Internetworking Equipments

Written by Mihai Dobos

Learn how network equipments work under a real TCP/IP data transmission. The whole process that occurs when two computers (client and server) communicate over the network is very complex, so I'll try to explain it as simple as possible. First, here is the big picture: Our client (PC 1) will try to access the http server (named Server) on the remote side. Looking at the Local side first, our client's browser will try to establish a connection to the IP 208.109.205.211. This is not in his local network, so it will need to send in to his default gateway. This by definition is the near-interface of the closest router, Router A. 1. Packet architecture In simple terms, a TCP/IP packet looks like this when it leaves a computer: [Frame Header][Network Header][DATA (in segments)][Network Trailer][Frame Trailer] - The Frame Header contains the source and destination MAC address of the transmission - The Network Header contains the source and destination IP addresses of the transmission - Data is segmented for flow control and error recovery - The Network Trailer contains a CRC value for data integrity check - The Frame Trailer contains a code that marks the ending of the package When our packet leaves the PC, it will have the following IDs: Source MAC - 11-11-11-11-11-11 Destination MAC - 22-22-22-22-22-22 Source IP: 10.0.0.5 Destination IP: 208.109.205.211 2. Switching To reach the device that acts like a gateway (Router A), any network packet must cross first the LAN switch that makes the communication possible in this network domain. A switch or a bridge typically works at layer 2 in the OSI model, meaning that it can't read all the data in a package. It uses MAC addresses to forward the packets across the network. A switch has it's own switching table that maps ports to MAC addresses. Let's assume that our LAN Switch was just plugged in at it's switching table is empty. Now let's consider that PC1 is connected to Port 1 and Router A to port 10. The packet arrives from the host the the router, with a source MAC address of 11-11-11-11-11-11. The switch read this and maps port 1 as being connected to 11-11-11-11-11-11. The switching table looks like this now: Port MAC ---------------------- 01 11-11-11-11-11-11 The switch now reads the destination MAC address. Since it doesn't have it in it's own database and can't make a switching decision, it will act like a hub and flood the packet to all active ports except the one it has arrived. PC2 will get the packet too but will drop it since it has a different MAC address than the destination's. The gateway will receive the packet and will reply to it. The switch will see the reply and build furthermore it's switching table Port MAC ---------------------- 01 11-11-11-11-11-11 10 22-22-22-22-22-22 Any communication between PC1 and RouterA will be switched properly and PC2 will not recieve any undesired traffic. Switches flood ports with the packets (except the source port) in the example above (when the destination port is not known) or when it receives a frame broadcast (to the MAC address of FF-FF-FF-FF-FF-FF). 3. Routing Router A will receive the packet sent by the host. Routers operate at layer 3 (Network) of the OSI model. This means that it uses IP addresses in order to take proper routing decisions. The source IP address of our communication is 10.0.0.5 and the destination IP address is 208.109.205.211. After reading this data, a router consults it's routing table. This tells the device where to send data in order to be properly received. For a better understanding, see the example bellow. Router 1 receives a packet destined for network 100.100.20.0. It looks it it's routing table and sees the following information (simplified) [Router 1] Network Next Hop ------------------------- 100.100.20.0 Router 4 100.100.10.0 Router 2 100.12.100.0 Router 4 100.8.11.0 Router 3 Based on this, he will send the data to Router 4. When router 4 receives it, it sees the destination network of 100.100.20.0 and look's in it's routing table: [Router 4] Network Next Hop ------------------------- 100.12.100.0 Directly Connected 100.100.20.0 Router 5 100.100.10.0 Router 1 100.8.11.0 Router 1 It send it's data to Router 5. Router 5 sees in it's routing table that the destination network is directly connected and send the data on the proper interface. Routing tables are usually updated dynamically as networks go up or down. This is achieved by using routing protocols to automatically exchange data between devices (like routing updates: "I know a route to network X, send data to me if needed" or "My link to network X just went down"). A good example of this is the Open Shortest Path First (OSPF) algorithm which is non-proprietary. Back to our network map, Router A send the packet to Router B after consulting it's routing tables. Since the packet was sent by 10.0.0.5 and this is a private address, it will not be routed over the Internet (International standards). Instead, a Network Address Translation service (NAT) will replace the network header's source address with router's, which is 89.160.60.12. When the packet arrives at the server side, the station will reply to this global address. Then Router A will translate the address all over again for the local host. By doing this, an address like 10.0.0.5 can be used thousands of times since it's not showing on the Internet (see IP Addressing and Subnets or RFC 1918 for more information on IP addressing schemes). 4. Other equipments Besides layer 2 switches and layer 3 routers, other equipments can exist in a network too. Hubs and repeaters operate at layer 1 on the OSI model, which means that they only work with binaries (electrical signals). A hub doesn't process frames as a switch does and it floods all the ports (except source port) with any packet received. This is not a very bandwidth-friendly way to transfer data and has security implications as well. Layer 3 switches operate with IP addresses besides frames. This kind of switches are usually used in corporate networks or core telecommunications. They provide features like Virtual LANs, security and redundancy. Media Converters convert (as the name implies) the data medium used by the devices. The most common ones are Fiber-to-Copper, used to translate optical signals to electrical. These devices work too at Layer 1 on the OSI Model. ** The IP addresses and networks were randomly chosen Get started with AdSense guide This guide is written for the low/middle websites witch offer quality content and play by the rules. Many new website owners ask for gold tips on getting rich with AdSense, you will not find this here because there is no such thing as golden tips. What you will find here is a collection of tested tips from webmasters based on reality. Archivers Benchmark Here are some test results we've gathered from some archiving software benchmarks. The quantum processor The next generation of processors How to activate .NET framework (CLR) integration in SQL Server 2005 In this tutorial you will see how you can enable the CLR integration in SQL Server 2005. How to view the traffic statistics of hosts This tutorial will explain how to view traffic statistics over a specific IP in your network. Subscribe now via RSS feed and get all the new tutorials written by shahriar , August 06, 2007 Hi this was a great tutorial and many of my questions were answered. but i have a question. your example shows a connection from client to server. but what happens when a server wants to connect to a client? i mean the connection or querry is initiated from the server side. so then as far as the server side is concerned it only is aware of client side router 89.160.60.12 ip. But how is it possible to send data (initiate) from server side to not just this cilent side router but a specific PC which could be connected to the switch along with other PCs like your picture shown above. basically how will the server side access PC1 and not PC2. if you could help that would be good. thank you. written by Mihai Dobos , August 06, 2007 Hello The problem you are askin about represents the major disadvantage of NAT (network address translation). If you keep 10 hosts let's say inside a local network, using a private addressing scheme (like mentioned in RFC 1918), their presence won't be forwarded by the ISP. So technically, when a server can't connect to a local client of the router. This can be resolved in two ways and most of the routers (from basic home ones to core equipments) supports them: 1. DMZ (Demilitarized Zone) You can put a local client (10.0.0.1) in a DMZ, meaning that all traffic comming on the outbound interface of the router (89.16.0.1 let's say) will be forwarded to this host. You can "map" only one DMZ to a public IP address most of the times (unique private unique public). However, this is not very economically efficient in traffic management and has some security implications (you practically disable any firewall capabilities of the router to the host). 2. Port mapping This is the most common way to reach a local host from outside. You simple put a statement saying that all traffic comming to port 88 let's say on the outbound interface of the router it's forwarded to 10.0.0.1 on the same port. So you practically map a local service (FTP service, SSH server, etc) to a static port on the public address. The private address port number must be an unique combination usually (you cannot forward same port to two hosts). A port map table looks like this: 89.165.230.5: All traffic to port 80 -> 10.0.0.2 All traffic to port 21 -> 10.0.0.11 Best regards, Mihai D. Tutorial5.com written by farhanharon , September 19, 2007 elloo.... how are you today..... Do you need more help? Ask now! Comment Name Email Website   Add Comment Trackback(0) Comments (3)

Last Updated ( Tuesday, 24 July 2007 )