If we are in the same network, then hop to hop communication takes place by layer-2 devices such as switches, bridges, etc. that work at the MAC layer.
But if we have to send packets to a destination in some other network then hop to hop communication takes place through routers.
Is this correct?
Your statements are conceptually correct, though the details are not quite right.
A layer 3 protocol like IP can route a packet from its source to its destination across the entire Internet, but a layer 2 protocol like ethernet can only route packets for a single hop. When a device transmits a packet on a TCP/IP network, it must know the ethernet (layer 2) address of the next hop and the IP (layer 3) address of the packet's final destination.
Let's look at the two cases you describe, using a scenario where a user on Device A knows the IP address of Device B and wants to send it a packet.
Devices on the same (unswitched) subnet
The user on Device A issues the command ping 10.1.1.23.
Device A broadcasts an ARP (layer 2) request, asking which device on its network can route a packet to IP address 10.1.1.23.
Device B recognizes the IP address as its own and answers the request by returning a packet with its IP and ethernet addresses as the source, and Device A's IP and ethernet addresses as the destination.
Now Device A has everything it needs to communicate with Device B. Every packet it transmits to Device B will have the proper ethernet and IP addresses as the destination.
Devices on the same (switched) subnet
The user on Device A issues the command ping 10.1.1.23.
Device A broadcasts an ARP (layer 2) request, asking which device on its network can route a packet to IP address 10.1.1.23.
A switch receives the packet on one of its ports and retransmits the same packet on whichever port is connected to Device B. This is the only significant difference between switched and unswitched subnets.
Device B recognizes the IP address as its own and answers the request by returning a packet with its IP and ethernet addresses as the source, and Device A's IP and ethernet addresses as the destination.
Now Device A has everything it needs to communicate with Device B. Every packet it transmits to Device B will have the proper ethernet and IP addresses as the destination.
Devices on different subnets
The user on Device A issues the command ping 8.8.8.8.
Device A broadcasts an ARP (layer 2) request, asking which device on its network can route a packet to IP address 8.8.8.8.
The address 8.8.8.8 is on a different network, so no local device recognizes the address as its own. However, a router sees the packet, checks its routing tables, and sees that it knows how to forward packets to the 8.8.8.x network. So the router replies by returning a packet that has its own ethernet address as the source.
Now Device A can communicate with Device B by sending packets that have a destination IP address of 8.8.8.8, but the router's ethernet address as their destination.
The router receives the packets because they are destined for its ethernet (layer 2) address, but it notices that their destination IP (layer 3) addresses are different from its own, and so it forwards them to whatever address is stored in its routing table.
Yes, you are correct. To access other networks (networks on a different subnet) a client will route the traffic to its default gateway, which will encapsulate the traffic and route appropriately. For communicating on the same network only a layer 2 switch is required.
Related
While Layer-2 Broadcast is very simple and straightforward, have dst mac in ethernet hdr = Broadcast mac, and you are done (Eg. ARP broadcast request msg). My question is how to achieve Layer-3 Broadcast using TCP/IP stack.
What should be the content of ethernet hdr and IP hdr (in terms of src and dst mac and src and dst ip addresses)? Basically I am looking at what should be the content of packet headers to facilitate ip/layer-3 broadcast. I have a topology of L3 routers connected. I want to know how one L3 router could broadcast a frame/pkt so that it reaches every other router. How to do L3-broadcast?
Is dst ip in IP hdr should be 255.255.255.255 in addition to dst mac in erthernet hdr = FF:FF:FF:FF:FF:FF?
you need to send the packet to the subnet broadcast address. for example, you have a network 192.168.1.0 255.255.255.0.
If you are sending a packet to 192.168.1.255 (routed), the router will generate a broadcast with destination FF:FF:FF:FF:FF:FF in the ethernet header.
But, many router are suppressing this. On Cisco Router, you can enable this with the command "ip directed-broadcast" on a interface.
try it out in your LAN.. take the broadcast address of your subnet (the very last address) and make a ping to that address... you will see an answer from many devices (not all devices will respond, depending on their implementation)
WakeOn LAN for exaple take usage of this method.. google it.
its not possible to reach multiple L3 Network because there is nothing like "l3 Broadcast" broadcast is Ethernet! If you want to do it, you need a bridged network (l2circuit) between the 3 Sites. Or, you can use Multicast if you want a 1 to many stream.
edit: maybe i should mention, per definition of ip, there is no broadcast! ip knows unicast and multicast. so you will not find any one router in the world that has something implemented like ip-broadcast. you have to write your application based on multicast!
Whether IP addresses will be visible to layer 2 (data link layer) devices. If not, then how come those layers use ARP protocols to convert IP address to MAC address without knowing IP address.
Thank You.
From thread here
ARP has always been a Layer 2 protocol. The reason: The highest layer addresses carried within ARP are Layer2 MAC addresses for typical ARP operation. The IP addresses in the ARP packets are protocol payload, no addressing information of the ARP packet itself.
ARP is a protocol that does not fit too well into the 7 layer OSI model or the ancient DoD layer model. These models were defined for end user applications like HTTP or FTP and they still define, how traffic is sent from application to application through a network stack (L3+L4) and a network interface (L2 + L1) down on the wire.
ARP is a service protocol that glues together layer 2 and layer 3 protocols. It solves the problem that you need to add a layer 2 (MAC) destination address over a shared media like Ethernet or Wireless LAN using IP packets. But ARP is a separate process with separate packets. You will find no ARP protocol information within an IP packet. This is the reason, why ARP is definitely not a layer 2.5 protocol.
Whether IP addresses will be visible to layer 2 (data link layer) devices.
generally speaking no. Ethernet header has ethertype field, which speficies next header format after the current ethernet header. There are a couple of values that are still at layer 2, like VLAN tags, spanning tree BPDUs, and similar. If Ethertype is anything else, layer 2 device is not supposed to look into it. (And a device that does should not really be called layer 2 device)
On end-hosts, ethertype will determine how packet is processes, after layer 2 processing is done. But this is no longer layer 2 processing.
If not, then how come those layers use ARP protocols to convert IP address to MAC address without knowing IP address.
I think you think of it backwards. ARP protocol is used by IP layer to find MAC address of a device with a given IP address on a local network. It is not used by layer 2 to map IPs.
For example, let's say your home network has two devices, your laptop which has IP 192.168.0.10 and your phone, which has IP 192.168.0.20. The network mask is /24. Now you want to send a packet from your laptop to your phone, for example ping 192.168.0.20.
First, an ICMP packet is created. Next, layer 3 determines where to send the packet. It has determined that the other host is connected to the same local network (based on first 24 bits of both addresses).
Next, this packet needs to be sent to local network. However, local network is layer 2, and layer 2 can only forward MAC addresses. Thus layer 3 signals layer 2 to do "MAC address lookup" for the IP address. Approximatelly, your laptop will send a broadcast packet to all connected devices saying that it looks for MAC address of a device that has IP address 192.168.0.20. Since your phone currently has this address, it replies, with its own MAC address. When the laptop receives the reply, it can send a frame with destination MAC to your phone. Note: laptop will usually also save an entry in its APR cache.
What are layer-1, layer-2, layer-3, layer-4 aware devices? What is the difference between them and what makes them belong to specific layer? I found very little on the internet
This is from the HTTP book I am reading:
In Ethernet networks, HTTP messages are sent in the form of addressed
data pack- ets. Each packet has a layer-4 address, consisting of the
source and destination IP address and TCP port numbers; this is the
address to which layer 4–aware devices pay attention. Each packet also
has a layer-2 address, the Media Access Control (MAC) address, to which
layer-2 devices (commonly switches and hubs) pay attention.The job of
layer-2 devices is to receive packets with particular incoming MAC
addresses and forward them to particular outgoing MAC addresses.
By searching on internet I got information that Address Resolution Protocol (ARP) is Link Layer (L2) protocol. As per ARP functionality it broadcasts to entire network to check to whom this specific IP belongs to get its MAC address.. but as ARP is L2 protocol, how does it knows destination IP address as IP's are encapsulated in L3 and L2 protocol can't read it
Layer 3 and above are located in the "Payload" part of an ethernet header.
As you can see here the ARP packet also contains IP addresses from its sender and receiver:
ARP packet contain source HW address and src IP address as well as destination HW address and destination IP also .
when ARP resolution happens, means when ARP send request and get response from same destination,ARP update the destination IP in arp_entry .
I would like to elaborate on the previous questions.
first, here it is the case where you can't really apply the model. ARP is sometimes layer 2 and sometimes layer 3 (the similar functionality in IPv6 is done with neighbor discovery protocol, which is carried in ICMP packets)
ARP packets do not carry IP payload. They only carry ARP packets. See other answers for the format
ARP is executed by two end-hosts, which both have to implement both layer 2 and layer 3
ARP is initiated by layer 3, when layer 3 tries to send packet to an IP address on the local network.
ARP is processed by a host, which implements both layer 2 and layer 3. A host without layer 3 cannot have an IP address.
Intermediate layer 2 systems generally cannot process ARP requests, past forwarding ethernet packets with broadcast destination MAC
I connected two machines via a network cable. I need to get an ARP request data via Wireshark. When I pinged the IP of the other machine, I get the ARP request on Wireshark. But, it is not broadcasting a message. It targets pinged IP address directly. I think a LAN with only two machines does not need to do a broadcast. Am I right? Can any one explain this to me?
Always in ARP packet, MAC address will be broadcast not IP. As it is used to learn MAC address of other host whose IP address is known, ARP packet needs to have valid IP address rather than broadcast IP. You can check ARP packet example at below path:
http://wiki.wireshark.org/AddressResolutionProtocol
Hope this clears your doubt.