. Will A try to send the package to router?
The routing is entirely based on the destination address and the routing table (which will vary depending on the configuration of your subnet).
Lets suppose that,
Host A is 10.3.4.4 and is configured with netmask 255.255.255.0 and a router of 10.3.4.1
Host B is 10.3.3.3 and is configured with netmask 255.255.255.0.
In this case the routing table for host A will look something like,
Dest Gateway Mask
0.0.0.0 10.3.4.1 0.0.0.0
10.3.4.0 0.0.0.0 255.255.255.0
Starting at the bottom, host A will attempt to find which route to use. If host A tries to contact 10.3.4.x, it will match the first route, and instead of using a gateway it will send an ARP request "who has 10.3.4.x?" on the subnet broadcast address (10.3.4.255).
If host A tries to contact host B, it won't match the first routing rule, and will default to sending the packet to the gateway (10.3.4.1 in this example).
So no, A won't try to use ARP to get the MAC of host B if it isn't configured that host B is in the same subnet. If the router is configured with routing rules to route between subnets, it will deliver the packet, otherwise it will just get dropped.
Contrarily, if A think B is in the same net and actually, B is not,
will A find B finally? A might send an arp but no one would response.
Will A try to send the package to router?
No. The ARP request will get sent to the subnet broadcast address. If B isn't on that subnet and ignores the ARP request, A won't send the packet to the router, because where it sends the packet is just based on the destination IP address, there's no changing of where it's routed based on if the packet got delivered.
Related
Subnet #1 has 192.168.135.67/28 host
Subnet #2 has 192.168.135.90/28 host
and
Subnet #3 has 192.168.135.102/28 host
Any available host address within the network is valid for a router interface address. A router is just another host on the network, albeit the one to which traffic destined for a different network is sent. A router interface can be assigned any valid host address. Most people assign either the first or last usable address to the router interface, but that is not a requirement. It helps to be consistent.
I am just preparing for a test in college about networking.
I'm currently trying around with sub netting and I found out that two devices attached to a layer 2 switch can talk to each other although they have different subnets!
Device A: 192.168.0.1 subnet mask : 255.255.255.0
Device B: 192.168.1.1 subnet mask : 255.255.255.0
The question is why I can ping from device A to B and vice versa?
There's no router, just the two devices and a switch.
From my understanding they should not see each other.
The OS should not even send the ARP request when the unknown IP is in a different subnet.
Could this be a caching issue?
Many Cisco Layer 2 switches are capable to ping the connected systems.
It is possible that your computer might have a route entry that sends a packet which matches no other specific route entry to your router. This is also called as the default gateway. Conventionally the computers in the same subnet are connected directly and most of the times, do not go through the gateway.
To explain it more clearly, If you're on a Linux machine, run route -n.
Destination Gateway Genmask
14.0.1.0 0.0.0.0 255.255.255.0
0.0.0.0 172.16.80.1 0.0.0.0
The first entry has a destination ranging from 14.0.1.0 to 14.0.1.255. The gateway for this match is 0.0.0.0. The table implies that these systems are connected directly. On the other hand, the entry 0.0.0.0 in the destination field will get matched when the packet matches none of the other entries. The gateway for this is the router address (which in my case in 172.16.80.1). All the packets that do not have IPs in the range that I specified above go to the router for further routing. Once the router gets the packet, it takes the further decision based on its routing information that it posses.
In your case the router happens to know that the other subnet is attached to it and hence passed your packet onto that subnet.
Have a closer look at the ARP. The ARP would be addressed to the router in your case of pinging to the other subnet. On the other hand, if pinging within the network, the ARP would be to the destination directly. This is the conventional case. Of course, it all depends on the routing tables in your system. You can always make all packets go through the gateway or no packets to go through the gateway.
Can a computer with an IP address of class C like 192.168.0.1 and subnet mask 255.255.255.0 communicate and share resources with another computer having the IP 192.168.1.1 and the same subnet mask 255.255.255.0 ? I'm asking this because the first 3 octets in this case tell us that these IPs are running on different networks (network 192.168.0.0 and network 192.168.1.0).
Also, does "network" mean the same thing as "subnetwork" (or "subnet") in this context?
Thank you!
To fully understand how computer networks work, you need to take a look at OSI model (or in practice - TCP/IP or DoD model. For your question you need to look at first three layers: physical, data link and network.
Physical connection is self explanatory, and represents direct connection via some medium (copper, glass, air).
When a host A tries to send a packet to host B first thing it will do is look at the destination IP address and based on it's own IP configuration determine if host B is in the same subnet as a host A. This is done as Eugen Rieck explained to you already: subnet mask bits are used to mask the bits of the IP address (logical AND operation). Now, we have two cases:
Host A and B are in the same subnet.
Host A and B are not in the same subnet.
You should note that on layer 2, which network adapters use to send and receive frames, there is no IP addresses (which are present on layer 3) but instead the communication between devices is done by using MAC addresses. Because of that, host can directly communicate only with hosts in their subnet (1st scenario). For sending a frame host A needs the MAC address of host B. So host A first looks up the MAC address mapped to the IP address of host B in his ARP table. If he can't find it, it sends broadcast ARP request asking all host on the subnet who has that specific IP. If he gets a response it adds the MAC address of the host he got the reply from and builds a packet with destination MAC address of that host and IP address of that host.
If both hosts are not in the same subnet (2nd scenario) the packet is sent to default gateway which is responsible for finding a route to the destination. The crucial point to make here is that even if the destination MAC address in this case is the MAC address of the router (default gateway), the destination IP address is still the IP address of host B as in the first scenario. As the packet flows from router to router the source and destination MAC addresses will change, as they are locally significant, but the source and destination IP address will stay the same. This is how every layer provides a service (so to speak) to upper layers, and upper layers use it transparently without needing to know what is happening below.
So you have:
1st scenario.
----------------
L2:
Src MAC: host A
Dst MAC: host B
----------------
L3:
Src IP: host A
Dst IP: host B
----------------
2nd scenario:
----------------
L2:
Src MAC: host A
Dst MAC: router
----------------
L3:
Src IP: host A
Dst IP: host B
----------------
To sum it up (the answer #Eugen Rieck already gave you):
Two hosts which are not in the same subnet as in your example (192.168.0.1/24 and 192.168.1.1/24) will not be able to communicate on layer 2, and will require a L3 capable device such as router to act as a default gateway and to route the traffic between two networks (broadcast domains) for layer 3 connectivity.
Yes and no:
Yes: Those two computers can communicate, if there is a (properly set up) router in between and both sides have knowledge of it.
No: Those two computers can not communicate, if simply wired to the same dumb switch.
Rule of thumb: IP & SNM must be identical for all participants to allow direct communication.
You'd need to change the subnet mask to 255.255.254.0, or use a router or layer-3 switch to communicate.
Network generally means the whole network you're referring to, while subnet refers to a specific separate portion of it. However, the terminology is pretty loose.
If I have two internal computers connecting to the same external IP address through a NAT router, how is the router able to get the traffic to the correct internal computer? It is my understanding that NAT forwards incoming packets to the computer that recently sent outgoing packets to the [incoming packet's] sender's IP address. Since both computers are sending to the same address, does the router forward the packet to both? If that is the case, is it the responsibility of the client software to determine which packets are relevant?
Is it possible if both computers are attempting to connect to the same port?
When you open a socket, you need to address a port of the destination system and open a conjugate listening port on your own system to receive any response. You have to send the destination system your listening port.
Having more than one system using the same modem
When you start a web browser, and go to www.google.com:80, your browser obtains/searches for a free non-system conjugate port from the system for listening. Let us say, the conjugate port is 10000. The listener port is for receiving the http stream back from google.
Then your kid sitting next to you incidentally also browses www.google.com:80 and his/her google session of the play station or xbox-whatever also incidentally is assigned conjugate port 10000.
Both of you are sitting behind a cable modem, and behind the cable modem is your wireless router. And both of your systems are behind the wireless router - All sitting in that sequence, network topology-wise.
To prevent port address collision on the router/modem
Let us say that your cable company DHCP assigns your modem ip4 adress 72.72.72.72. But your wireless router DHCP assigns 192.168.0.10 to your system and to 192.168.0.11 to your kid's system.
When the frame carrying the information of your listener ports passes thro your NAT router, it would translate either one or both listening- ports. Let's say port 15000 for your page and port 16000 for your kid's page.
Your wireless router then sends your requests to google server as coming from 72.72.72.72:15000 and 72.72.72.72:16000.
The google server then responds individually to 72.72.72.72:15000 and 72.72.72.72:16000 and when you wireless router encounters the response, it reaches into the mapping that it has stored and translates 72.72.72.72:15000 to 192.168.0.10:10000 to reach your system but translates 72.72.72.72:16000 to 192.168.0.11:10000 to reach your kid's system.
Running web/game/ftp/etc servers
But what if you have a web server or an ftp server running on your system. What if you have two systems and both have a web server and both web servers are listening on port 80?
Let us say the local ip addresses registered/assigned with your wireless router of your first web server system is 192.168.0.30 and your second web server system is 192.168.0.40.
The wireless router would have a configuration web page usually by default 192.168.0.1:80, unless you changed it. There would be a tab to on the page where you could define/reserve application port mappings.
You could register with your wireless router to reserve the mapping
192.168.0.30:80 => outgoing port 8080
192.168.0.40:80 => outgoing port 8088
So that you have to phone your friends your web/game servers are addressable through
72.72.72.72:8080 and 72.72.72.72:8088 respectively,
where the wireless router would preclude its port 8080 and 8088 from its own dynamic NAT usage.
Of course, 72.72.72.72 is as good as only before your ISP DHCP decide to renew the ip4 address of your modem to say, 72.72.90.200. After which you would have to phone/email your friends and say
Hey, the servers' addresses have changed to 72.72.90.200:8080 and 72.72.90.200:8088 respectively. Or you could subscribe to dynamic dns (ddns) service to use a named domain where the ddns service will need you to install a simple heartbeat utility on your system to help them monitor the address variation. DDNS translation is a separate issue/strategy.
NAT modems
Newer ISP contracts supply you with a modem that has NAT. If so, you have to switch off either the one on your modem or the one on your wireless router. You should not use both - what's the point in translating twice because NAT is simply to prevent address collision. When you switch off NAT from your wireless router, it can operate as a hub switch and not a router anymore so that you could connect it to the modem using one of its LAN socket instead of thro its WAN socket.
The router manages "source" ports that are separate for each computer. While you may be connecting to port 80 on the "destination" the router may assign the source port to some high number port.
Wikipedia sums it up as
Network address translation involves
re-writing the source and/or
destination IP addresses and usually
also the TCP/UDP port numbers of IP
packets as they pass through the NAT.
Checksums (both IP and TCP/UDP) must
also be rewritten to take account of
the changes.
Already good answers are provided, but here is another example:
HOST A addr HOST B addr
10.1.0.2:4040 10.1.0.3:4040
-----------------------------------------
NAT 200.50.50.28:4040 200.50.50.28:4041 (what external host sees)
200.50.50.28 is router's global (internet) IP.
Every port number is unique in the NAT table. And of course the router does all the dirty job of modifying the source and destination addresses transparently.
It uses different ports for incoming external traffic, and the NAT then routes the packets on one port to one internal IP address, and the packets from the other port to the other internal IP address... The iniital request from each internal computer, when it goes through the NAT on the way out, establishes which port will be used for the incoming traffic from the external ip address, and it tells the external server what port to send it's traffic back on for that connection.
RFC3022 provides a lot of information on how this works
Since public facing or external IP Address that was given by Internet Service Provider (ISP) has been discussed, I would like to add on this.
You can ask your ISP to have your public IP Address not change. It will become static, so that you do not have to inform your friends to change the IP Address if they want to access your server inside your Network Address Translator (NAT).
As of this writing, static IP Address cost around 100 bucks. Most of the ISP they call it business account.
You can determine your public facing IP Address by googling "what is my ip address".
There is even a standard for IP in IP encapsulation. What is the use case here? I can understand stuff like TCP over DNS, where IP might be unavailable, but if you can do IP in IP, couldn't you simply do regular IP?
Obvious example: Your gateway drops packets to host A, but you can send packets to host B, and host B cand send to host A. So you tunnel to B which then forwards to A. IP in IP simply allows you to tunnel in an application-independent manner, unlike application level proxies, and you preserve TTL.
Its a case of tunnelling. You can have two remote offices connected through a link terminating on a gateway at each end. These gateways only allow traffic from the peer gateway. A host sitting on the LAN behind the gateway cannot directly reach another host in the remote office. It needs its gateway to encapsulate the packet specifying its own IP as source, so that the peer gateway will accept it, de-capsulate it and send it to the remote host on the LAN. As Moocha said, the journey from one gateway to another would then be just considered one hop.