preface

Welcome to our GitHub repository Star: github.com/bin39232820… The best time to plant a tree was ten years ago, followed by now

Where t

Gateway, routing, in fact, each of us are needed to get online, but the specific principle is not to be arranged.

  • Relearn the Web series (The Past and Present of HTTP)
  • Relearn network Series (My name is IP)

One’s whole life is like a mirror of flowers and moons. Today it’s very bright, tomorrow it’s a dream. Instead of reminiscing about the beauty of the old garden, it is better to put down the prosperity and find a sea of bamboo. A thin flute, a song proud smile. A curved cold moon, a shoulder of ancient love and hatred.

The ICMP and Ping

Basically, we’ve all had the problem of not being able to connect to the Internet. The machine is there, and you can even access it through the terminal. It looks all right, but it won’t connect. What’s wrong with it

Generally speaking, we think of Ping. Do you know how Ping works?

Ping works based on ICMP. ICMP Internet Control Message Protocol. The key word here is “control”, how exactly is it controlled?

ICMP is a network layer protocol.

A newly built network, often need to carry out a simple test first, to verify whether the network is smooth; But THE IP protocol does not provide reliable transmission. If a packet is lost, the IP protocol does not inform the transport layer whether or why a packet is lost. So we need a protocol to accomplish this function – ICMP protocol.

ICMP function

  1. Verify that the IP packet successfully reached the destination address
  2. Indicates the reason why an IP packet was discarded during sending

Here are a few things to note:

  1. ICMP works over IP, but it is not a transport layer function, so it is still classified as a network layer protocol
  2. ICMP can be used only with IPv4. If IPv6 is used, ICMPv6 must be used

ICMP format

ICMP packets are contained in IP datagrams. The IP header is first in ICMP packets. An ICMP packet consists of an IP header (at least 20 bytes), an ICMP header (at least eight bytes), and an ICMP packet (the data part of an ICMP packet). When the value of the protocol field in the IP header is 1, it indicates that the packet is an ICMP packet. The ICMP header is shown below.

Ping sending and receiving process.

Assume that host A’s IP address is 192.168.1.1 and host B’s IP address is 192.168.1.2, both on the same subnet. What happens when you run “ping 192.168.1.2” on host A?

When the ping command is executed, the source host first constructs an ICMP request packet containing multiple fields. The most important are two. The first is the type field, which is 8 for the request packet. The other is the serial number, which is used to distinguish multiple packets sent during continuous ping. Each time a request packet is sent, the sequence number is automatically incremented by 1. To be able to calculate the round-trip time RTT, it inserts the sending time in the data portion of the message.

This packet is then delivered to the IP layer by ICMP along with the address 192.168.1.2. The IP layer will construct an IP packet with 192.168.1.2 as the destination address, the local IP address as the source address, plus some other control information.

Next, you need to add the MAC header. If the MAC address of IP address 192.168.1.2 is found in the ARP mapping table, you can use the MAC address directly. If no, send ARP to query the MAC address. After obtaining the MAC address, the data link layer constructs a data frame. The destination address is the MAC address transmitted from the IP layer, and the source address is the MAC address of the local host. Some control information is also attached and sent out according to Ethernet’s media access rules.

Host B checks the destination MAC address of the frame and compares it with the local MAC address. If yes, host B receives the frame. Otherwise, host B discards the frame. After receiving, check the data frame, extract the IP packet from the frame, and hand it to the IP layer of the local machine. Similarly, the IP layer checks and extracts useful information to the ICMP protocol.

Host B constructs an ICMP reply packet. The type field of the reply packet is 0, and the sequence number is the sequence number in the received request packet. Host B then sends the reply packet to host A. If the source host does not receive an ICMP reply packet within the specified period, the destination host is unreachable. If an ICMP reply packet is received, the destination host is reachable.

Details of the MAC header and IP header

Once an IP address and gateway are configured, it is often possible to specify a destination address for access. Because the MAC address and IP address change are involved in cross-gateway access, it is necessary to describe the DETAILS of the MAC header and IP header.

In the MAC header, there is the destination MAC address, then the source MAC address, and then a protocol type to indicate that the IP protocol is in the header. The version number in the IP header, so far the dominant version is IPv4, and then it goes to the next layer, which is TCP or UDP. The most important are the source IP and destination IP. First the source IP address, then the destination IP address.

On any machine, when accessing another IP address, it determines whether the destination IP address and the IP address of the current machine are in the same network segment. How to identify the same network segment? CIDR and subnet mask are required.

If it’s on the same network segment, for example, if you’re visiting your neighbor’s computer, there’s no gateway. You just put the source address and destination address into the IP header, and then you get the MAC address through ARP. You put the source MAC address and destination MAC address into the MAC header, and then you send it out.

What if you are not on the same network segment, for example, if you want to access a BBS on your campus network? This needs to be addressed to the default Gateway, Gateway. The Gateway address must be on the same network segment as the source IP address. It’s usually either the first or the second. For example, in the network segment 192.168.1.0/24, the Gateway is usually 192.168.1.1/24 or 192.168.1.2/24.

How to send to the default gateway? Isn’t the gateway on the same network segment as the source IP address? The source and destination IP addresses are added to the IP header, the GATEWAY MAC address is obtained through ARP, the source and gateway MAC addresses are added to the MAC header, and the MAC address is sent. The gateway’s port, such as 192.168.1.1/24, accepts network packets and then what it does next is entirely up to the gateway.

A gateway is usually a router, which is a layer 3 forwarding device. What do you mean three-tier equipment? A device that removes both the MAC and IP headers and then, based on the contents, sees where to forward the packet next.

In many cases, a gateway is called a router. Not exactly, but another analogy is more apt: a router is a device with five network ports or network cards, equivalent to five hands connected to five lans. The IP address of each hand is on the same network segment as the IP address of the LAN, and each hand is the gateway of the LAN it holds.

Any packet that wants to go to another LAN, it goes to one of these hands, it goes in, takes the MAC header and the IP header, and let’s see, based on my own routing algorithm, selects the other hand, adds the IP header and the MAC header, and then throws it out.

Which IP header and MAC header are changed and which remain the same?

A MAC address is a valid address within a LAN. Therefore, the MAC address must change whenever it passes through the gateway because the LAN has changed. The main difference is whether the IP address changes. A gateway without changing its IP address is called a forwarding gateway. The gateway that changes the IP address is called a NAT gateway.

Combine this with the figure below

Server A wants to access server B. First, server A will think, 192.168.4.101 and I are not in the same network segment, so it needs to send to the gateway first. Who is the gateway? The gateway is 192.168.1.1. What is the MAC address of the gateway? Send ARP to obtain the MAC address of the gateway and then send packets. The contents of the package look like this:

  • Source MAC address: MAC address of server A
  • Destination MAC address: 192.168.1.1 MAC address of the network port
  • Source IP: 192.168.1.101
  • Destination IP address: 192.168.4.101

When the packet reaches 192.168.1.1, it finds that the MAC address is the same. It accepts the packet and starts to think about where to forward the packet.

After configuring A static route on router A, you need to access 192.168.4.0/24 through 192.168.56.1 with the next hop 192.168.56.2.

So router A thinks and matches the route to 192.168.56.1 and sends it to 192.168.56.2. What is the MAC address of 192.168.56.2? Router A sends ARP to obtain the MAC address 192.168.56.2 and then sends A packet. The contents of the package look like this:

  • Source MAC address: 192.168.56.1 MAC address
  • Destination MAC address: 192.168.56.2 MAC address
  • Source IP: 192.168.1.101
  • Destination IP address: 192.168.4.101

When the packet arrives at 192.168.56.2, it finds the MAC address is the same, receives the packet and starts to think about where to forward the packet. A static route has been configured on router B. To access 192.168.4.0/24, a static route must be routed through 192.168.4.1 without next hop. Because this card on my right hand is in this network segment, and I’m the last hop.

When router B thinks about it, he matches the route to 192.168.4.1 and sends it to 192.168.4.101. What is the MAC address of 192.168.4.101? Router B sends ARP to obtain the MAC address 192.168.4.101 and then sends a packet. The contents of the package look like this:

  • Source MAC address: 192.168.4.1 MAC address
  • Destination MAC address: 192.168.4.101 MAC address
  • Source IP: 192.168.1.101
  • Destination IP address: 192.168.4.101

The packet reaches server B, the MAC address matches, and the packet is received.

Through this process, you can see that each new LAN, MAC is changed, but the IP address remains the same. In the IP header, no gateway IP addresses are stored. The so-called next hop is that some IP address is going to translate that IP address into MAC and put it in the MAC header.

Problems encountered in the above process

Think about it for a moment. There is no discussion between lans, and each network segment is set separately, so IP segments conflict, as shown in the following figureThe leftmost address is 192.168.1.101, and the rightmost address is 192.168.1.101. If you look at the IP address alone, you can almost access yourself. In fact, 192.168.1.101 accesses 192.168.1.101

How to solve this problem? Since there is no discussion between the local area network, you are in charge of each other, then to the international, that is, in the middle of the local area network, you need to use another address. Just like going abroad, can not use our own ID card, but to use a passport, and can not use their own country’s ID card.

First, target server B needs to have an international identity internationally, so we give it 192.168.56.2. On gateway B, we note that the international identity 192.168.56.2 corresponds to the domestic identity 192.168.1.101. If you want to access 192.168.56.2, switch to 192.168.1.101.

Therefore, source server A wants to access destination server B, and the destination ADDRESS must be 192.168.56.2. This is its international identity. Server A wants to send 192.168.56.2 to the gateway because it is not in the same network segment as mine. Who is the gateway? The gateway is 192.168.1.1. What is the MAC address of the gateway? Send ARP to obtain the MAC address of the gateway and then send packets. The contents of the package look like this:

  • Source MAC address: MAC address of server A
  • Destination MAC address: 192.168.1.1 MAC address of the network port
  • Source IP: 192.168.1.101
  • Destination IP address: 192.168.56.2

When the packet reaches 192.168.1.1, it finds that the MAC address is the same. It accepts the packet and starts to think about where to forward the packet.

Router A has configured A static route: To access 192.168.56.2/24, you need to exit 192.168.56.1. There is no next hop, because the network card on my right hand belongs to this network segment. I am the last hop.

When router A thinks, it matches the route to 192.168.56.1 and sends it to 192.168.56.2. What is the MAC address of 192.168.56.2? Router A sends ARP to obtain the MAC address 192.168.56.2.

When network packets are sent to the intermediate Lans, server A also needs to have an international identity. Therefore, the source IP address of server A is 192.168.56.1 instead of 192.168.1.101. The contents of the sent packet look like this:

  • MAC: the MAC address of 192.168.56.1
  • Standard MAC: 192.168.56.2 MAC address
  • IP: 192.168.56.1
  • The IP: 192.168.56.2

When the packet arrives at 192.168.56.2, it finds the MAC address is the same, receives the packet and starts to think about where to forward the packet. Router B is a NAT gateway. It is configured to access the international identity 192.168.56.2 and the domestic identity 192.168.1.101, so it accesses 192.168.1.101.

A static route is configured on router B: To access 192.168.1.0/24, you need to exit through 192.168.1.1. There is no next hop, because the network card on my right hand belongs to this network segment and I am the last hop.

When router B thinks about it, he matches the route and sends it from 192.168.1.1 to 192.168.1.101.

What is the MAC address of 192.168.1.101? Router B sends ARP to obtain the MAC address of 192.168.1.101 and then sends packets. It went like this:

  • Source MAC: indicates the MAC address of 192.168.1.1
  • Destination MAC address: 192.168.1.101 MAC address
  • Source IP: 192.168.56.1
  • Destination IP address: 192.168.1.101

According to the packet received by server B, the source IP address is the international IDENTITY of server A. Therefore, when A packet is returned, the source IP address is also sent to the international identity of server A. Router A performs NAT to translate the packet to the domestic identity.

As you can see from this process, the IP address will also change. This process is called Network Address Translation, or NAT for short.

In fact, this second way we often see, now everyone has a home router, home network segment is 192.168.1. X, so you certainly can not access your neighbor’s private NETWORK IP address. So, when we send packets at home, the home router NAT becomes the address of the carrier.

How do I configure a route?

A router is a network device with multiple network cards. When an incoming network packet is sent to the router, it uses a local forwarding database to determine how to properly forward the traffic. This forwarding database is often referred to as a routing table. A routing table contains multiple routing rules. Each rule contains at least three pieces of information.

  • Destination Network: Where does this package want to go?
  • Exit device: Through which port will the bag be thrown?
  • Next-hop Gateway: indicates the IP address of the next router.

For example, if we set IP route add 10.176.48.0/20 via 10.173.32.1 dev eth0 to the destination network 10.176.48.0/20, we need to exit port eth0 via 10.173.32.1.

Dynamic routing algorithm

When I studied computer network and data structure in university, I knew that there are two common methods to find the shortest path, one is Bellman-Ford algorithm and the other is Dijkstra algorithm. These two methods are also used in computer networks.

  • Distance vector routing algorithm
  • Link state routing algorithm

At the end

Let me ask you a few questions

  • When you visit www.taobao.com, the packet you send needs to be translated into public IP through NAT, and the data returned by Taobao needs to be changed from public IP to your LAN IP. Assuming that there are many IP addresses in my LAN, how can he know which one corresponds to which one

NAT includes not only IP addresses but also port numbers for address replacement. To be specific, in the packets that we request to connect to the extranet server, besides the source and destination IP addresses, there are also source and destination port numbers. The destination port number is fixed, such as 21 or 80. But the source port number is randomly generated. When a packet reaches the NAT device, the private IP address is replaced with a public IP address, and the port number is also replaced with a port number randomly generated by NAT. NAT port numbers correspond to hosts on the LAN, and the NAT device maintains a table of port numbers and hosts. When the extranet server returns data to the NAT device, the NAT device uses the port number in the returned data packet to find the host on the LAN and forwards the data.

In this way, the complete realization of the LAN host on the external network function.

  • When packets in our network travel across the network, the destination MAC address and the source MAC address change, the destination IP address and the source IP address change.

The answer is in the article.

reference

  • Anecdotal stories network
  • The ICMP as principle

Daily for praise

Ok, everybody, that’s all for this article, you can see people here, they are real fans.

Creation is not easy, your support and recognition, is the biggest motivation for my creation, we will see in the next article

Wechat search “six pulse Excalibur program life” reply 888 I find a lot of information to you