In-depth analysis of subnet mask and the role of gateway and ARP through simple experiments

Http://www.knowsky.com/383893.html

Subnet Mask, the concept and working principle of the gateway and ARP Protocol are several important knowledge points that Beginners first encounter when learning network knowledge, among them, the role and basic working principle of subnet mask and ARP protocol is also the key and difficult point in Semester 1, a tutorial by Cisco Network Technology College. It is difficult for beginners to grasp these abstract and complex mechanisms at once. Therefore, it is necessary to use experiments to help students gain a deeper and more intuitive understanding of the basic concepts and working principles of subnet masks, gateways, and ARP protocols.
　　
Before explaining the experiment, we will first give an overview of the subnet mask, the basic knowledge of the gateway and ARP protocol.
　　
Subnet Mask (subnet mask)
　　
The primary function of the subnet mask is to inform the network device which part of a specific IP Address Contains the network address and subnet address and which part is the host address. The routing device of the network can make a routing addressing decision by identifying the network number and subnet number of the destination address. The host part of the IP address is not involved in the routing addressing operation of the router, only an interface that uniquely identifies a network device in a CIDR block. Originally, if only the primary class addresses A, B, and C are used in the network system, and the primary class addresses are not divided into subnets or summarized, the network device can determine which primary network belongs to A, B, and C based on the value range of the first byte of the IP address, and then determine the network part and host part of the IP address, the subnet mask is not needed.
　　
However, the classless Inter-Domain Routing and CIDR technologies (classless Inter-Domain Routing) are used to divide the primary class Networks A, B, and C) when CIDR blocks are summarized, the network and subnet of IP addresses can be correctly differentiated from those of hosts. Therefore, you must rely on the help of the subnet mask.
　　
The subnet mask uses the same address format as the IP address. The subnet mask of 1 corresponds to the network and subnet of the IP address, and the subnet mask of 0 corresponds to the host of the IP address. After the subnet mask and IP address are used as "and" operations, the host part of the IP address will be discarded, and the remaining are the network address and subnet address. For example, the destination IP address of an IP group is 10.2.2.1. If the subnet mask is 255.255.255.0, the operation "and" is calculated as 10.2.2.0, the network device considers the IP address's network number and subnet number as 10.2.2.0.
　　
Gateway)
　　
A gateway in the internet is a network device used to connect two or more network segments. Generally, a router is used as a gateway. In the TCP/IP network system, the basic function of the gateway is to select the optimal egress to forward IP groups based on the destination IP address's network number and subnet number, so as to achieve cross-network data communication. In semester 1, you only need to understand the basic functions of the Gateway. in Semester 2, you will also discuss the router's working mechanism and configuration process in detail.
　　
Address Resolution Protocol)
　　
In Ethernet, a network device must communicate directly with another network device, except for knowing the network layer logical address (such as IP address) of the target device, the second physical address (MAC address) of the target device is also known ). The basic function of ARP is to query the MAC address of the target device through the IP address of the target device to ensure smooth communication.
　　
When a network device needs to communicate with another network device, it first performs "and" operations on the IP address of the target device and its subnet mask, to determine whether the target device and itself are in the same network segment. If the target device is in the same network segment and the source device does not obtain the MAC address information corresponding to the target IP address, the source device broadcasts the information in the form of Layer 2 broadcast (the target MAC address is full 1) sends an ARP request packet. The packet contains the IP addresses of the source and target devices. All other devices in the same network segment can receive and analyze this ARP request packet. If a device finds that the destination IP address in the packet is the same as its own IP address, it sends an ARP response packet to the source device, obtain the MAC address of the target device from the source device.
　　
If the destination device and the source device are not in the same network segment, the source device first sends the IP address group to its default gateway, which forwards the group. If the source device does not have Mac information about the default gateway, it also obtains MAC address information about the default gateway through arp.
To reduce the broadcast volume, the network device saves the ing information between the IP address and the MAC address in the cache through the ARP table. During an ARP request and response, both parties store the correspondence between the MAC address and IP address of the other party in their respective ARP tables for later communication. ARP tables use the aging mechanism to delete mappings between unused IP addresses and MAC addresses within a period of time.
　　
Experiment Design
　　
We designed a simple experiment to help students understand the basic concepts and principles involved in the three knowledge points. In the experiment, we use the ping command to check whether two-way communication can be performed between hosts. During the ping process, the source host sends an ICMP echo request packet to the target host. After receiving the packet, the target host sends an ICMP Echo Reply packet to the source host, in this way, the source and target hosts can be verified for correct bidirectional communication.
　　
Topology of the experiment: (1.

A and B are experimental PCs and use Windows2000 Professional as the operating system.
　　
Tutorial scheme:
　　
Step 1:
　　
Set the IP address and subnet mask of the two hosts:
A: 10.2.2.2 255.255.254.0
B: 10.2.3.3 255.255.254.0
No Default Gateway is set for both hosts.
　　
Run the ARP-D command to clear the ARP tables on the two hosts. Then, ping the ARP tables on a and B to communicate with each other,
A: reply from 10.2.3.3: bytes = 32 time <10 ms TTL = 128.
B: reply from 10.2.2.2: bytes = 32 time <10 ms TTL = 128
Run the ARP-a command to view the MAC address of the other two PCs.
　　
Analysis: As the host compares the IP addresses of the Communication targets with their own subnet masks, it is found that the target host and itself are both in the same network segment (10.2.2.0 ), therefore, the ARP protocol is used to obtain the MAC address of the other party to implement bidirectional communication between network devices in the same network segment.
　　
Step 2:
　　
Change the subnet mask of a to 255.255.255.0, and keep other settings unchanged.
　　
Operation 1: run the ARP-D command to clear the ARP tables on the two hosts, Ping B on a, and the result displayed on a is destination host unreachable.
　　
The MAC address of the other side cannot be seen on both PCs using the ARP-a command.
　　
Analysis 1: A compares the IP address (10.2.3.3) of the target device with its own subnet mask (255.255.255.0) to "10.2.3.0", which is not in the same network segment as itself (the network segment where A is located is: 10.2.2.0), a must first send the IP Group to the default gateway. Because the default gateway of A is not configured, the group cannot be correctly sent, so "the target host cannot arrive" is displayed ".
　　
Operation 2: ping a on B. The result displayed on B is:
　　
Request timed out
　　
Then, run the ARP-a command to view the MAC address of the other two PCs.
　　
Analysis 2: B compares the IP address (10.2.2.2) of the target device with its own subnet mask (255.255.254.0) and finds that the target host and itself are both in the same network segment (10.2.2.0). Therefore, B obtains the MAC address of a through ARP and can correctly send an echo request packet to. However, because a cannot correctly send the echo reply packet back to B (for the reason, see Analysis 1), The Ping result displayed on B is "request timeout ". In this experiment, by observing the changes in the ARP tables of A and B, we can verify that during an ARP request and response process, the communication parties can obtain the correspondence between the MAC address and IP address of the other party and store the information in their ARP tables.
　　
Step 3:
　　
Based on the previous experiment, set the default gateway of A to 10.2.2.1 and the subnet mask of the gateway to 255.255.0.0.
The ping command is used to communicate with the other party on A and B respectively. The result is as follows:
　　
A: reply from 10.2.3.3: bytes = 32 time <10 ms TTL = 128.
B: reply from 10.2.2.2: bytes = 32 time <10 ms TTL = 127
　　
Use the tracert command on a and B to track the data transmission path. The results are as follows:
　　
A: tracert 10.2.3.3
　　
Tracing Route to 10.2.3.3 over a maximum of 30 hops:
1 <10 MS <10 MS <10 MS 10.2.2.1
2 <10 MS <10 MS <10 MS 10.2.3.3
Trace complete.
　　
B: tracert 10.2.2.2
　　
Tracing Route to 10.2.2.2 over a maximum of 30 hops:
1 <10 MS <10 MS <10 MS 10.2.2.2
Trace complete.
　　
Analysis: for example, in step 2, A considers that B is not in the same network segment, so the packets sent from A to B need to be forwarded by the gateway. B thinks that A is in the same network segment, therefore, B does not need to send messages directly to a through the gateway, so that the asymmetry of the transmission path between A and B can be observed. The ping command results show the TTL value of the echo reply packet returned from the target host, and B receives the echo reply packet returned from a and forwards it through the gateway, therefore, the TTL value of the IP packet is displayed in B as 127 (the initial TTL value of the IP Group sent from a is 128, and the TTL value is reduced by 1 for each gateway ).
　　
Step 4:
　　
Run the ARP-D command to clear the ARP table in a and ping a host in the outer CIDR block on a, for example, the large WWW server (202.116.64.8 ), then ARP-A can be used to observe that the ARP table of a only contains the MAC address information of the default gateway.
　　
Analysis: when the source host needs to communicate with the host in the Internet segment, it does not need to obtain the MAC address of the remote host, but sends the IP Group to the default gateway, the forwarding process is completed by the gateway IP address group. If the source host does not have a cache record for the MAC address of the default gateway, it obtains the MAC address of the gateway through the ARP Protocol. Therefore, only the MAC address record of the gateway is observed in the ARP table of, however, the MAC address of the remote host is not observed.
　　
Summary
　　
This experiment helps students understand the interaction process between subnet masks and IP addresses, the basic functions of gateways in the network, and the basic principles and working processes of ARP. This experiment has very low requirements on the environment. Generally, data centers and student dormitories with LAN access conditions can successfully complete this experiment, which is suitable for the guidance of the Network Technology College for classroom experiments, it is also suitable for students to experiment and verify the knowledge points described in the courseware in the dormitory after passing e-learning.
Reference: http://www.knowsky.com/383893.html