Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

the default gateway

Posted on 2002-03-25
7
Medium Priority
?
9,819 Views
Last Modified: 2010-04-11
Consider the following

Host a workstation
Host b default router

If host a wants to wants to surf the
web it need to route its packed through
host b ( am I right so far )
How does it do this?
Is host b listening to every port and
relaying the incoming packets?

Or does host a know that it need
to use the default host as it can
see it does not know the route by
examine its routing table and so
change the way it sends its requests?

Also how do you know why routing
Protocol your network is using
RIP, IGRP, OSPF, other?



0
Comment
Question by:thedogeater
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 16

Accepted Solution

by:
SteveJ earned 300 total points
ID: 6896244
You are essentially correct.

Your host knows how to get to other stations on the same logical network because it's internal routing table lists it's own interface as the route to other stations on the logical network. Assume your host IP address is 10.1.1.1, part of your routing table will look like:

(a) 10.1.1.0 (b) 255.255.255.0 (c) 10.1.1.1 (d) 10.1.1.1

Where
a = the logical network you are connected to
b = the network mask for the connected logical network
c = the gateway to the hosts on (a)
d = the interface to use to get to (c)

For routes that your workstation doesn't have in its routing table you use a default route. Assume your default router IP address is 10.1.1.254. The default routing entry looks like:

(a) 0.0.0.0 (b) 0.0.0.0 (c) 10.1.1.254 (d) 10.1.1.1

The only way to know what protocol the router is using (which has NOTHING to do with the workstations) is to either sniff the network using a packet sniffer or ask the network administrator. There's nothing inherent about routing protocols that you can deduce from your workstation.

To learn more about how hosts interact start by reading about address resolution protocol (ARP).

Good luck.
Steve
0
 
LVL 16

Expert Comment

by:SteveJ
ID: 6896245
I should have added that the assumption is also that your default router (10.1.1.254 in my example) has a route to the internet.

Steve
0
 

Author Comment

by:thedogeater
ID: 6897770
Ok thanks for that

but why do you say logical network and not just IP?
is there something subtle I am missing.

And the middle part of my question, when you workstation has decided it needs to use the default gateway
does it just set one of the IP headers?
How does the router listen out for these packets is
there a service running listeing to everthing?
0
7 Extremely Useful Linux Commands for Beginners

Just getting started with Linux? Here's a quick start guide that has 7 commands that we believe will come in handy.

 
LVL 16

Expert Comment

by:SteveJ
ID: 6899375
When you bind an ethernet driver to an interface card whether it's a router or a workstation, that driver "listens" for its own ethernet address on the network.

When you send a packet from 10.1.1.5 to 99.99.99.99, which is not on your network, then your workstation refers to its own routing table and sees that (a) it doesn't have a route to 99.99.99.99 but (b) it does have a default route through a gateway. Your workstation the creates an ethernet header WITH THE DESTINATION HARDWARE ADDRESS OF THE GATEWAY and a destination IP address of 99.99.99.99 . . .

You need to read about ARP to understand what's going on. Im too lazy to give you much more than the two paragraphs above. At least for now.

By the way: to me "IP network" can mean multiple segments or logical networks. And by "logical" I mean that they are physically connected but require the logic of firmware and software to enable communications among stations . . . or something like that.

Good luck.
Steve
0
 
LVL 2

Expert Comment

by:quietyakr3
ID: 6899960
Steve's explaination here is very good.  I would add one more thing.  There is a way that a host can operate with a router that it does not have programed as it's default gateway.  This is a very bad thing and should never be done unless you have a stupid device that can't handle a routing table/default gateway.  It's a feature called proxy arp.  

Basically when you do this, the router will arp in proxy for every host on the internet.  This allows the client to operate without a routing table because it keeps asking where is 1.2.3.4 or whatever and the router who address is actually say 5.3.87.323 or whatever says, yeah.... I'm 1.2.3.4 also.  It does this for every host on the internet that any of the devices on it's LAN ask for.  From the perspective of the hosts on the LAN, they think the entire internet is on the local LAN and it makes very big ARP tables and a lot of a ARP traffic on the LAN.  

Like I said, this is not a good thing and that is why you should almost always see something like "no ip proxy-arp" on the ethernet config of a router.
0
 

Author Comment

by:thedogeater
ID: 6904028
I am reading up on the Address Resolution stuff
can you suggest any good links?
0
 
LVL 16

Expert Comment

by:SteveJ
ID: 6913178
I'd buy the Richard Stevens' book on TCP/IP. Here's a link:

http://www.amazon.com/exec/obidos/ASIN/0201633469/yosemitewebindex/102-8350974-4044122


Good luck.
Steve
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question