The Everyman ' s Guide to How Network Packets is Routed Across the Web

Transferred from: http://null-byte.wonderhowto.com/how-to/ hacker-fundamentals-everymans-guide-network-packets-are-routed-across-web-0134491/

We already covered how your data travels the OSI model, layer by layer, and talks with other machines on your local networ K. But what does that data leave your network? How does it know where to go? What's going on here?

Much of the ' talking ' on a local network is broadcasts. This computer was asking for the MAC address of another one, or asking for a local IP address, or any number of things. But doesn ' t that mean the Internet should is flooded with various broadcast noise all over the place? As it turns out, no. You see, the job of a router are not only to route traffic, but to stop broadcasts. To explain the concept fully, let's look into some examples.

No routers were hurt in the writing of this article.

A Tale of Packets:internal

If you remember correctly, a IP address has both components, the network sections and the host section. A Subnet mask separates the IP address into those and segments (<network>). A subnet is expressed just a IP address in a four octet form, the most common one being 255.255.255.0 where the ' 255 ' means those octets is describing the network and the ' 0 ' is describing the host.

Let's say you wanted to send the data to another computer on the your local network at home. Your Internal IP Address In this example are 172.10.1.20 and Your destination IP address is 172.10.1.30. Also, let's assume your subnet mask is a standard 255.255.255.0.

The first thing that gets the computer looks at the address on the packet being sent. It then compares their address with the destination address. Notice the 172.10.1.x is the same on both, and the subnet mask have filled octets in the same locations as well ( 255.255.255.0). This tells the computer, the destination is on the same network it's on. Your Computer knows it is host ' "and it needs to reach host '" and it doesn ' t need to go through a router to get ther E.

Now your computer only needs to know the MAC address of host ' "To send the" this data in its ". If you recall the Media Access Control address is a physical layer function then addresses actual physical hardware on you R computer. In a nutshell, the It works like the IP address, only on your local network.

Arp!

To perform this feat, your computer sends out a broadcast message to everyone on the network called an ARP, or Address Res Olution Protocol. It ' s like your PC yelling "hello! I am looking for the computer 172.10.1.30".

Now all device on the network receives, that message, and looks at their own IP address in turn. The Router (172.10.1.1) sees it is isn't the one being looked for and drops the message. Other computers on the network does the same thing until the computer that have the IP of 172.10.1.30 gets it, check s its address, and sees they match. It then replies back to the sending computer of 172.10.1.20 saying "hey! That's me and my MAC address is aa00:bc33:3211.

In the picture below, the MAC address is called a "Ethernet address", reflecting the fact that it's addressing for the ph Ysical layer. However, common lingo is "MAC address"

Now the sending computer have the internal IP and MAC address of the receiving computer and can send its data over. But what happens if the addresses is not on the same network?

A Tale of Packets:external

Well, it's not as simple if we have to cross other networks, as there are a bit more going on behind the scenes, as you w ill see. Let's assume we sending the same data as before and our source IP address is 172.10.1.20 and our destination IP address is 192.168.0.100. You should immediately notice by the subnet mask of 255.255.255.0 that these the addresses is on separate networ Ks. See, we are getting there.

Just The first example, the sending computer looks at the destination address and compares it to its own. However, this time there is a problem-they don ' t match at all.

Now it knows so it can ' t just send out a ARP message like before, because remember what happened in the last example, W Hen the routers address didn ' t match the address being asked? It simply dropped the packet. This is what routers stop broadcasts from traveling the entire Internet. In fact, without this design, the Internet would is flooded with so many broadcast messages from the millions of connected Devices that it would crash and fail.

At this point, your computer knows a ARP just isn ' t going to cut it for the destination of 192.168.0.100, so it Broadcasts another ARP. But that's looks for what ' s called the default gateway. This is a node, or a router, which acts as an entry or exit point to another network.

Normally, when a computer cannot find a route for an IP address, it'll send it along to the default gateway as a route O F Last resort. This was your modem/router at home. Your router would reply saying, "yo! I am The default gateway and my MAC address is xxxx:xxxx:xxxx!"

Your Computer then adds the routers MAC address as the destination MAC address to the packet, and sends it over to the Rou ter for safe travels.

Route Me baby!

The router takes a look in the packet and knows the source IP came from its own network. But the destination is separate altogether. Because The destination is not the same as the router ' s own internal IP address, it knows the packet are not for it but needs to travel through it

The router then looks at it routing tables to find a a-to-get to the 192.168.0.xnetwork. It leaves the source and destination IP address information inside the packet, and changes the new source MAC address to I TS own address and the destination MAC address to the next node deducted from the routing table.

This process continues through and over with each router that picks up the packets looking at the addresses, seeing it's not For their network and passing it along until it reaches the final destination of 192.168.0.100.

That router would strip of the source and destination MAC addresses that allowed the packets to travel, and replace the SOU Rce with its own. It then ARPs to find the MAC address of the server being looked for and uses the reply to add the final MAC address of Tha T machine, then sends it along.

The Everyman ' s Guide to How Network Packets is Routed Across the Web