The Internet is a fascinating blend of many different elements that all work together to create a world wide network of networks which allow billions of different devices to communicate. In this article, we will look at some of the key players of the Internet and the role each fulfills in order to achieve network communication.
This list is far from exhaustive, but will cover the main “cast and crew” you will need to be familiar with in order to understand how a packet travels through the Internet.
The term host is a generic term that implies any sort of end-device on the Internet. Any device which might be the original initiation of traffic or the final destination of traffic can be considered a host.
The traditional example would be your computer or laptop. But in these modern times, there are so many more: mobile phones, smart TVs, smart watches, certain cars, and even some refrigerators!
Hosts run software and applications for the end user to interact with, and they also at some point need to put bits on a wire. As such, it is said that Hosts operate across all seven layers of the OSI model.
The Client is the entity initiating the request and is looking to acquire a piece of information or data or a service. While the Server is the entity receiving the request and has the information, data, or service that the Client wants.
It should be noted that these terms are relative to specific types of communication.
For example, when your laptop is browsing through a web page, your laptop is acting as the Client and the Web Server is acting as the Server. But when that same Web Server is then downloading software updates, it is now acting as a Client and communicating with an Update Server.
A Network is simply two or more connected devices — typically grouped together by similar purposes or physical location. A network can take many different forms, for example:
- A group of PCs in a classroom are all in the same physical space and would all belong to one network.
- Any typical home network will include multiple laptops, mobile phones, or printers that are all tied to the same physical address. Therefore, all belonging to the same network.
- A coffee shop which has WiFi will allow each of their customers to connect to the same WiFi Network.
- A large company might use multiple networks, often separating them by job role. For instance, one network for all its accountants and another network for all its engineers.
Depending on the purpose of each network, the devices within them will then communicate with other devices in the same network or other devices in different networks.
Any time any of the Key Players discussed in this rest of this article series are connected to each other, you have a network. In fact, the whole Internet is nothing more than a series of Inter-connected networks.
A Switch is a network device whose primary purpose is to facilitate communication within networks.
Switches operate at Layer 2 of the OSI model, which means they only look into each data-gram up to the Layer 2 header. The Layer 2 header contains information that enables hop to hop delivery, such as the Source and Destination MAC address.
A Switch operates by maintaining what is known as a MAC Address table. This is a table that maps MAC addresses of devices plugged into each switch port. A typical switch has many ports, from 24 to 48, up to 96, or more.
The MAC Address Table is populated by looking at the Source MAC address field of any received frames.
In order to forward the frame, the Switch will lookup the Destination MAC address in their MAC Address Table to determine what port to use.
If a Switch encounters a frame for which it does not know the location of the Destination MAC address, it simply duplicates and floods the frame out each switch port (except the port it was received on). This process will be examined more closely in another article in this series.
A Router is a network device whose primary purpose is to facilitate communication between networks. Each interface on a router creates a network boundary.
Routers operate at Layer 3 of the OSI Model, which means they only look into each datagram up to the Layer 3 header. The Layer 3 header contains information that enables end to end delivery, such as the Source and Destination IP Address.
In the image above, notice that the router on the left (R1) and the router on the right (R2) create three separate networks (11.11.11.x, 22.22.22.x, and 33.33.33.x). R1’s right interface and R2’s left interface are both on the same network.
The only way for the Client in the 11.11.11.x network to speak to the Server in the 33.33.33.x network is to forward the packet to R1, who will in turn forward the packet to R2, who will then finally forward the packet to the Server.
A Router accomplishes all this by maintaining what is known as a Routing Table. This is a table that contains paths to all the networks a Router knows how to reach. These paths are sometimes known as Routes, and each entry contains an IP Network and either an interface or the IP address of the next router in the path to the target.
There are multiple ways a Router can learn of a network and populate its Routing Table. We will look at some of those ways in a later article in this series.
Keep in mind, from the perspective of each router, the Route Table is a map of every network that exists. If a router receives a packet destined to a network it does not know about, then as far as that router is concerned, that network must not exist. Therefore, when a router receives a packet destined to a network which is not in its Routing Table, that packet is discarded.
Address Resolution Protocol (ARP)
Earlier we discussed that MAC addresses are a Layer 2 addressing scheme. We also discussed that IP addresses are a Layer 3 addressing scheme.
What bridges these two addressing schemes is the Address Resolution Protocol (ARP).
Typically, when two hosts are communicating, they already know each other’s IP address. They can know each other’s IP address from a variety of methods: sometimes it is manually provided by a user, sometimes by another protocol (often DNS). But the actual method employed is irrelevant (at least to this article series).
However, what is definitely not known is their MAC addresses. The hosts will use ARP to discover the appropriate MAC address. To put it another way, ARP will use the known IP address, and discover the unknown MAC address. The discovered mapping is then added and stored in an ARP Table, which is a mapping of IP addresses to correlating MAC addresses.
We’ll describe how L2 and L3 are bridged together, and ARP’s role in the process using the following illustration:
In the image above, there are three networks: the purple network, the gray network, and the red network. We’ll use this diagram to illustrate two instances of ARP: First when a host is speaking to another host in the same network (Client to Purple server). And Second when a host is speaking to another host in a different network (Client to Red server).
When the Client needs to speak to the Purple Server, it will know the Purple Server’s IP address, and from that it will determine that the Purple Server exists in the local network. When a Client is attempting to speak to a host in the same network, the Client will issue an ARP request for the host’s MAC address.
ARP will allow the Client to complete the Layer 2 header as follows:
When the Client needs to speak to the Red Server, it will know the Red Server’s IP address, and from that it will know that the Red Server exists in a foreign network. As such, the packet must be delivered to the nearest router — otherwise known as the Default Gateway.
The Client is generally already configured with a Default Gateway — which we can tell from the image will be the R1. When a Client is attempting to speak to a host in a foreign network, the Client will issue an ARP request for the Default Gateway’s MAC address.
This will allow the Client to populate the Layer 3 and Layer 2 headers as follows:
- When a Client is speaking to a host in the same network, it will ARP for the MAC address of the host
- When a Client is speaking to a host in a different network, it will ARP for the MAC address of the Default Gateway
Remember, packet delivery is always the job of Layer 2, and Layer 2’s primary goal is getting a packet from hop to hop. Conversely, Layer 3, which is concerned with end to end delivery is unable to put a packet on a wire and send it to another host’s NIC. ARP’s role is to help the client create the proper L2 header, based on the L3 header, in order to get the packet from one hop to the next.
It should also be noted that any device that intends to forward a packet based upon the IP address (L3), must also have the ability to deliver the packet to the next hop (L2). As such, any device that uses IP addresses must also use ARP to deliver the packet using MAC addresses. Consequently, all Layer 3 devices must maintain an ARP Table.
This article and the previous covered a lot of ground on a variety of subjects that individually have entire books written about. This was intentionally done so that the next few articles in the series can bring everything together (and go a bit deeper than this article went). But it is crucial that all the tenants of these two articles be understood before moving forward.
In this article, we discussed the primary purposes of the different layers of the OSI model. Specifically:
- OSI Layer 1 is the physical medium carrying the 1’s and 0’s across the wire
- OSI Layer 2 is responsible for hop to hop delivery and uses MAC addresses
- OSI Layer 3 is responsible for end to end delivery and uses IP Addresses
- OSI Layer 4 is responsible for service to service delivery and uses Port Numbers
We also discussed some of the Key Players involved in moving a packet through the Internet:
- Switches facilitate communications within networks and operate at Layer 2
- Routers facilitate communication between networks and operate at Layer 3
- ARP uses a known IP address to resolve an unknown MAC address
We also discussed three different tables that are use to store different mappings:
- Switches use a MAC Address Table which is a mapping of Switchports to connected MAC addresses
- Routers use a Routing Table which is a mapping of known Networks to interfaces or next-hop addresses
- All L3 devices use an ARP Table which is a mapping of IP Addresses to MAC addresses
If any of the bullet points above don’t make complete sense, please consider re-reading this article or the one previous before continuing to the next article in this series.