Cisco: Understanding how Mac and IPs are used to travel the network

I've see a lot of videos on the Internet about packet travel through a network, but I'm looking for a clear detail understanding of how data travels on a network from a Cisco point of view, this info needs to include how the mac-address, IP address are used and what happens to the data (mac and IP address) as it travels through the local area network and also out to the Internet?

Thank you,
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andy CantuCommented:
So let's just say a PC with an IP of is sending a packet out to the internet.  Because this destination address on the internet ( is not in the PC's subnet (, it's going to send this packet to its configured default gateway (

The PC will ARP for this default gateway address ( in order to determine what MAC address to place in the Ethernet Header Destination Field.  It will find the router's MAC address and place it in the Ethernet Header.

The packet will be encapsulated in this Ethernet header (Layer 2 Header) and sent across the link into a switchport.  The switch will then examine this Layer 2 Header, and determine if it has the Destination MAC of the router in it's MAC address table.  If it does, it will send it out the corresponding port where it knows that MAC address lives.  If the switch doesn't know where this MAC address is, it will perform what's called "Unknown Unicast Flooding".  The switch will "flood" the packet out every switchport EXCEPT the one it came in on.

Every switch will repeat these steps until it gets to the destination device, which will accept the packet because its MAC address matches the destination MAC address specified in the Layer 2 Header.  The other devices that got the packet flooded to them will just discard it.

Once the router/firewall receives this packet, it inspects the IP header and finds the destination IP address (  The router/firewall will then perform a lookup in its routing table and check if it has this IP address listed.  If it does, it will forward it out to the next-hop device listed in this routing table entry.  If it doesn't find this address in its table and it has a default gateway (gateway of last resort) configured, it will forward it out to the next-hop device specified in this default route.  

The router will then arp for this default route next-hop IP address to determine its MAC address.  Once it does that, it will replace the Layer 2 Header with one that has that MAC address in its destination field and send it out on that link to the ISP's router.

Most of the time, the internet facing device (router or firewall) will have NAT configured, in order to translate the private IP address used inside the enterprise to public IP addresses that are routable on the internet.  NAT is implemented differently, depending on which device its used on.

That pretty much sums it up.  Let me know if you have any questions.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dsterlingAuthor Commented:
Great answer!, now I would like to know what is in packet, I guess how it it framed and how that packet is used through the switching and routing process, if you want I'll ask this in another question. The answer you gave, answers my question, but I have a question to follow.
Andy CantuCommented:
It'd be better to ask it in a separate question.  This will help everybody, including those who are trying to find solutions to similar problems they're experiencing.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.