The following is the third installment of a multi-part series on the fundamentals of routing. Each tip is excerpted from Routing First-Step by William Parkhurst, published by Cisco Press. Check back frequently for the next installment, or go to the main series page for all the installments.
An IP address is routable. Routers can use the network portion of an IP address to make a delivery, or routing decision, to the destination network. Ethernet addresses are not routable (unless every router knows how to reach every Ethernet address). Ultimately, electronic data must be delivered to a host using the host's Ethernet address. To do this, you need a protocol to determine, or resolve, the Ethernet address associated with a host's IP address. There is an analogy for address resolution that you are familiar with. Assume that you want to call your friend Steve and you do not know his telephone number, but you know where he lives. What do you use to resolve Steve's telephone number from his address? A telephone book. With a computer network, you need to do essentially the same thing when resolving between Ethernet and IP addresses. In Figure 3-5, there are three LANs with four hosts each.
Figure 3-5 - Address Resolution Matches a Host's Ethernet Address with a Host's IP Address
The Fullerton, Diversey, and Kostner LANs have been assigned networks 18.104.22.168, 22.214.171.124, and 126.96.36.199 (remember the 0 designates "this" network). The host addresses on these LANs are .1, .2, .3, and .4. This is a shorthand notation for IP addresses 188.8.131.52, 184.108.40.206, 220.127.116.11, and 18.104.22.168 on the Fullerton LAN—and the same shorthand notation is used on the other two LANs. Also notice that the three Ethernet interfaces on the access router have also been assigned an IP address taken from the range of addresses associated with each LAN.
This section uses the networks in Figures 3-5 and 3-6 to trace through the steps a host uses to send data to a host on the same LAN and to a host on a different LAN. Tables 3-6, 3-7, and 3-8 contain the IP and Ethernet addresses for the hosts and router on the three LANs.
Table 3-6 - Fullerton LAN Address Associations
In Figure 3-6, the host with IP address 22.214.171.124 on the Fullerton LAN wants to send data to the host with IP address 126.96.36.199 on the same LAN. The source and destination IP addresses are
The source host knows that the destination IP address is on the same network Because
The source host knows the destination IP address, but not the destination Ethernet address. The source host needs to resolve the destination Ethernet address from the destination IP address. This is accomplished by using the Address Resolution Protocol (ARP). The source host sends an Ethernet broadcast to the switch. Like the IP broadcast, an Ethernet broadcast is signified by setting the destination Ethernet address to all 1s or FF:FF:FF:FF:FF:FF. The source Ethernet address is set to the Ethernet address of the host sending the broadcast. The ARP message contains the destination IP address or 188.8.131.52. When the Ethernet switch receives the broadcast message, it is sent to all hosts on the network except for the host that sent the message. All hosts on the Fullerton LAN will receive the broadcast and inspect the IP address in the message. If the IP address is not the IP address of the host that received the message, the message will be ignored. When the host with IP address 184.108.40.206 receives the ARP message, it will respond back to the sender with its Ethernet address. Now the host at 220.127.116.11 has resolved the Ethernet address for the host with IP address 18.104.22.168.
Host .1 on the Fullerton LAN receives the ARP request and stores that association between the Ethernet and IP addresses for host .2 in an ARP table. Storing this information allows host .1 to send additional messages to host .2 without having to send an ARP request each time. An example of a typical ARP table is shown in the following output:
Internet Address -- Physical Address -- Type
22.214.171.124 -- 00-03-47-92-9C-70 -- dynamic
The physical address is the Ethernet address associated with IP address 126.96.36.199. Dynamic means that this association was learned using ARP.
At this point, you might be wondering why we have two addresses. Why not use either the IP address or the Ethernet address. Why use both? The clue is in the ARP table shown earlier. An Ethernet address is a physical address. It is "burned in" to the Ethernet card and is sometimes referred to as a burned-in address (BIA). An IP address is a logical address that was assigned to the host. In this case, the host happens to use Ethernet for sending messages on the LAN. Other technologies exist that can be used by the computers to send messages, such as Token ring or Asynchronous Transfer Mode (ATM). If you use ATM on the Fullerton LAN instead of Ethernet, you should expect that you are still able to send messages between computers. An ATM address is 20 bytes while an Ethernet address is 6 bytes. In other words, the logical addressing (IP) should be independent of the physical addressing (Ethernet, Token Ring, ATM). Does this sound familiar? In Chapter 1, "Routing and Switching in Everyday Life," you learned a layered model for the postal delivery system. (See Figure 3-7.)
For this model, you learned that the address should not be dependent on the contents, and that the physical delivery should not be dependent on the address. The layers in this model are independent. In the same way, you need a layered model for the Internet. With what you've learned, you can start constructing the layer model for the Internet. In Figure 3-8, the lowest layer is the network interface layer.
The network interface layer is concerned with the physical, electrical, and addressing requirements for the particular technology used to deliver the messages. The IP layer is a logical layer concerned with being able to route a message between endpoints. The IP layer in the Internet model should be independent from the network interface layer. This independence allows you to change the technology used at the network interface layer without having to modify the IP layer.
The host with IP address 188.8.131.52 on the Fullerton LAN wants to send data to the host with IP address 184.108.40.206 on the Kostner LAN. The source and destination IP addresses are
The source host knows that the destination IP address is on a different network Because
The host on the Fullerton LAN doesn't have to know how to get a message to the host on the Kostner LAN. That is the function of the router. Because the source host knows that the destination is on a different LAN or network, the host knows that it must send the message to the router. Each host has been configured with the IP address of the router interface that connects to their LAN. The router is the gateway to the rest of the world, so the IP address of the router is called the default gateway. In other words, if a host is sending a message to a different LAN, the message must first be sent to the default gateway, or router, or last resort. The process for inter-LAN communication is
- Send an ARP broadcast asking for the Ethernet address associated with the default gateway (220.127.116.11).
- The router responds with the Ethernet address of the interface that is connected to the source LAN (00-03-47-92-9C-73).
- Host 18.104.22.168 stores the router's IP address, and associated Ethernet address in its local ARP table. The ARP table now contains
Internet Address -- Physical Address -- Type
22.214.171.124 -- 00-03-47-92-9C-70 -- dynamic
126.96.36.199 -- 00-03-47-92-9C-73 -- dynamic
- The source host sends the message to the router.
- The router removes the source and destination Ethernet addresses from the message and inspects the destination IP address (188.8.131.52).
- The router determines that the destination LAN is network 184.108.40.206 and the destination host IP address is 220.127.116.11.
- The router sends an ARP request on the Kostner LAN asking for the Ethernet address associated with IP address 18.104.22.168.
- Host 22.214.171.124 on the Kostner LAN sends an ARP reply containing its Ethernet address to the router (00-03-49-C5-12-33).
- The router sends the message to the Ethernet address of host 126.96.36.199.
This process is similar to how mail is delivered. Figure 3-9 shows the flow of a letter down the protocol stack that was developed for the postal system.
Figure 3-9 Flow of a Letter Down the Mail Protocol Stack
The letter is sent down to the Addressing Person, or Who layer where it is placed, or encapsulated, in an envelope. The envelope is sent to the Addressing Where layer and the state, city, street name, and street number information are added. Remember that you have logically separated the Who from the Where information, because the Who information is not used to deliver the letter. Finally, the envelope is passed to the Delivery layer where it is encapsulated or placed into whatever delivery means is being used (wagon, horse, truck, and so on).
As the letter makes its way through the postal delivery system, it passes through one or more post offices. At each post office the letter is removed from the delivery layer, and the destination address is inspected. Based on the destination address, the post office makes a routing decision and the letter is again sent back to the delivery layer and encapsulated (placed) in a new means of delivery. Between the source of the letter and the letter's destination, the means of delivery at each post office changes, but the source and destination addresses remain the same. This process can be used to better understand the delivery of an electronic message through a network. (See Figure 3-10.)
Figure 3-10 Flow of Data Down the IP Stack
Your application generates the data to be sent to another host. This data could be an e-mail, an instant message, a request for a web page, and so on. The data is sent to the first addressing layer where an application identifier is placed on the data. Think of this as the Who part of the address. As with the postal system, this information is not used to deliver the data, but to identify which application should receive the data after it arrives at the destination. After the application identifier is placed on the data, the next layer in the protocol stack adds the source and destination IP addresses. Finally, the network interface layer adds the source and destination Ethernet addresses on the package (assuming the host is using Ethernet),and the package is transmitted toward the destination. In the Internet, the package of data is called a packet.
For intra-LAN communication, the receiving host inspects the destination Ethernet address, and accepts the package if the host sees its own Ethernet address. If it does, the Ethernet addresses (source and destination) will be stripped off, and the remaining package will be sent to the IP layer. The IP layer inspects the destination IP address to verify that the package is meant for this host. If it is, the IP address is stripped off and sent to the application identification layer. After the application has been identified, this information is stripped off and the data is sent to the proper application.
For inter-LAN communication, the package is sent to the router. The router inspects the destination Ethernet address and accepts the package if the router sees its own Ethernet address. If it does, the Ethernet addresses (source and destination) are stripped off and the remaining package is sent to the router's IP layer. The destination IP address is inspected, and the router consults the routing table to determine the interface it needs to use to send the package to the destination. The router looks for the destination IP and Ethernet address association in the ARP table. If the association is not in the ARP table, the router uses ARP to learn the destination Ethernet address associated with the destination IP address. The package is sent back to the network interface layer, and the package is encapsulated using new source and destination Ethernet addresses. Finally, the package is sent to the host, and the host will perform the same functions as mentioned for intra- LAN delivery.
The package might have to travel through more than one router. At each router, the same process takes place. The old Ethernet source and destination addresses are removed, the IP routing table is consulted, and new source and destination Ethernet addresses are applied. But no matter how many routers the package goes through, the source and destination IP addresses do not change. Only the network interface layer addresses change. The analogy between the layers of the mail and data delivery systems is shown in Figure 3-11.
Figure 3-11 Mail and Electronic Data Delivery Protocol Stacks
All parts reproduced from the book Routing First-Step, ISBN 1587201224, Copyright 2005, Cisco Systems, Inc. Reproduced by permission of Pearson Education, Inc., 800 East 96th Street, Indianapolis, IN 46240. Written permission from Pearson Education, Inc. is required for all other uses. Visit www.ciscopress.com for a detailed description and to learn how to purchase this title.