Before you start
Objectives: learn which devices can be used to connect different networks, and how data is transferred between networks using routing devices.
Prerequisites: you have to know what is a MAC address.
Key terms: address, router, ip, mac, frame, packet, layer, hop, firewall, subnet, switch
The first internetwork device we’ll talk about is a Router. Router is a device with multiple network interfaces, with each network interface being either the same or a different network architecture. It connects two or more network segments or subnets. So we might have an Ethernet network connected to some kind of a WAN network, and maybe even connected to a wireless network. Router makes forwarding decisions based on the subnet or the network address. Each connected network has an address and a port designation. The Router builds a Routing Table of all known networks, along with a port or even an address of another device.
Image 222.1 – Router
In the picture above, the Router would know about networks 1, 2 and 3 to which it was directly connected, but if we had multiple Routers we could have additional networks that are accessible through other routers. In the picture below, our Router would also know about networks 4, 5 and 6, as well as how to get to those networks.
Image 222.2 – Two Routers
When a Packet comes in from one network, the Router looks at the destination address in the Packet and then forwards it through to the correct port.
The second device we need to be aware of is called a Firewall. A Firewall is typically very similar to a Router, but it can also make forwarding decisions based on other information other than the destination network. Firewalls are typically implemented for security purposes. They can be programmed with security rules to restrict the flow of traffic between networks. For instance, we might make a forwarding decision based on the source network address and not just the destination address. So for example, when a packet comes into the Router we can decide that if it came from network 3, we will not forward it on to network 5.
A Firewall can control the type of traffic allowed into a network and the type of traffic allowed out of a network. Rules set up on the Firewall determine the types of permitted and prohibited traffic. A Firewall can be either hardware devices or software installed onto operating systems.
Layer 3 Switch
A third device we need to be aware of is a Layer 3 Switch. A Layer 3 Switch is like a normal Switch, but it is also capable of reading Layer 3 (network) addresses and making switching decisions based on the network address to switch or route packets between subnets. A Layer 3 Switch often provides better performance than a Router, but does not support as many features as a Router. All three devices (Router, Firewall and Layer 3 Switch) operate at layer 3, where the network address is used. Some Firewalls are also capable of examining other higher layer information to make forwarding decisions. To understand the importance of the network address, let’s look at how a router actually examines information within a Frame and a Packet in order to make forwarding decisions.
In our example, we’re going to look at how a message from PC 1 gets all the way through an internetwork to PC 2. We have three networks and two routers connecting them. IP addresses associated with each device are shown on the picture.
Image 222.3 – Simple Internetwork
Notice that Routers have two IP addresses, one for each network interface. In addition to the IP address, each device has a MAC address. We will just take labels for MAC addresses like MAC 1, meaning the first MAC address for device PC 1, MAC 2 for Interface 2 on Router 1, MAC 3 for Interface 1 on Router 1, etc. Notice that each router will have two separate MAC addresses.
Frame and Packet
Let’s look at the Frame at layer 2, as well as the Packet information at layer 3, and how they change as the Packet moves from device to device within the network. PC 1 has information that it needs to send to PC 2. Now, let’s assume that PC 1 already knows the IP address of the destination device. Within the Packet it will add the destination IP address of destination device, in this case PC 2 (10.0.0.10). Then it adds its own IP address as the source IP address within the Packet. Next it needs to figure out how to send that packet to the destination device. It checks the destination network address and realizes that it’s on different subnet, and because the workstation doesn’t know how to talk to devices on other subnets, it creates a Frame and sends that frame to the Default Gateway. Let’s assume that PC 1 has been configured to use the Default Gateway of 192.168.0.1, which is the IP address of the Router on its same subnet. To create a Frame PC 1 has to use the MAC address, which is layer 2. So PC 1 takes the IP address 192.168.0.1 and resolves that to the MAC address of the Default Gateway device. Let’s say that it has that information in its MAC address table, so it takes the MAC address of the Router 1Interface 2 and puts that in the Frame header. So it uses the MAC address of Router 1 as the destination MAC address, and then it uses its own MAC address as the source MAC address within the frame. PC 1 sends the frame on the network.
Image 222.4 – PC 1 – Router 1 Message
Router 1 receives that Frame. It looks at the destination MAC address in the Frame and realizes that the Frame is addressed to him. Then it grabs the Frame, strips off the header information and looks at layer 3 information (IP addresses). Here, the Router looks at the destination network address. It consults a Routing Table, and remember, the Routing Table has networks along with associated ports (interfaces), or a Next-Hop Address of the Router that’s used to reach other destination network. So in our case, to reach network 10.0.0.0, Router 1 knows it has to go through the router with the IP address 172.16.0.2. The Router doesn’t touch the packet. What the Router does is it creates a new Frame in which it puts its own MAC address (MAC 3) as the source MAC address, and in this case it uses the MAC address that’s on the same segment as the next hop Router. For the destination MAC address, it uses the MAC address of Router 2 Interface 2 (MAC 4), that’s on the same segment.
Image 222.5 – Router 1 – Router 2 Message
So Router 1 takes the Frame and transmits it across the wire to Router 2. Router 2 looks at the destination MAC address, it sees that frame is sent to him, strips off the Frame information and examines the Packet information. It looks at the destination IP address. In its routing table, it realizes that it is connected directly to the 10.0.0.0 network. In this case, the Router 2 knows it can talk directly to PC 2 because they’re on the same subnet. So, it takes the Packet information, creates a new Frame using its own MAC address, along with a destination MAC address of PC 2 as the destination MAC address and sends the Frame across the wire.
Image 222.5 – Router 2 – PC 2 Message
PC 2 looks at the destination MAC address, realizes that the Frame is addressed to it, takes the Frame, strips off the header information and examines the Packet information. From here it realizes that the packet was addressed to him so therefore it strips off the Packet information and uses the data to reconstruct the message that came from PC 1. If it needs to communicate back with PC 1, it now knows the destination address to get back to PC 1.
MAC addresses are the addresses that are used within a subnet, whereas the IP addresses are used to communicate between subnets. MAC address, as it goes from hop to hop to hop along the path, has to change based on which device needs to get the Frame, whereas the IP address within the Packet stays static throughout the entire path. Three devices that are capable of sending messages between subnets are Routers, Firewalls and Layer 3 Switches. All three devices operate at Layer 3, which is the Network Layer. They use the IP address contained in the Packet for sending data between subnets. A Firewall may operate at higher OSI model layers, but it is also considered a layer 3 device since it uses IP addresses for the filtering decisions. When a message goes from one device on one subnet to another, remember that the MAC address changes from device to device, whereas the IP address contained within the layer 3 information in the packet stays constant throughout the entire path. Both Data Link physical addresses and Network logical addresses are used to send Packets between hosts on different subnets. IP (Network layer) addresses are contained in the IP header and MAC (Data Link) addresses are contained in the Ethernet Frame header. A Router uses the logical network address specified at the Network layer to forward messages to the appropriate network segment. Data Link addresses in the Frame changes as the Frame is delivered from hop to hop. At any point in the process, the Data Link destination address indicates the physical address of the next hop on the route. The Data Link source address is the physical address of the device sending the Frame. Network addresses remain constant as the packet is delivered from hop to hop. The Network addresses indicate the logical address of the original sending device and the address of the final destination device.