Some time ago, I made vro networking. Because of the use of the openwrt operating system, it was easy to do so, but many detailed principles were ignored. So let's talk about the differences between WAN ports and LAN ports and how they work.
First, Baidu:
Anyone familiar with the network knows that Wan is written in the first letter of the English wide area network, that is, Wan, while LAN is written in the local area network, that is, local (or LAN ). Then we may give the WAN port and LAN port on the router a Chinese name, which are the WAN port and the domestic network port. From the name, it is not difficult to find that the WAN port is mainly used to connect external networks, such as ADSL, lan, and optical fiber connections, while the LAN port is used to connect internal networks, it is mainly connected to switches, hubs, or PCs in the LAN. During home use, the IP address used by the WAN port of the router is the static or dynamic public IP address provided by the network operator, and the IP address used by the LAN port is the Intranet IP address allocated in the LAN. Therefore, each vro has a private IP address, which enables the vro to act as a gateway in the LAN and facilitates the network management of the vro. The routing function of a Broadband Router is embodied in the data routing between the WAN port IP address and the LAN port IP address. Generally, we set the network parameters of the WAN port according to the access method provided by the network operator, usually there are static IP addresses, dynamic IP addresses, or pppoe. It is in the same Internet as the access device of the network operator. The IP address of the LAN port is set to the IP address in the local LAN, which is usually the IP address we can set on the Broadband Router, the computer connected to the LAN port forms a "Lan". The LAN port IP address of the router is the gateway of the network.
Let's talk in detail about how the WAN port and LAN port data on the same vro go. In fact, this process is a process of Nat. The starting point of NAT technology is to solve the problem of IPv4 address insufficiency and improve the utilization of existing IPv4 addresses, but their implementation mechanisms are different. Vlsm and CIDR also aim to adjust the subnet mask length. However, NAT technology allows organizations to use non-Global IP addresses to access the Internet by converting addresses into globally routable IP addresses. This reduces the need for public IP addresses.
Nat runs on the routing device between the Intranet and the Internet, and the address in the packet is converted during communication between the Intranet and the Internet users.
It is mainly used in three scenarios: (1) Deploy the network IP address reconstruction (3) to achieve simple TCP load balancing when there is not enough public IP addresses available.
Here, we use the home network as an example. All the machines in the home network are connected to the LAN port and send data packets to the external network through the LAN port. First, send a request to the default gateway, actually, it is the LAN port on the CPU. In this case, the gateway on the general router refers to the LAN port on the CPU. Generally, four LAN ports are extended through the switch chip, these LAN ports are commonly used. After the router analyzes the packet sent below, it checks the Intranet IP address in the packet and the NAT address translation table of the device. After finding the corresponding entry, replace the source address, that is, the original Intranet IP address, with the IP address of the WAN port. The destination address remains unchanged and is sent to the Internet. After the external network receives the packet, it will parse the router Wan port IP address in the packet, return the response packet to the WAN port IP address, and send it back to the router. The router converts the destination address (Wan port IP address) in the returned packet to an intranet IP address, and finally sends and accepts the entire packet.
In fact, there is a question to go into. How do you distinguish between so many LAN ports and how to convert Nat when data is returned?
In addition, how does a router automatically allocate Intranet IP addresses to these LAN ports?
First, let's answer the first question:
When a computer user on the intranet of a Small Business Enterprise connects to Internet resources, the user's TCP/IP protocol generates an IP packet, which contains the following values, these values are in the IP and TCP or UDP headers: (the bold content indicates the project affected by Nat ):
• Target IP Address: Internet Resource IP Address
• Source IP Address: private IP Address
• Target Port: Internet Resource TCP or UDP port
• Source Port: TCP or UDP port of the Source Application
Request the source host or other routers to send the IP packet to Nat. Then, the NAT will parse the IP packet address as follows:
• Target IP Address: Internet Resource IP Address
• Source IP Address: Public IP address assigned by the ISP
• Target Port: Internet Resource TCP or UDP port
• Source Port: The Source Application TCP or UDP port that is remapped
Nat sends the IP data packets that are remapped to the Internet. The responding computer returns a response to Nat. When Nat receives this response, the packet will contain the following address information:
• Target IP Address: Public IP address assigned by the ISP
• Source IP Address: Internet Resource IP Address
• Target Port: The Source Application TCP or UDP port that is remapped
• Source Port: TCP or UDP port of Internet resources
After Nat completes the ing and resolution of the address, it sends a packet to the Internet client, which contains the following address information:
• Target IP Address: private IP Address
• Source IP Address: Internet Resource IP Address
• Target Port: TCP or UDP port of the Source Application
• Source Port: Internet Resource TCP or UDP port
After reading this section, I understand that the NAT table and port numbers are used to differentiate different LAN and services. The NAT table should be created on a temporary basis. When a LAN port sends a request, the NAT table adds one item to record the private (Intranet) IP address. Different services use port ing to make a difference.
Then the second problem involves DHCP. Let's take a look at this application layer service. The basic knowledge can be Baidu first.
DHCP is a broadcast-based protocol. Its operations can be divided into four stages: IP leasing requests, IP leasing provision, IP leasing selection, and IP leasing confirmation.
From these four terms, we will know the basic working principle of DHCP. First, lan broadcast finds the DCHP server, and then the LAN broadcast section is the DHCP client. Next, many DHCP servers may return offer packets for IP address pre-allocation, and then the DHCP Client selects (usually the first offer received) to confirm the request. After the DHCP server receives the confirmation, sends an ACK packet with a prepared IP address to complete the entire process. The server here is our gateway, that is, the CPU. It is an openwrt system installed with the DHCP service, but the dhcp of the openwrt system is different from that of Linux. Let's take a look at it later. However, I think the principle is similar.