Routing First-Step: Address resolution

The source host knows that the destination IP address is on the same network Because

The source host knows the destination IP address, but not the destination Ethernet address. The source host needs to resolve the destination Ethernet address from the destination IP address. This is accomplished by using the Address Resolution Protocol (ARP). The source host sends an Ethernet broadcast to the switch. Like the IP broadcast, an Ethernet broadcast is signified by setting the destination Ethernet address to all 1s or FF:FF:FF:FF:FF:FF. The source Ethernet address is set to the Ethernet address of the host sending the broadcast. The ARP message contains the destination IP address or 192.20.1.2. When the Ethernet switch receives the broadcast message, it is sent to all hosts on the network except for the host that sent the message. All hosts on the Fullerton LAN will receive the broadcast and inspect the IP address in the message. If the IP address is not the IP address of the host that received the message, the message will be ignored. When the host with IP address 192.20.1.2 receives the ARP message, it will respond back to the sender with its Ethernet address. Now the host at 192.20.1.1 has resolved the Ethernet address for the host with IP address 192.20.1.2.

Host .1 on the Fullerton LAN receives the ARP request and stores that association between the Ethernet and IP addresses for host .2 in an ARP table. Storing this information allows host .1 to send additional messages to host .2 without having to send an ARP request each time. An example of a typical ARP table is shown in the following output:

Interface: 192.20.1.1
Internet Address -- Physical Address -- Type
192.20.1.2 -- 00-03-47-92-9C-70 -- dynamic

The physical address is the Ethernet address associated with IP address 192.20.1.2. Dynamic means that this association was learned using ARP.

At this point, you might be wondering why we have two addresses. Why not use either the IP address or the Ethernet address. Why use both? The clue is in the ARP table shown earlier. An Ethernet address is a physical address. It is "burned in" to the Ethernet card and is sometimes referred to as a burned-in address (BIA). An IP address is a logical address that was assigned to the host. In this case, the host happens to use Ethernet for sending messages on the LAN. Other technologies exist that can be used by the computers to send messages, such as Token ring or Asynchronous Transfer Mode (ATM). If you use ATM on the Fullerton LAN instead of Ethernet, you should expect that you are still able to send messages between computers. An ATM address is 20 bytes while an Ethernet address is 6 bytes. In other words, the logical addressing (IP) should be independent of the physical addressing (Ethernet, Token Ring, ATM). Does this sound familiar? In Chapter 1, "Routing and Switching in Everyday Life," you learned a layered model for the postal delivery system. (See Figure 3-7.)

For this model, you learned that the address should not be dependent on the contents, and that the physical delivery should not be dependent on the address. The layers in this model are independent. In the same way, you need a layered model for the Internet. With what you've learned, you can start constructing the layer model for the Internet. In Figure 3-8, the lowest layer is the network interface layer.

The network interface layer is concerned with the physical, electrical, and addressing requirements for the particular technology used to deliver the messages. The IP layer is a logical layer concerned with being able to route a message between endpoints. The IP layer in the Internet model should be independent from the network interface layer. This independence allows you to change the technology used at the network interface layer without having to modify the IP layer.

Inter-LAN Communication

The host with IP address 192.20.1.1 on the Fullerton LAN wants to send data to the host with IP address 192.20.3.3 on the Kostner LAN. The source and destination IP addresses are

The source host knows that the destination IP address is on a different network Because

The host on the Fullerton LAN doesn't have to know how to get a message to the host on the Kostner LAN. That is the function of the router. Because the source host knows that the destination is on a different LAN or network, the host knows that it must send the message to the router. Each host has been configured with the IP address of the router interface that connects to their LAN. The router is the gateway to the rest of the world, so the IP address of the router is called the default gateway. In other words, if a host is sending a message to a different LAN, the message must first be sent to the default gateway, or router, or last resort. The process for inter-LAN communication is

1. Send an ARP broadcast asking for the Ethernet address associated with the default gateway (192.20.1.5).
2. The router responds with the Ethernet address of the interface that is connected to the source LAN (00-03-47-92-9C-73).
3. Host 192.20.1.1 stores the router's IP address, and associated Ethernet address in its local ARP table. The ARP table now contains

   Interface: 192.20.1.1
   Internet Address -- Physical Address -- Type
   192.20.1.2 -- 00-03-47-92-9C-70 -- dynamic
   192.20.1.5 -- 00-03-47-92-9C-73 -- dynamic

4. The source host sends the message to the router.
5. The router removes the source and destination Ethernet addresses from the message and inspects the destination IP address (192.20.3.3).
6. The router determines that the destination LAN is network 192.20.3.0 and the destination host IP address is 192.20.3.3.
7. The router sends an ARP request on the Kostner LAN asking for the Ethernet address associated with IP address 192.20.3.3.
8. Host 192.20.3.3 on the Kostner LAN sends an ARP reply containing its Ethernet address to the router (00-03-49-C5-12-33).
9. The router sends the message to the Ethernet address of host 192.20.3.3.

   This process is similar to how mail is delivered. Figure 3-9 shows the flow of a letter down the protocol stack that was developed for the postal system.

   Figure 3-9 Flow of a Letter Down the Mail Protocol Stack
   

   The letter is sent down to the Addressing Person, or Who layer where it is placed, or encapsulated, in an envelope. The envelope is sent to the Addressing Where layer and the state, city, street name, and street number information are added. Remember that you have logically separated the Who from the Where information, because the Who information is not used to deliver the letter. Finally, the envelope is passed to the Delivery layer where it is encapsulated or placed into whatever delivery means is being used (wagon, horse, truck, and so on).

   As the letter makes its way through the postal delivery system, it passes through one or more post offices. At each post office the letter is removed from the delivery layer, and the destination address is inspected. Based on the destination address, the post office makes a routing decision and the letter is again sent back to the delivery layer and encapsulated (placed) in a new means of delivery. Between the source of the letter and the letter's destination, the means of delivery at each post office changes, but the source and destination addresses remain the same. This process can be used to better understand the delivery of an electronic message through a network. (See Figure 3-10.)

   Figure 3-10 Flow of Data Down the IP Stack
   

   Your application generates the data to be sent to another host. This data could be an e-mail, an instant message, a request for a web page, and so on. The data is sent to the first addressing layer where an application identifier is placed on the data. Think of this as the Who part of the address. As with the postal system, this information is not used to deliver the data, but to identify which application should receive the data after it arrives at the destination. After the application identifier is placed on the data, the next layer in the protocol stack adds the source and destination IP addresses. Finally, the network interface layer adds the source and destination Ethernet addresses on the package (assuming the host is using Ethernet),and the package is transmitted toward the destination. In the Internet, the package of data is called a packet.

   For intra-LAN communication, the receiving host inspects the destination Ethernet address, and accepts the package if the host sees its own Ethernet address. If it does, the Ethernet addresses (source and destination) will be stripped off, and the remaining package will be sent to the IP layer. The IP layer inspects the destination IP address to verify that the package is meant for this host. If it is, the IP address is stripped off and sent to the application identification layer. After the application has been identified, this information is stripped off and the data is sent to the proper application.

   For inter-LAN communication, the package is sent to the router. The router inspects the destination Ethernet address and accepts the package if the router sees its own Ethernet address. If it does, the Ethernet addresses (source and destination) are stripped off and the remaining package is sent to the router's IP layer. The destination IP address is inspected, and the router consults the routing table to determine the interface it needs to use to send the package to the destination. The router looks for the destination IP and Ethernet address association in the ARP table. If the association is not in the ARP table, the router uses ARP to learn the destination Ethernet address associated with the destination IP address. The package is sent back to the network interface layer, and the package is encapsulated using new source and destination Ethernet addresses. Finally, the package is sent to the host, and the host will perform the same functions as mentioned for intra- LAN delivery.

   The package might have to travel through more than one router. At each router, the same process takes place. The old Ethernet source and destination addresses are removed, the IP routing table is consulted, and new source and destination Ethernet addresses are applied. But no matter how many routers the package goes through, the source and destination IP addresses do not change. Only the network interface layer addresses change. The analogy between the layers of the mail and data delivery systems is shown in Figure 3-11.

   Figure 3-11 Mail and Electronic Data Delivery Protocol Stacks
   

   All parts reproduced from the book Routing First-Step, ISBN 1587201224, Copyright 2005, Cisco Systems, Inc. Reproduced by permission of Pearson Education, Inc., 800 East 96th Street, Indianapolis, IN 46240. Written permission from Pearson Education, Inc. is required for all other uses. Visit www.ciscopress.com for a detailed description and to learn how to purchase this title.
   

   Rate this Tip To rate tips, you must be a member of SearchNetworking.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT IP Networking What is the definition of ATM (Asynchronous Transfer Mode)? Do I have to disable DHCP on my router to create a DHCP server? Windows Server 2008 IP routing configuration: Static and dynamic RIPv2 What is IP? Connect your LAN to the Internet using static or dynamic NAT Using tracert and TTL to troubleshoot network connectivity problems Test your TCP/IP protocol stack to troubleshoot network connectivity IP addressing and subnetting explained Checking IP configuration to troubleshoot Windows network connectivity Does IPv6 abandon TCP/IP fragmentation? Routing and Switching How to test LAN switch energy efficiency Testing LAN switch power consumption: A best practices guide Dynamic IP routing and routing protocols Monitor your network traffic with MRTG How routers work: An overview for networking pros Secure Cisco routers against IOS flaw attack Network summarization -- Supernetting and wildcard masks Routing: Five common, easily avoided errors Router Expert: Building a WLAN proxy server, implementing ASR Router Expert: Building a WLAN proxy server, implementing WPAD RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary 32-bit IP addressing  (SearchNetworking.com) fixed-length subnet mask  (SearchNetworking.com) GARP (Generic Attribute Registration Protocol)  (SearchNetworking.com) Port Address Translation (PAT)  (SearchNetworking.com) route aggregation  (SearchNetworking.com) route summarization  (SearchNetworking.com) subnet  (SearchNetworking.com) subnet mask  (SearchNetworking.com) variable-length subnet mask  (SearchNetworking.com) wildcard mask  (SearchNetworking.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.