Practical Networking .net
post

Host to Host through a Router

This article is a part of a series on Packet Traveling — everything that happens in order to get a packet from here to there. Use the navigation boxes to view the rest of the articles.

 

Packet Traveling

We’ve looked at what it takes for two hosts directly connected to each other to communicate. And we’ve looked at what it takes for a host to speak to another host through a switch. Now we add another network device as we look at what it takes for traffic to pass from host to host through a Router.

This article will be the practical application of everything that was discussed when we looked at a Router as a key player in Packet Traveling. It might be worth reviewing that section before proceeding.

We will start by looking at the two major Router Functions, then see them in action as we look at Router Operation.

To discuss our way through these concepts, we will use the following image. We will focus on R1, and what is required for it to forward packets from Host A, to Host B and Host C.

Router Operation

For simplicity, the MAC addresses of each NIC will be abbreviated to just four hex digits.

Router Functions

Earlier we mentioned that a Router’s primary purpose is to facilitate communication between networks. As such, every router creates a boundary between two networks, and their main role is to forward packets from one network to the next.

Notice in the image above, we have R1 creating a boundary between the 11.11.11.x network and the 22.22.22.x network. And we have R2 creating a boundary between the 22.22.22.x and 33.33.33.x networks. Both of the routers have an interface in the 22.22.22.x network.

In order to forward packets between networks, a router must perform two functions: populate and maintain a Routing Table, and populate and maintain an ARP Table.

Populating a Routing Table

From the perspective of each Router, the Routing Table is the map of all networks in existence. The Routing Table starts empty, and is populated as the Router learns of new routes to each network.

There are multiple ways a Router can learn the routes to each network. We will discuss two of them in this section.

The simplest method is what is known as a Directly Connected route. Essentially, when a Router interface is configured with a particular IP address, the Router will know the Network to which it is directly attached.

For example, in the image above, R1’s left interface is configured with the IP address 11.11.11.1. This tells R1 the location of the 11.11.11.x network exists out its left interface. In the same way, R1 learns that the 22.22.22.x network is located on its right interface.

Of course, a Router can not be directly connected to every network. Notice in the image above, R1 is not connected to 33.33.33.x, but it is very likely it might have to one day forward a packet to that network. Therefore, there must exist another way of learning networks, beyond simply what the router is directly connected to.

That other way is known as a Static Route. A Static Route is a route which is manually configured by an administrator. It would be as if you explicitly told R1 that the 33.33.33.x network exists behind R2, and to get to it, R1 has to send packets to R2’s interface (configured with the IP address 22.22.22.2).

Router Operation - Routing TableIn the end, after R1 learned of the two Directly Connected routes, and after R1 was configured with the one Static Route, R1 would have a Routing Table that looked like this image.

The Routing Table is populated with many Routes. Each Route contains a mapping of Networks to Interfaces or Next-Hop addresses.

Every time a Router receives a packet, it will consult its Routing Table to determine how to forward the packet.

Again, the Routing Table is a map of every network that exists (from the perspective of each router). If a router receives a packet destined to a network it does not have a route for, then as far as that router is concerned, that network must not exist. Therefore, a router will discard a packet if its destination is in a network not in the Routing Table.

Finally, there is a third method for learning routes known as Dynamic Routing. This involves the routers detecting and speaking to one another automatically to inform each other of their known routes. There are various protocols that can be used for Dynamic Routing, each representing different strategies, but alas their intricacies fall outside the scope of this article series. They will undoubtedly become a subject for future articles.

That said, the Routing Table will tell the router which IP address to forward the packet to next. But as we learned earlier, packet delivery is always the job of Layer 2. And in order for the Router to create the L2 Header which will get the packet to the next L3 address, the Router must maintain an ARP Table.

Populating an ARP Table

The Address Resolution Protocol (ARP) is the bridge between Layer 3 and Layer 2. When provided with an IP address, ARP resolves the correlating MAC address. Devices employ ARP to populate an ARP Table, or sometimes called an ARP Cache, which is a mapping of IP address to MAC addresses.

A router will use its Routing Table to determine the next IP address which should receive a packet. If the Route indicates the destination exists on a directly connected network, then the “next IP address” is the Destination IP address of the packet – the final hop for that packet.

Either way, the Router will use a L2 header as the vessel to deliver the packet to the correct NIC.

Router Operation - ARP TableUnlike the Routing Table, the ARP Table is populated ‘as needed’. Which means in the image above, R1 will not initiate an ARP Request for Host B’s MAC address until it has a packet which must be delivered to Host B.

But as we discussed before, an ARP Table is simply a mapping of IP addresses to MAC addresses. When R1’s ARP Table will be fully populated, it will look like this image.

Once again, for simplicity, the images in this article are simply using four hex digits for the MAC addresses. In reality, a MAC address is 12 hex digits long. If its easier, you can simply repeat the four-digit hex MAC address three times, giving R2’s left interface a “real” MAC address of bb22.bb22.bb22.

 

Router Operation

With the understanding of how a Router populates its Routing Table and how a Router intends to populate its ARP Table, we can now look at how how these two tables are used practically for a Router to facilitate communication between networks.

In R1’s Routing Table above, you can see there are two type of routes: some that point to an Interface, and some that point to a Next-Hop IP address. We’ll frame our discussion around a Router’s operation around these two possibilities.

But first, we will discuss how Host A delivers the packet to its Default Gateway (R1). Then we will look at what R1 does with a packet sent from Host A to Host B, and then another packet that was sent from Host A to Host C.

 

Host A getting the Packet to R1

Router Operation - Host to First HopIn both cases, Host A is communicating with two hosts on foreign networks. Therefore, Host A will need to get either packet to its default gateway — R1.

Host A will create the L3 header with a Source IP address of 11.11.11.77, and a Destination IP address of 22.22.22.88 (for Host B) or 33.33.33.99 (for Host C). This L3 header will serve the purpose of getting the data from ‘end to end’.

But that L3 header won’t be enough to deliver the packet to R1. Something else will have to be used.

Host A will then encapsulate the L3 header in a L2 header which will include a Source MAC address of aaaa.aaa.aaaa and a Destination MAC address of aa11.aa11.aa11 — the MAC address which identifies R1’s NIC. This L2 header will serve the purpose of delivering the packet across the first hop.

Host A will have already been configured with its Default Gateway’s IP address, and hopefully Host A will have already communicated with foreign hosts. As such, Host A more than likely already had an ARP Table entry with R1’s MAC address. Conversely, if this was Host A’s first communication with a foreign host, forming the L2 header would have been preceded with an ARP Request to discover R1’s MAC address.

At this point, R1 will have the packet. The Destination IP address of the packet will either be 22.22.22.88 for the communication sent to Host B, or 33.33.33.99 for the communication sent to Host C. Both of those destinations exist in R1’s Routing Table — the difference is one Route points to an Interface and the other Route points to a Next-Hop IP.

Routes pointing to an Interface

A Route in a Routing Table that points to an Interface was typically learned because the Router was Directly Connected to the network. If a packet’s Destination IP address is in a network which is directly connected to the router, the Router knows they are responsible for delivering the packet to its final hop.

The process is similar to what has been discussed before. The Router uses the L3 header information to determine where to send the packet next, then creates a L2 header to get it there. In this case, the next (and final) hop this packet must take is to the NIC on Host B.

Router Operation - Local Delivery

The L3 header will remain unchanged — it is identical to the L3 header created by Host A.

What is different, is the L2 header. Notice the Source MAC address is bb11.bb11.bb11 — R1’s right interface MAC address. The old L2 header which Host A had created to get the packet to R1 was stripped off, and a new L2 header was generated (by R1) to deliver it to the next NIC.

The Destination MAC address is, of course, bbbb.bbbb.bbbb — the MAC address for Host B.

 

Routes pointing to a Next-Hop address

For the packet from Host A sent to Host C, the Destination IP address will be 33.33.33.99. When R1 consults its Routing Table, it will determine that the next-hop for the 33.33.33.x network exists at the IP address 22.22.22.2 — R2’s left interface IP address.

Effectively, this tells R1 to use a L2 header which will get the packet to R2 in order to continue forwarding this packet along its way.

Since the current “hop” is between R1 and R2, their MAC addresses will make up the Source and Destination MAC addresses:

Router Operation - Foreign Delivery

Again, the L3 header remains unchanged, it includes the same Source and Destination IP addresses initially set by Host A — these addresses represent the two “ends” of the communication. The L2 header, however, is completely regenerated at each hop.

Should R1 not have R2’s MAC address, it would simply initiate an ARP Request for the IP address in the route: 22.22.22.2. From then on, it will have no problems creating the proper L2 header which will get the packet from R1 to R2.

As the process continues, R2 will finally receive the packet, and then be faced with the same situation that R1 was in for the example above — deliver the packet to its final hop.

This process can be continued as needed. Had Host A been trying to speak to Host X which had 10 routers in the path, the process would have been identical. Each transit Router in the path would have a Route mapping Host X’s network to the next-hop IP in the path. Until the final router which would be directly connected to the network Host X resided in. And that final router would be responsible for delivering the packet to its final hop — Host X itself.

 

Series Navigation<< Host to Host through a SwitchPacket Traveling – Series Finale >>
  • 3
    Shares

Comments

  1. Ed,

    I am curious about the ARP request that Router 1 will have to send to Router 2 when host A is attempting to communicate with host C. We know that the source and destination IP addresses in the packet from Host A will never change during this whole process, but is Router 2’s 22.22.22.2 address included in the actual ARP request from Router 1 to Router 2? I would assume so because all Router 1 knows at this point is the next hop address (22.22.22.2) for the 33.33.33.x network. In other words, how does Router 2 know to respond to Router 1’s ARP?

    • Nevermind, I just re-read the last section. It’s too early in the morning to be reading this stuff. Thanks for the good article.

      • Hi Adam, glad it made sense after a re-read. You are absolutely right in both your claims. The ARP from R1 for a packet destined to HostC will be for the IP address 22.22.22.2, R2’s interface IP. In addition, R1 will indeed only know the next-hop address — it will know nothing of the MAC addresses in the 33.33.33.x network. The process will be revisited in the next article in the series (the finale). Hope it helps!

  2. hoang nguyen says:

    This comment is for the first paragraph within “Routes pointing to a Next-op Address”

    >>it will determine that the next-hope for the 33.33.33.x network exists at the IP address 22.22.22.2 – R2’s left interface IP address.

    Should it be R2’s right interface IP address?

    • R2’s left interface is on the network that R1 is connected to. So for R1 to get a packet to R2, it will use the closest interface it has access to. R2 will then use its right interface to deliver the packet to Host C, much like R1 used its right interface to deliver the packet to Host B in the example before.

  3. Rohit Kamble says:

    Nice explanation sir.
    one question,
    whenever we(host/PC) are trying to communicate with switch or another computer, are they communicating with ARP or ICMP ?

  4. Shantanu Jha says:

    After reading the section on Routes pointing to a Next-Hop address, the diagram shows R1 having interfaces in two networks 11.11.11.x and 22.22.22.x. To get the packet to 33.33.33.x, R1 has to go through 22.22.22.x. In real life, does a router have interface in just two networks at a time? If not, if there are multiple how does the router know which route to pick to get the packet to the next hop?
    Thanks!

    • Hi Shantanu,

      Good question. In real life, routers typically have many interfaces. Each interface (when configured with an IP address) will also create an entry in the Route Table identifying the directly connected network. This section explains it in more details.

      The Static route we added to R1 to tell R1 to use 22.22.22.2 to get to 33.33.33.x is also how the Router knows to use the “right” interface to send packets to 33.33.33.x. Namely, since the Router knows that 22.22.22.x exists out the right interface.

      It would work the same way had there been multiple interfaces on the Router. The Static route would tell the Router which “next-hop” IP address to forward the packet to. And the Route Table would tell the Router which interface to use to get to the “next-hop” IP address.

      Hope this helps.

  5. I am have a doubt related to ARP request . If Host A wants to send data to Host C , then I think since initially we only know source ( 11.11.11.77 ) and destination IP address ( 33.33.33.99 ) , so the Host A will put an ARP request for destination IP address . How does Host A comes to know about IP address of router R1 ? How does ARP request for IP address of router R1 becomes linked here ? What concept am I missing ? Please help .

    • Hi Shikhar, great timing. I literally just (an hour go) published a video on Youtube that will answer your question. Check that out.

      Otherwies, the simple answer is Host A is configured with a Default Gateway, which would be R1’s IP address. So when Host A determins it needs to speak to Host C (on a foreign network), it knows it needs to send the packet to the Default Gateway.

      Hope this helps.

  6. In the network with IP address 11.11.11.x there is no switch . If there is a switch and we want to send data to some local host on this network , will the switch prevent it from going to the router ? or if we want to send data to foreign network then will switch prevent it from going to the local hosts ?

    • Hi again Shikhar,

      There is no switch in the image. But the orange line could represent any number of switches and the effect would be the same. Remember, what determines whether the frame is sent to the router or not is the host itself, any switches in the path would have no effect on it.

      A switch would simply forward or flood the request based upon that switch’s MAC address table. It would not “choose” or “prevent” it from going anywhere. Take a look at the articles that outline how a single switch functions, or how multiple switches function.

  7. Hi Ed,

    In the routing table of R1, it had be statically configured that to access the 33.x.x.x network, it had to go through the 22.22.22.x network. In a typical home network, the default gateway would be configured to forward all packets to the ISP to access the internet, so my question is, how does the ISP know which hop to forward the packet to when we are trying to access a website? it is quite impractical for the ISP to be configured statically for every web site right? I think the answer lies somewhere in DNS, but im unsure how it works. could you please explain this to me? Thank you

    Regards
    Waseem

    • Hi Waseem,

      Good question. You’ve correctly determined that simply using Static routes across the internet is not practical.

      Instead, there is another way for Router’s to learn of foreign networks using what is known as Dynamic Routing protocols. These types of protocols enable Routers to automatically speak to each other and share the networks they know how to reach.

      Across the Internet, the primary Dynamic Routing protocol used is BGP. Within networks, the primary Routing Protocols used are OSPF, ISIS, and to some measure EIGRP.

      Each different Dynamic Routing protocols has different strategies for how it finds other routers and shares networks. The inner workings of each will undoubtedly become subjects for future articles. Hope this helps.

  8. So what if you have two computers (or networks) each on a different subnet, connected to a switch, and a router with only one NIC, (such as a typical home router). How would you route between subnets?

    Can the default gateway address on a host be an address outside the subnet it’s part of? So that hosts on each subnet could all have the default gateway of the router? Would that work?

    • Hi Brian,

      At that point you would be using VLANs on the switch to “split” the switch up into multiple IP networks.

      The Router would still be used to Route between the VLANs. The example you brought up (Router with one link to the swithc) would use the concept of Subinterfaces on the Router.

      Otherwise, no, the Default Gateway address would have to be on the subnet the host is a part of. With Subinterfaces you would essentially create two separate logical interfaces (one a single physical interface) — allowing each host to have a default gateway IP address in their own local network.

      Hope this helps.

  9. Hi,

    I am going through the packet traversal articles (host – switch – host , host – host, host – router – host) written by you, can you please let me know if the below scenario is covered?

    Host1 Switch 1 Router Switch 2 Host 2

  10. Hi,

    Based on your image for R1’s Routing Table, I extended it a little, by daisy chaining the networks

    Method Network Interface/Next-Hop
    DC 11.11.11.x Left
    DC 22.22.22.x Right
    Static 33.33.33.x 22.22.22.2
    Static 44.44.44.x 33.33.33.3
    Static 55.55.55.x 44.44.44.4

    If I want to reach a host on network 55.55.55.x, is the above Routing Table for R1 correct?

    Thanks

    • Hi Yui,

      Do you mean the 33.33.33.x, 44.44.44.x, and 55.55.55.x network exists off to the right of R2 somewhere, behind their own Routers?

      If so, then you are almost. The only difference would be the next-hop address. It should be the IP address of the immediate, next router in the path — i.e., they would all point to 22.22.22.2 (R2).

      • Were you refering to networks 33.33.33.x, 44.44.44.x, and 55.55.55.x connected directly to R2?

        Here is an image of networks I was refering to: https://imgur.com/phUBMuo

        So, on my image I want to reach Host E, it will have to go through R2, R3, R4, R5

        R1’s Routing Table
        Method Network Interface/Next-Hop
        DC 11.11.11.x Left
        DC 22.22.22.x Right
        Static 33.33.33.x 22.22.22.2
        Static 44.44.44.x 33.33.33.3
        Static 55.55.55.x 44.44.44.4

        Assuming dynamic routing isn’t being used, shouldn’t R1 have a mapping of how to get to R5 and everything in between, or does each router’s routing table contain their neighboring network in the table?

        Thanks

        • Thanks for the picture. Yes, that is what I meant. (Except, you have two instances of 33.33.33.x network)

          The mapping in the Routing table is only to the directly attached neighbor. So the Routing table for R1 in your image would look like this:

          R1’s Routing Table
          Method Network Interface/Next-Hop
          DC 11.11.11.x Left
          DC 22.22.22.x Right
          Static 33.33.33.x 22.22.22.2
          Static 44.44.44.x 22.22.22.2
          Static 55.55.55.x 22.22.22.2

          The route table for R2 would be:
          DC 22.22.22.x Left
          DC 33.33.33.x Right
          Static 11.11.11.x 22.22.22.1
          Static 44.44.44.x 33.33.33.3 (R3’s IP in your image)
          Static 55.55.55.x 33.33.33.3 (R3’s IP in your image)

          Notice, the Static routes point to an IP address in one of the Directly Connected networks.

          • The extra 33.33.33.x network was my mistake should be incremented to 44.44.44.x and with 44.44.44.x to 55.55.55.x and 55.55.55.x to 66.66.66.x

            I thought that if you want to go all the way to the destination, you have to list all the networks in between and which gateway to use in those networks in R1’s Routing Table.

            Instead all it needed was to list the gateway and the destination network. Doesn’t matter how many networks in between, the next routing table will handle it until and so on or gets dropped midway if network doesn’t exists.

            But, I get it now. 😀

            Always had issue understanding how packets get from one end to the other and everything in between, you explained it perfectly.

            Keep the series coming, can’t wait for more.

            Thanks,
            Yui

  11. thank you for this series it is truly great. I have one question though. In the above picture why does the router 1 and 2 have multiple MAC addresses. Almost like each port has its own Mac address. I know multiple MACs can be associated if there are multiple NICs in a device.

    • The MAC address is an address which uniquely identifies a specific NIC. If a Router has two NICs, each will have their own MAC address.

      On a Server, if you have multiple NICs and you are combining them for the sake of redundancy, then you can associate one MAC to both physical NICs, as they are meant to operate as one logical NIC. But in the case of multiple Router interfaces, they are intentionally independent from one another, and maintain their own MAC addresses.

Speak Your Mind

*