Practical Networking .net
post

Key Players

This article is a part of a series on Packet Traveling — everything that happens in order to get a packet from here to there. Use the navigation boxes to view the rest of the articles.

 

Packet Traveling

The Internet is a fascinating blend of many different elements that all work together to create a world wide network of networks which allow billions of different devices to communicate. In this article, we will look at some of the key players of the Internet and the role each fulfills in order to achieve network communication.

This list is far from exhaustive, but will cover the main “cast and crew” you will need to be familiar with in order to understand how a packet travels through the Internet.

 

Host

The term host is a generic term that implies any sort of end-device on the Internet. Any device which might be the original initiation of traffic or the final destination of traffic can be considered a host.

Key Players - Hosts: Client and ServerThe traditional example would be your computer or laptop. But in these modern times, there are so many more: mobile phones, smart TVs, smart watches, certain cars, and even some refrigerators!

Hosts run software and applications for the end user to interact with, and they also at some point need to put bits on a wire. As such, it is said that Hosts operate across all seven layers of the OSI model.

In typical internet communication or network traffic, the two hosts in communication are often labeled as the Client or the Server.

The Client is the entity initiating the request and is looking to acquire a piece of information or data or a service. While the Server is the entity receiving the request and has the information, data, or service that the Client wants.

It should be noted that these terms are relative to specific types of communication.

For example, when your laptop is browsing through a web page, your laptop is acting as the Client and the Web Server is acting as the Server. But when that same Web Server is then downloading software updates, it is now acting as a Client and communicating with an Update Server.

 

Network

A Network is simply two or more connected devices — typically grouped together by similar purposes or physical location. A network can take many different forms, for example:

  • A group of PCs in a classroom are all in the same physical space and would all belong to one network.
  • Any typical home network will include multiple laptops, mobile phones, or printers that are all tied to the same physical address. Therefore, all belonging to the same network.
  • A coffee shop which has WiFi will allow each of their customers to connect to the same WiFi Network.
  • A large company might use multiple networks, often separating them by job role. For instance, one network for all its accountants and another network for all its engineers.

Depending on the purpose of each network, the devices within them will then communicate with other devices in the same network or other devices in different networks.

Any time any of the Key Players discussed in this rest of this article series are connected to each other, you have a network. In fact, the whole Internet is nothing more than a series of Inter-connected networks.

 

Switch

A Switch is a network device whose primary purpose is to facilitate communication within networks.

Switches operate at Layer 2 of the OSI model, which means they only look into each data-gram up to the Layer 2 header. The Layer 2 header contains information that enables hop to hop delivery, such as the Source and Destination MAC address.

Key Players - Switch

A Switch operates by maintaining what is known as a MAC Address table. This is a table that maps MAC addresses of devices plugged into each switch port. A typical switch has many ports, from 24 to 48, up to 96, or more.

The MAC Address Table is populated by looking at the Source MAC address field of any received frames.

In order to forward the frame, the Switch will lookup the Destination MAC address in their MAC Address Table to determine what port to use.

If a Switch encounters a frame for which it does not know the location of the Destination MAC address, it simply duplicates and floods the frame out each switch port (except the port it was received on). This process will be examined more closely in another article in this series.

 

Router

A Router is a network device whose primary purpose is to facilitate communication between networks. Each interface on a router creates a network boundary.

Routers operate at Layer 3 of the OSI Model, which means they only look into each datagram up to the Layer 3 header. The Layer 3 header contains information that enables end to end delivery, such as the Source and Destination IP Address.

Key Players - Routers

In the image above, notice that the router on the left (R1) and the router on the right (R2) create three separate networks (11.11.11.x, 22.22.22.x, and 33.33.33.x). R1’s right interface and R2’s left interface are both on the same network.

The only way for the Client in the 11.11.11.x network to speak to the Server in the 33.33.33.x network is to forward the packet to R1, who will in turn forward the packet to R2, who will then finally forward the packet to the Server.

A Router accomplishes all this by maintaining what is known as a Routing Table. This is a table that contains paths to all the networks a Router knows how to reach. These paths are sometimes known as Routes, and each entry contains an IP Network and either an interface or the IP address of the next router in the path to the target.

There are multiple ways a Router can learn of a network and populate its Routing Table. We will look at some of those ways in a later article in this series.

Keep in mind, from the perspective of each router, the Route Table is a map of every network that exists. If a router receives a packet destined to a network it does not know about, then as far as that router is concerned, that network must not exist. Therefore, when a router receives a packet destined to a network which is not in its Routing Table, that packet is discarded.

 

Address Resolution Protocol (ARP)

Earlier we discussed that MAC addresses are a Layer 2 addressing scheme. We also discussed that IP addresses are a Layer 3 addressing scheme.

Key Players - ARP links L2 and L3What bridges these two addressing schemes is the Address Resolution Protocol (ARP).

Typically, when two hosts are communicating, they already know each other’s IP address. They can know each other’s IP address from a variety of methods: sometimes it is manually provided by a user, sometimes by another protocol (often DNS). But the actual method employed is irrelevant (at least to this article series).

However, what is definitely not known is their MAC addresses. The hosts will use ARP to discover the appropriate MAC address. To put it another way, ARP will use the known IP address, and discover the unknown MAC address. The discovered mapping is then added and stored in an ARP Table, which is a mapping of IP addresses to correlating MAC addresses.

We’ll describe how L2 and L3 are bridged together, and ARP’s role in the process using the following illustration:

Key Players - ARP targets

In the image above, there are three networks: the purple network, the gray network, and the red network. We’ll use this diagram to describe what happens when two hosts in the same network are communicating and when two hosts in different networks are communicating.

When the Client needs to speak to the Purple Server, it will know the Purple Server’s IP address, and from that it will be able to determine that the Purple Server exists in the local network. When a Client is attempting to speak to a host in the same network, the Client will issue an ARP request for the host’s IP address.

ARP will allow the Client to complete the Layer 2 header as follows:

Key Players - Packet destined to local destination

When the Client needs to speak to the Red Server, it will know the Red Server’s IP address, and from that it will know that the Red Server exists in a foreign network. As such, the packet must be delivered to the nearest router (otherwise known as the Default Gateway).

The Client ought to be already configured with a Default Gateway — which we can tell from the image will be the R1. When a Client is attempting to speak to a host in a foreign network, the Client will issue an ARP request for the Default Gateway’s IP address.

This will allow the Client to populate the Layer 3 and Layer 2 headers as follows:

Key Players - Packet destined to foreign destination
To summarize ARP’s operation:

  • When a Client is speaking to a host in the same network, it will ARP for the IP address of the host
  • When a Client is speaking to a host in a different network, it will ARP for the IP address of the Default Gateway

Remember, packet delivery is always the job of Layer 2, and Layer 2’s primary goal is getting a packet from hop to hop. Conversely, Layer 3, which is concerned with end to end delivery is unable to put a packet on a wire and send it to another host’s NIC. ARP’s role is to help the client create the proper L2 header, based on the L3 header, in order to get the packet from one hop to the next.

It should also be noted that any device that intends to forward a packet based upon the IP address (L3), must also have the ability to deliver the packet to the next hop (L2). As such, any device that uses IP addresses must also use ARP to deliver the packet using MAC addresses. Consequently, all Layer 3 devices must maintain an ARP Table.

 

Summary

This article and the previous covered a lot of ground on a variety of subjects that individually have entire books written about. This was intentionally done so that the next few articles in the series can bring everything together (and go a bit deeper than this article went). But it is crucial that all the tenants of these two articles be understood before moving forward.

In this article, we discussed the primary purposes of the different layers of the OSI model. Specifically:

  • OSI Layer 1 is the physical medium carrying the 1’s and 0’s across the wire
  • OSI Layer 2 is responsible for hop to hop delivery and uses MAC addresses
  • OSI Layer 3 is responsible for end to end delivery and uses IP Addresses
  • OSI Layer 4 is responsible for service to service delivery and uses Port Numbers

We also discussed some of the Key Players involved in moving a packet through the Internet:

  • Switches facilitate communications within networks and operate at Layer 2
  • Routers facilitate communication between networks and operate at Layer 3
  • ARP uses a known IP address to resolve an unknown MAC address

We also discussed three different tables that are use to store different mappings:

  • Switches use a MAC Address Table which is a mapping of Switchports to connected MAC addresses
  • Routers use a Routing Table which is a mapping of known Networks to interfaces or next-hop addresses
  • All L3 devices use an ARP Table which is a mapping of IP Addresses to MAC addresses

If any of the bullet points above don’t make complete sense, please consider re-reading this article or the one previous before continuing to the next article in this series.

Series Navigation<< OSI ModelHost to Host Communication >>
  • 3
    Shares

Comments

  1. hoang nguyen says:

    I am trying to understand layer 4.

    “OSI Layer 4 is responsible for service to service delivery and uses Port Numbers”.

    Scenario.
    Host A is using Telnet to access Host B on a local network.

    As I am going down the OSI model, the L4 Header has a Source Port and a Destination Port.

    The Source Port is provided by the Host A.

    Q1. Is Destination Port provided by Host A as well? If so, I am at a lost because I do not know the logic of the Destination Port being populated before the FRAM at L2 is sent.

    • > Q1. Is Destination Port provided by Host A as well? If so, I am at a lost because I do not know the logic of the Destination Port being populated before the FRAM at L2 is sent.

      The port numbers create a “socket” on the hosts from which to allow traffic in and out of a certain application. For example, if Host B is a web server, it would be listening on the standard web port of TCP/80. Anyone that wanted to make a request to the web service of Host B would send a request to Host B’s IP address on TCP/80 — which becomes the Destination port number.

      When Host A initiates the web request, it must pick a port# to use to receive what Host B sends. It picks this source port randomly, from the range 1025-65535. This number becomes the Source Port number.

      So to answer your question. Host A picks both ports, it selects the Source port randomly, and it selects the Destination port of TCP/80 because that is the service it is making a request to on Host B.

  2. Host, while sending a packet to the external network, the destination l2 Mac is default gateway. My question is, do we get l2 Mac because of proxy arp enabled or without proxy arp? If without proxy arp then why proxy arp? Without proxy arp enaled will we get the clients Mac address if source will do a arp query ?

    • Hi Dillip. In the case of a host knowing that the packet must go to the default gateway, the ARP Request and Response is simply a traditional ARP — Proxy ARP does not come into play.

      Proxy ARP occurs when a device responds to ARP on behalf of another device. To learn more about ARP and the different versions that exist and when each are used, check out the series on ARP here: pracnet.net/arp.

  3. “Routers operate at Layer 3 of the OSI Model, which means they only look into each datagram up to the Layer 3 header.”

    What does that mean? When and how does the router look into the ethernet header? Or is it meant the other way around, that it also looks at the TCP header? Which protocols does a router have to understand then?

  4. “Remember, packet delivery is always the job of Layer 2, and Layer 2’s primary goal is getting a packet from hop to hop. Conversely, Layer 3, which is concerned with end to end delivery is unable to put a packet on a wire and send it to another host’s NIC. ”

    Strictly speaking, layer 2 only delivery frames, and layer 3 delivery packets.

    • In the end it is just semantics. However, a packet is defined as a construct of an IP address and a Payload (i.e., a packet is [IP][PAYLOAD]. And the component that delivers such a construct is a L2 header. Hence, L2 is delivering the packet.

      L3 is responsible for getting the Payload from end to end. The payload L3 is responsible for delivering is the construct of a L4 Header and Data (i.e., a segment, which is [L4][DATA]).

  5. Arjunkrishna says:

    Consider Host A and Host B are connected in the same network through a switch.Host C is in different network. Both the networks are connect through a Router. Case 1: A wants to send something to B. So it know the ip address, but not the MAC address. So how does it talk to B to get its MAC address? It asks the Switch or Router directly? what will happen?
    Case 2: A wants to talk to C. So who will confirm that it belongs to a different network? how to get its MAC address?

    • Here is what I think it happens (please correct me if I am wrong) => The first thing a host must look for when sending data is the ‘final destination’ of these data, i.e., the IP address. We can say there are two options: first, final destination is IN the same network i.e., the dst host is ‘reachable’. Second, final destination is NOT in the same network, i.e., dst host is ‘unreachable’ but it knows the default gateway will take care of the routing to the final destination.
      In case 1, Host B is in the same network, this means, it is expected that Host B MAC address is anywhere in the LAN Host A and B belong to. How can Host A know Host B MAC address? ARP request. It will send an ARP request in a broadcast mode, and hopefully Host B will reply with its MAC address. Problem solved: now Host A knows what to put in L2 header as destination (MAC) address.

      In case 2 the process is exactly the same, except now it knows that, as Host C IP address is ‘unreachable’, it has to send the data to the default gateway. So it will proceed as before: ARP. What MAC address is Host A interested in? Default Gateway’s. So ARP to Default Gateways. This means that in this case Host A doesn’t care about Host C MAC address. L2 is aout next hop, and next hop is now the default gateway (or router). This gateway will know what is the next hop as will deliver the data according the routing table. In other words, L2 is about the near neightbourhood. And for something abroad, ask the default gateway 🙂

      HTH

  6. Mohammed says:

    Thank you for this amazing blog. Please keep writing.
    I really appreciate the way you explained the fundamentals of networking.

  7. *When a Client is speaking to a host in the same network, it will ARP for the IP address of the host*
    *When a Client is speaking to a host in a different network, it will ARP for the IP address of the Default Gateway*

    As this article said, “ARP will use the known IP address, and discover the unknown MAC address.”.
    Therefore, ARP is for the mac address, not ip address.

Speak Your Mind

*