Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 9850
  • Last Modified:

the default gateway

Consider the following

Host a workstation
Host b default router

If host a wants to wants to surf the
web it need to route its packed through
host b ( am I right so far )
How does it do this?
Is host b listening to every port and
relaying the incoming packets?

Or does host a know that it need
to use the default host as it can
see it does not know the route by
examine its routing table and so
change the way it sends its requests?

Also how do you know why routing
Protocol your network is using
RIP, IGRP, OSPF, other?



0
thedogeater
Asked:
thedogeater
  • 4
  • 2
1 Solution
 
SteveJCommented:
You are essentially correct.

Your host knows how to get to other stations on the same logical network because it's internal routing table lists it's own interface as the route to other stations on the logical network. Assume your host IP address is 10.1.1.1, part of your routing table will look like:

(a) 10.1.1.0 (b) 255.255.255.0 (c) 10.1.1.1 (d) 10.1.1.1

Where
a = the logical network you are connected to
b = the network mask for the connected logical network
c = the gateway to the hosts on (a)
d = the interface to use to get to (c)

For routes that your workstation doesn't have in its routing table you use a default route. Assume your default router IP address is 10.1.1.254. The default routing entry looks like:

(a) 0.0.0.0 (b) 0.0.0.0 (c) 10.1.1.254 (d) 10.1.1.1

The only way to know what protocol the router is using (which has NOTHING to do with the workstations) is to either sniff the network using a packet sniffer or ask the network administrator. There's nothing inherent about routing protocols that you can deduce from your workstation.

To learn more about how hosts interact start by reading about address resolution protocol (ARP).

Good luck.
Steve
0
 
SteveJCommented:
I should have added that the assumption is also that your default router (10.1.1.254 in my example) has a route to the internet.

Steve
0
 
thedogeaterAuthor Commented:
Ok thanks for that

but why do you say logical network and not just IP?
is there something subtle I am missing.

And the middle part of my question, when you workstation has decided it needs to use the default gateway
does it just set one of the IP headers?
How does the router listen out for these packets is
there a service running listeing to everthing?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
SteveJCommented:
When you bind an ethernet driver to an interface card whether it's a router or a workstation, that driver "listens" for its own ethernet address on the network.

When you send a packet from 10.1.1.5 to 99.99.99.99, which is not on your network, then your workstation refers to its own routing table and sees that (a) it doesn't have a route to 99.99.99.99 but (b) it does have a default route through a gateway. Your workstation the creates an ethernet header WITH THE DESTINATION HARDWARE ADDRESS OF THE GATEWAY and a destination IP address of 99.99.99.99 . . .

You need to read about ARP to understand what's going on. Im too lazy to give you much more than the two paragraphs above. At least for now.

By the way: to me "IP network" can mean multiple segments or logical networks. And by "logical" I mean that they are physically connected but require the logic of firmware and software to enable communications among stations . . . or something like that.

Good luck.
Steve
0
 
quietyakr3Commented:
Steve's explaination here is very good.  I would add one more thing.  There is a way that a host can operate with a router that it does not have programed as it's default gateway.  This is a very bad thing and should never be done unless you have a stupid device that can't handle a routing table/default gateway.  It's a feature called proxy arp.  

Basically when you do this, the router will arp in proxy for every host on the internet.  This allows the client to operate without a routing table because it keeps asking where is 1.2.3.4 or whatever and the router who address is actually say 5.3.87.323 or whatever says, yeah.... I'm 1.2.3.4 also.  It does this for every host on the internet that any of the devices on it's LAN ask for.  From the perspective of the hosts on the LAN, they think the entire internet is on the local LAN and it makes very big ARP tables and a lot of a ARP traffic on the LAN.  

Like I said, this is not a good thing and that is why you should almost always see something like "no ip proxy-arp" on the ethernet config of a router.
0
 
thedogeaterAuthor Commented:
I am reading up on the Address Resolution stuff
can you suggest any good links?
0
 
SteveJCommented:
I'd buy the Richard Stevens' book on TCP/IP. Here's a link:

http://www.amazon.com/exec/obidos/ASIN/0201633469/yosemitewebindex/102-8350974-4044122


Good luck.
Steve
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now