Skip to content

Host to Host through a Router

    Host to Host through a Router

    This article is a part of a series on Packet Traveling — everything that happens in order to get a packet from here to there. Use the navigation boxes to view the rest of the articles.


    Packet Traveling

    We’ve looked at what it takes for two hosts directly connected to each other to communicate. And we’ve looked at what it takes for a host to speak to another host through a switch. Now we add another network device as we look at what it takes for traffic to pass from host to host through a Router.

    This article will be the practical application of everything that was discussed when we looked at a Router as a key player in Packet Traveling. It might be worth reviewing that section before proceeding.

    We will start by looking at the two major Router Functions, then see them in action as we look at Router Operation.

    To discuss our way through these concepts, we will use the following image. We will focus on R1, and what is required for it to forward packets from Host A, to Host B and Host C.

    Router Operation

    For simplicity, the MAC addresses of each NIC will be abbreviated to just four hex digits.

    Router Functions

    Earlier we mentioned that a Router’s primary purpose is to facilitate communication between networks. As such, every router creates a boundary between two networks, and their main role is to forward packets from one network to the next.

    Notice in the image above, we have R1 creating a boundary between the 11.11.11.x network and the 22.22.22.x network. And we have R2 creating a boundary between the 22.22.22.x and 33.33.33.x networks. Both of the routers have an interface in the 22.22.22.x network.

    In order to forward packets between networks, a router must perform two functions: populate and maintain a Routing Table, and populate and maintain an ARP Table.

    Populating a Routing Table

    From the perspective of each Router, the Routing Table is the map of all networks in existence. The Routing Table starts empty, and is populated as the Router learns of new routes to each network.

    There are multiple ways a Router can learn the routes to each network. We will discuss two of them in this section.

    The simplest method is what is known as a Directly Connected route. Essentially, when a Router interface is configured with a particular IP address, the Router will know the Network to which it is directly attached.

    For example, in the image above, R1’s left interface is configured with the IP address This tells R1 the location of the 11.11.11.x network exists out its left interface. In the same way, R1 learns that the 22.22.22.x network is located on its right interface.

    Of course, a Router can not be directly connected to every network. Notice in the image above, R1 is not connected to 33.33.33.x, but it is very likely it might have to one day forward a packet to that network. Therefore, there must exist another way of learning networks, beyond simply what the router is directly connected to.

    That other way is known as a Static Route. A Static Route is a route which is manually configured by an administrator. It would be as if you explicitly told R1 that the 33.33.33.x network exists behind R2, and to get to it, R1 has to send packets to R2’s interface (configured with the IP address

    Router Operation - Routing TableIn the end, after R1 learned of the two Directly Connected routes, and after R1 was configured with the one Static Route, R1 would have a Routing Table that looked like this image.

    The Routing Table is populated with many Routes. Each Route contains a mapping of Networks to Interfaces or Next-Hop addresses.

    Every time a Router receives a packet, it will consult its Routing Table to determine how to forward the packet.

    Again, the Routing Table is a map of every network that exists (from the perspective of each router). If a router receives a packet destined to a network it does not have a route for, then as far as that router is concerned, that network must not exist. Therefore, a router will discard a packet if its destination is in a network not in the Routing Table.

    Finally, there is a third method for learning routes known as Dynamic Routing. This involves the routers detecting and speaking to one another automatically to inform each other of their known routes. There are various protocols that can be used for Dynamic Routing, each representing different strategies, but alas their intricacies fall outside the scope of this article series. They will undoubtedly become a subject for future articles.

    That said, the Routing Table will tell the router which IP address to forward the packet to next. But as we learned earlier, packet delivery is always the job of Layer 2. And in order for the Router to create the L2 Header which will get the packet to the next L3 address, the Router must maintain an ARP Table.

    Populating an ARP Table

    The Address Resolution Protocol (ARP) is the bridge between Layer 3 and Layer 2. When provided with an IP address, ARP resolves the correlating MAC address. Devices employ ARP to populate an ARP Table, or sometimes called an ARP Cache, which is a mapping of IP address to MAC addresses.

    A router will use its Routing Table to determine the next IP address which should receive a packet. If the Route indicates the destination exists on a directly connected network, then the “next IP address” is the Destination IP address of the packet – the final hop for that packet.

    Either way, the Router will use a L2 header as the vessel to deliver the packet to the correct NIC.

    Router Operation - ARP TableUnlike the Routing Table, the ARP Table is populated ‘as needed’. Which means in the image above, R1 will not initiate an ARP Request for Host B’s MAC address until it has a packet which must be delivered to Host B.

    But as we discussed before, an ARP Table is simply a mapping of IP addresses to MAC addresses. When R1’s ARP Table will be fully populated, it will look like this image.

    Once again, for simplicity, the images in this article are simply using four hex digits for the MAC addresses. In reality, a MAC address is 12 hex digits long. If its easier, you can simply repeat the four-digit hex MAC address three times, giving R2’s left interface a “real” MAC address of bb22.bb22.bb22.


    Router Operation

    With the understanding of how a Router populates its Routing Table and how a Router intends to populate its ARP Table, we can now look at how how these two tables are used practically for a Router to facilitate communication between networks.

    In R1’s Routing Table above, you can see there are two type of routes: some that point to an Interface, and some that point to a Next-Hop IP address. We’ll frame our discussion around a Router’s operation around these two possibilities.

    But first, we will discuss how Host A delivers the packet to its Default Gateway (R1). Then we will look at what R1 does with a packet sent from Host A to Host B, and then another packet that was sent from Host A to Host C.


    Host A getting the Packet to R1

    Router Operation - Host to First HopIn both cases, Host A is communicating with two hosts on foreign networks. Therefore, Host A will need to get either packet to its default gateway — R1.

    Host A will create the L3 header with a Source IP address of, and a Destination IP address of (for Host B) or (for Host C). This L3 header will serve the purpose of getting the data from ‘end to end’.

    But that L3 header won’t be enough to deliver the packet to R1. Something else will have to be used.

    Host A will then encapsulate the L3 header in a L2 header which will include a Source MAC address of and a Destination MAC address of aa11.aa11.aa11 — the MAC address which identifies R1’s NIC. This L2 header will serve the purpose of delivering the packet across the first hop.

    Host A will have already been configured with its Default Gateway’s IP address, and hopefully Host A will have already communicated with foreign hosts. As such, Host A more than likely already had an ARP Table entry with R1’s MAC address. Conversely, if this was Host A’s first communication with a foreign host, forming the L2 header would have been preceded with an ARP Request to discover R1’s MAC address.

    At this point, R1 will have the packet. The Destination IP address of the packet will either be for the communication sent to Host B, or for the communication sent to Host C. Both of those destinations exist in R1’s Routing Table — the difference is one Route points to an Interface and the other Route points to a Next-Hop IP.

    Routes pointing to an Interface

    A Route in a Routing Table that points to an Interface was typically learned because the Router was Directly Connected to the network. If a packet’s Destination IP address is in a network which is directly connected to the router, the Router knows they are responsible for delivering the packet to its final hop.

    The process is similar to what has been discussed before. The Router uses the L3 header information to determine where to send the packet next, then creates a L2 header to get it there. In this case, the next (and final) hop this packet must take is to the NIC on Host B.

    Router Operation - Local Delivery

    The L3 header will remain unchanged — it is identical to the L3 header created by Host A.

    What is different, is the L2 header. Notice the Source MAC address is bb11.bb11.bb11 — R1’s right interface MAC address. The old L2 header which Host A had created to get the packet to R1 was stripped off, and a new L2 header was generated (by R1) to deliver it to the next NIC.

    The Destination MAC address is, of course, bbbb.bbbb.bbbb — the MAC address for Host B.


    Routes pointing to a Next-Hop address

    For the packet from Host A sent to Host C, the Destination IP address will be When R1 consults its Routing Table, it will determine that the next-hop for the 33.33.33.x network exists at the IP address — R2’s left interface IP address.

    Effectively, this tells R1 to use a L2 header which will get the packet to R2 in order to continue forwarding this packet along its way.

    Since the current “hop” is between R1 and R2, their MAC addresses will make up the Source and Destination MAC addresses:

    Router Operation - Foreign Delivery

    Again, the L3 header remains unchanged, it includes the same Source and Destination IP addresses initially set by Host A — these addresses represent the two “ends” of the communication. The L2 header, however, is completely regenerated at each hop.

    Should R1 not have R2’s MAC address, it would simply initiate an ARP Request for the IP address in the route: From then on, it will have no problems creating the proper L2 header which will get the packet from R1 to R2.

    As the process continues, R2 will finally receive the packet, and then be faced with the same situation that R1 was in for the example above — deliver the packet to its final hop.

    This process can be continued as needed. Had Host A been trying to speak to Host X which had 10 routers in the path, the process would have been identical. Each transit Router in the path would have a Route mapping Host X’s network to the next-hop IP in the path. Until the final router which would be directly connected to the network Host X resided in. And that final router would be responsible for delivering the packet to its final hop — Host X itself.


    Series Navigation

    Host to Host through a Switch >>Packet Traveling – Series Finale >>

    4.4 17 votes
    Article Rating
    Notify of

    Newest Most Voted
    Inline Feedbacks
    View all comments


    I am curious about the ARP request that Router 1 will have to send to Router 2 when host A is attempting to communicate with host C. We know that the source and destination IP addresses in the packet from Host A will never change during this whole process, but is Router 2’s address included in the actual ARP request from Router 1 to Router 2? I would assume so because all Router 1 knows at this point is the next hop address ( for the 33.33.33.x network. In other words, how does Router 2 know to respond to Router 1’s ARP?

    Nevermind, I just re-read the last section. It’s too early in the morning to be reading this stuff. Thanks for the good article.

    This comment is for the first paragraph within “Routes pointing to a Next-op Address”

    >>it will determine that the next-hope for the 33.33.33.x network exists at the IP address – R2’s left interface IP address.

    Should it be R2’s right interface IP address?

    Nice explanation sir.
    one question,
    whenever we(host/PC) are trying to communicate with switch or another computer, are they communicating with ARP or ICMP ?

    After reading the section on Routes pointing to a Next-Hop address, the diagram shows R1 having interfaces in two networks 11.11.11.x and 22.22.22.x. To get the packet to 33.33.33.x, R1 has to go through 22.22.22.x. In real life, does a router have interface in just two networks at a time? If not, if there are multiple how does the router know which route to pick to get the packet to the next hop?

    I am have a doubt related to ARP request . If Host A wants to send data to Host C , then I think since initially we only know source ( ) and destination IP address ( ) , so the Host A will put an ARP request for destination IP address . How does Host A comes to know about IP address of router R1 ? How does ARP request for IP address of router R1 becomes linked here ? What concept am I missing ? Please help .

    In the network with IP address 11.11.11.x there is no switch . If there is a switch and we want to send data to some local host on this network , will the switch prevent it from going to the router ? or if we want to send data to foreign network then will switch prevent it from going to the local hosts ?

    Hi Ed,

    In the routing table of R1, it had be statically configured that to access the 33.x.x.x network, it had to go through the 22.22.22.x network. In a typical home network, the default gateway would be configured to forward all packets to the ISP to access the internet, so my question is, how does the ISP know which hop to forward the packet to when we are trying to access a website? it is quite impractical for the ISP to be configured statically for every web site right? I think the answer lies somewhere in DNS, but im unsure how it works. could you please explain this to me? Thank you


    So what if you have two computers (or networks) each on a different subnet, connected to a switch, and a router with only one NIC, (such as a typical home router). How would you route between subnets?

    Can the default gateway address on a host be an address outside the subnet it’s part of? So that hosts on each subnet could all have the default gateway of the router? Would that work?


    I am going through the packet traversal articles (host – switch – host , host – host, host – router – host) written by you, can you please let me know if the below scenario is covered?

    Host1 Switch 1 Router Switch 2 Host 2


    Based on your image for R1’s Routing Table, I extended it a little, by daisy chaining the networks

    Method Network Interface/Next-Hop
    DC 11.11.11.x Left
    DC 22.22.22.x Right
    Static 33.33.33.x
    Static 44.44.44.x
    Static 55.55.55.x

    If I want to reach a host on network 55.55.55.x, is the above Routing Table for R1 correct?


    Were you refering to networks 33.33.33.x, 44.44.44.x, and 55.55.55.x connected directly to R2?

    Here is an image of networks I was refering to:

    So, on my image I want to reach Host E, it will have to go through R2, R3, R4, R5

    R1’s Routing Table
    Method Network Interface/Next-Hop
    DC 11.11.11.x Left
    DC 22.22.22.x Right
    Static 33.33.33.x
    Static 44.44.44.x
    Static 55.55.55.x

    Assuming dynamic routing isn’t being used, shouldn’t R1 have a mapping of how to get to R5 and everything in between, or does each router’s routing table contain their neighboring network in the table?


    The extra 33.33.33.x network was my mistake should be incremented to 44.44.44.x and with 44.44.44.x to 55.55.55.x and 55.55.55.x to 66.66.66.x

    I thought that if you want to go all the way to the destination, you have to list all the networks in between and which gateway to use in those networks in R1’s Routing Table.

    Instead all it needed was to list the gateway and the destination network. Doesn’t matter how many networks in between, the next routing table will handle it until and so on or gets dropped midway if network doesn’t exists.

    But, I get it now. 😀

    Always had issue understanding how packets get from one end to the other and everything in between, you explained it perfectly.

    Keep the series coming, can’t wait for more.


    thank you for this series it is truly great. I have one question though. In the above picture why does the router 1 and 2 have multiple MAC addresses. Almost like each port has its own Mac address. I know multiple MACs can be associated if there are multiple NICs in a device.

    Is that just a result of using multiple NICs, or is it required? Based on my understanding so far, if the left and right interfaces of R1 had the same MAC address, with different IPs in the 2 networks, it would work just fine. Is that correct, or am I just missing something? I don’t see the purpose/reason behind having multiple MAC addresses on a router.

    Dear Ed,

    I have same question. In case of L3 switch, not router, there is only one MAC address for each L3 switch. Please kindly clarify this case.

    thank you for this useful series .

    my question is : if there is a serial link between two routers how the packet travels ?

    Great article, well explained. Thanks for the series.

    Nice explanation ,, one doubt is from HostA(11.11.11.x) to ping HostB (22.22.22.x) do we need to configure default gateway or static route in Host A


    I have been scouring the web for detailed information about how a router “actually” does its job. Your description is the BEST that I have come across; it is accurate, detailed, and very accessible. Kudos for a great job.

    Great explanation .But I have doubt in Host A – B communication which is R1-ARP request process.
    As per scenario ,R1 will receive Data packet from Host A .while sending ARP request from R1 through SwY, ARP requests must contain source and destination MAC address ,what would be the destination MAC address of ARP requests to get the Host B Mac address.

    I really wondered what is the Default Gateway for PC-2 ? (R1) or . is Multiple Default Gateway valid?
    Thank you…

    I really wonder how the arp request would be like from R1 and R2 and if there are directly connected no switch is present between them.Thank you

    Let’s say there’s a fourth network and Host A needed to send data to Host D with an IP of 44.44.44.x. You mentioned that the L2 header of Host A would be stripped off and be replaced with a new L2 header because R1 is trying to get it to the next hop. Would the case then be the R1 L2 header would be stripped off and replaced with the R2 L2 header of cc22 in order to get it to the next hop of the theoretical R3 before reaching its final host? The destination MAC address would remain the same but the source would get changing until it reached the final destination?

    All I can say is “Amazing article” . Thank you !

    Hi Ed,
    Really Nice Article.
    I am very curious about one thing if you could help me that would be great.
    Let’s say we have a router in our home and multiple devices are connected to it like my laptop and my phone.
    My Public IP: IP)
    Routers IP:
    Laptop IP assigned by DHCP:
    Mobile’s IP:
    I am sending a request packet with some data to a server from my mobile. let’s say the destination address be
    So with the above explanation, I understood that my request will be sent to the destination using ARP and hopping through multiple routers.
    So my question is what would be the Source IP address for the packet and if it is one of the following this would be my subsequent questions:
    Case: 1-
    If the above is the source IP address, then how will the server send the response as it is a local address assigned to the mobile by the DHCP server, which would be ambiguous.
    Case: 2 –
    If the above is the IP address then how would we route the response to the mobile device as the packet would reach the router and thereafter how will we know which Local IP address or MAC Address we need to go to.

    Hi Ed,

    Very informative series. I was going to ask a question on the same topic. Glad that someone had already asked.
    I was going to ask if you can at the end of the article, probably, create a diagram including the NAT concept as well.
    This would help people understand the Source NAT (SNAT) that happens on a request packet’s way out and the Destination NAT (DNAT) that happens on a response’s way back in.
    Anyway, appreciate all the amazing information and the effort in creating these posts.

    Thank you again Ed. Appreciate the response.

    Hello… The series is really great and helped me understand almost everything that is there about packet travelling. But there is one particular doubt for which I could find an answer neither in the series nor in comments.

    If client A which is in Network A has a Private Address assigned to it by DHCP Server of Router A tries to connect with client B which is in Network B has a Private Address assigned to it by DHCP Server of Router B, I am assuming that Client A sends the packet to Router A with its Private IP address as Source IP Address and Router B’s Public IP Address as Destination IP Address. Then after the packet reaches Default Gateway which is Router A.

    Now the Router A changes the Source IP address to Router A’s Public IP Address and sends the Packet to Router B. Assuming this is the first time that Client A has tried to connect with Client B, the packet wouldn’t have Client B’s MAC Address. Now, how does Router B know that the packet was meant for Client B?

    I tried to be as articulate as possible with my doubt. Please rectify if there is a mistake in my understanding.

    Thank You in Advance!

    Suppose two hosts are in the same network (same switch), If Host A wants to send IP packet to Host B, does it send directly or the router is involved ?

    An unbelievable explanation. Thanks.