Trying to understand IP packet flow

networking router ip tcpip packet
5,261

Solution 1

Whew. This is a bit of a tricky one given your scenario.

First off, router 2 shouldn't share an interface with router 1 that is also on their client-side interfaces.

In your example, all 4 devices share the same LAN segment, which as an aside is in the non-routable (edit: across the "Internet") IP address range for the 192.168.x.y family.

A better way would be to think of it as follows:

Computer 1
IP: 192.168.1.100
Subnet: 255.255.255.0
Default Gateway: 192.168.1.1
MAC: 03:00:00:00:00:11

Router 1
IP: 192.168.1.1
Subnet: 255.255.255.0
MAC: 03:00:00:00:00:22
IP: 192.168.12.1
Subnet: 255.255.255.0
MAC: 03:00:00:00:00:33

Router 2
IP: 192.168.12.2
Subnet: 255.255.255.0
MAC: 03:00:00:00:00:44
IP: 192.168.2.1
Subnet: 255.255.255.0
MAC: 03:00:00:00:00:55

Computer 2
IP: 192.168.2.200
Subnet: 255.255.255.0
Default Gateway: 192.168.2.1
MAC: 03:00:00:00:00:66

Ignore the fact that the MAC's lead with a 03 hex character, that's just for correctness for the network snobs out there. [EDIT] I had to amend it to 0x03 for it to be both locally assigned and globally unique.

So what is happening here is: There's a cable from Computer 1 plugged into Router 1. These two share the 192.168.1.x network. There's a cable from Router 1 to Router 2. These share the 192.168.12.x network. There's a cable from Router 2 to Computer 2. These share the 192.168.2.x network.

In your original write-up, all 4 devices would have had to be connected to the same switch in order for it to even work... and in such a case Computer 1 would've talked directly to Computer 2. Note: for you network wizards out there I know you can do static routing to force the original network configuration to work, but that isn't what this User is asking about....

Now on to your specific question.

You are half correct. The MAC address that Computer 2 see's is that of Router 2. In my example that would be MAC 03:00:00:00:00:55. However, the IP address it see's is of Computer 1. That is how Computer 2 can respond back to Computer 1. IP addresses are, theoretically, "universally unique."

The way networks work, given your level of intent of knowledge, is that layer 2 (datalink / MAC-layer - in an all Ethernet/IPv4 environment) addresses change PER HOP. PER HOP is defined as 'transiting any layer-3 processing device'. Router's and computers almost always process layer 3. Switches can process layer 3 but they tend to leave it alone.

So as a message goes from Computer 1 to Computer 2 the flow looks like:

AT HOP 1 - Between Computer 1 and Router 1

SourceIP: 192.168.1.100 (Computer 1)
SourceMAC: 03:00:00:00:00:11 (Computer 1)
DestIP: 192.168.2.200 (Computer 2)
DestMAC: 03:00:00:00:00:22 (Router 1 - Interface facing Computer 1)

AT HOP 2 - Between the routers

SourceIP: 192.168.1.100 (Computer 1)
SourceMAC: 03:00:00:00:00:33 (Router 1 - Interface facing Router 2)
DestIP: 192.168.2.200 (Computer 2)
DestMAC: 03:00:00:00:00:44 (Router 2 - Interface facing Router 1)

AT HOP 3 - Between Router 2 and Computer 2

SourceIP: 192.168.1.100 (Computer 1)
SourceMAC: 03:00:00:00:00:55 (Router 2 - Interface facing Computer 2)
DestIP: 192.168.2.200 (Computer 2)
DestMAC: 03:00:00:00:00:66 (Computer 2)

So you see, the IP address layer (layer 3) addresses stay the same across the entire communication, but the datalink layer (layer 2) addresses change each time another device that processes a layer3 address is involved.

I hope this helps. If it's still confusing feel free to message back and I'll try to explain the specific subset that you're finding challenging.

Solution 2

Your example is flawed. (I saw you edit it, it's still flawed.)

In your example, Router 1 and 2 are on the same subnet (i.e. they have the same subnet mask). So Computer 1 is NOT going to send anything out of the default gateway, it is simply going to throw the packet out of the NIC and expect that a switch or the medium will get it to Computer 2.

Now, if you change Router 2 and Computer 2 to this:

Router 2
IP: 192.168.2.2

and

Computer 2
IP: 192.168.2.12

[edit by nick shown in bold] then Router 2 and Computer 2 will be on (their own separate subnet, NOT:) separate subnets, and the example will begin to make more sense.

However, and since you didn't provide a diagram I'm assuming here, that you want traffic to move this way:

Computer 1 <-> Router 1 <-> Router 2 <-> Computer 2

Router 1 and Router 2 cannot be on the same subnet for this to work. There will actually be a third network between them whereby they trade traffic. (It's also a little weird for a default route to refer to a private network, typically it means "Internet", but certainly possible.)

Here's what I'm surmising you are trying to do, I apologize for the crudeness of the pic: enter image description here

MAC addresses do not propagate beyond routers. Computer 1 wants to send a packet to Computer 2. Computer 2 is not on the same subnet, so computer 1 sends it to the default gateway.

This ends up being a frame sent from Computer 1's MAC to Router 1's MAC.

Routers forward packets, and forwarding means copying out of a different interface. So Router 1 will see that the destination of the packet it got from Computer 1 is destined for Computer 2. (It would have had to be programmed with a static route or use a protocol like RIP/OSPF to know that in a situation like this.)

So then the IP packet now has a source MAC of Router 1's second NIC and a destination MAC of Router 2's first NIC. And so on until it gets to Computer 2.

Share:
5,261

Related videos on Youtube

Joey
Author by

Joey

Updated on September 18, 2022

Comments

  • Joey
    Joey over 1 year

    So I'm having trouble understanding how packets travel from one machine to another. Below I've put in an example of Computer 1 trying to connect to Computer 2.

    Computer 1  
IP: 192.168.1.11  
Subnet: 255.255.255.0  
Default Gateway: 192.168.1.1  
MAC: 00:00:00:00:00:aa

    Router 1  
IP: 192.168.1.1  
Subnet: 255.255.255.0  
MAC: 00:00:00:00:00:bb  

    Router 2  
IP: 192.168.2.1  
Subnet: 255.255.255.0  
MAC: 00:00:00:00:00:cc  

    Computer 2   
IP: 192.168.2.1  
Subnet: 255.255.255.0  
Default Gateway: 192.168.2.12  
MAC: 00:00:00:00:00:dd

    If I connected from Computer 1 to Computer 2 and followed the flow of a packet I believe that the source address from what the information leaves router 2 would be 192.168.1.2 and the source MAC address would be 00:00:00:00:00:cc. From my understanding the destination stays the same but the source will update as it goes through its path. Is this correct or is their something I'm missing?

    • Joey
      Joey almost 10 years
      I made an edit to the addresses. I meant to set router 2 to 192.168.2.1 so the default Gateway of Computer 2 was 192.168.2.1.
  • barlop
    barlop almost 10 years
    i'm a little rusty.. but giving your post a quick read You write "Now, if you change Router 2 and Computer 2 to this: Router 2 IP: 192.168.2.2 Computer 2 IP: 192.168.2.12 then Router 2 and Computer 2 will be on separate subnets" <-- What? A)I'm not clear what a router on a subnet means 'cos a router has one IP/interface on 1 subnet and another IP/interface on another subnet B)the two IPs you gave in that quote have a mask of 255.255.255.0 in which case they'd be on the same subnet of 192.168.0.0/24 but you said "then Router 2 and Computer 2 will be on separate subnets" ur pic looks good tho
  • LawrenceC
    LawrenceC almost 10 years
    A router by definition will have 2 interfaces on 2 separate subnets, if it doesn't, it's not a router and can't route.
  • barlop
    barlop almost 10 years
    U wrote in comment "A router by definition will have 2 interfaces on 2 separate subnets, if it doesn't, it's not a router and can't route."I don't deny that.I even said it but Forget 'A' though as I see what is meant by router on a subnet (or subnet on a router). Though A router is on 2+ subnets and 2+ subnets are on a router. I still find part of what you wrote in your post rather strange. You seemed to give two IPs on the same subnet and say they were in different subnets.
  • LawrenceC
    LawrenceC almost 10 years
    [ Router 1 + Computer 1 ] is on one subnet (192.168.1.0/24 in the example), and [ Router 2 + Computer 2 ] is on a second subnet (192.168.2.0/24), is what I meant.
  • Joey
    Joey almost 10 years
    Thanks for your help Nick. So from your example I'm taking it as the Source address will always stay the same but the source MAC will change at each hop. This was something I've been trying to wrap my head around and I think this was exactly what I needed.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Overlapping address error in Packet Tracer-Possible subnet error
TCP\IP Packet Signature - how to identify such data packets?
How can I find the IP address of my router?
Install Network Printer Manually (Router : TP-Link TL-WR842ND)
How to change the default TTL of TCP/IP packets?
How to ssh into a server running on a home network, behind a router?
How to show (just) the IP address of my router?
ASUS router EA-N66R has different subnet mask than laptop
How to build a gateway from my Linux OS
Public IP for my PC through XFINITY gateway router/modem