Is it true that the internal IP address of a computer stays in the packet header as the source IP when it goes outside of the network?
Hi,
I am working through my CCNA and came across the concept that the internet layer adds the source and destination IP to the Frame header.
For example, if the computer's internal IP is say 10.1.0.211 and the destination is say Google DNS which might be 8.8.8.8.
So even though the packet leaves the internal network the CCNA course explains the source and destination IP remains the same. Only the MAC addresses change each hop to the destination. Say your are pinging 8.8.8.8 from 10.1.0.211. How does 8.8.8.8 know where to reply to since 10.1.0.211 is an internal IP address and not externally routable?
It seems like somewhere the external IP address of the router on the internal network would have to be added, but the CCNA course doesn't say that. Otherwise, how would 8.8.8.8 know where to respond?
Is that true then that there is an internal IP and an external source IP get added to the packet at the internet layer for packets that leaves an internal network? If not, how does the destination computer know where to reply to?
Thanks for your help in advance,
Confused Shaun
I am working through my CCNA and came across the concept that the internet layer adds the source and destination IP to the Frame header.
For example, if the computer's internal IP is say 10.1.0.211 and the destination is say Google DNS which might be 8.8.8.8.
So even though the packet leaves the internal network the CCNA course explains the source and destination IP remains the same. Only the MAC addresses change each hop to the destination. Say your are pinging 8.8.8.8 from 10.1.0.211. How does 8.8.8.8 know where to reply to since 10.1.0.211 is an internal IP address and not externally routable?
It seems like somewhere the external IP address of the router on the internal network would have to be added, but the CCNA course doesn't say that. Otherwise, how would 8.8.8.8 know where to respond?
Is that true then that there is an internal IP and an external source IP get added to the packet at the internet layer for packets that leaves an internal network? If not, how does the destination computer know where to reply to?
Thanks for your help in advance,
Confused Shaun
ASKER
Thanks heaps for the reply! This is all really interesting.
So what you are saying is I might not have gotten to the part of the course that explains the contents of the frame header when it leaves the internal network. So the gateway router strips off the internal source IP and port and puts on the router's external IP, leaves the original destination IP and adds a unique source port so it can remember which communication is destined for which computer? When it gets back the reply, it strips off the external IP as destination and puts back the original internal source IP and port?
So what you are saying is I might not have gotten to the part of the course that explains the contents of the frame header when it leaves the internal network. So the gateway router strips off the internal source IP and port and puts on the router's external IP, leaves the original destination IP and adds a unique source port so it can remember which communication is destined for which computer? When it gets back the reply, it strips off the external IP as destination and puts back the original internal source IP and port?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That's awesome! Thanks for that. It makes heaps more sense now!
The piece you are missing is that at the gateway router, the router's own external IP address is substituted for the internal IP address and generally a new port number replaces the original port number. The internal IP and port number are not disclosed to the outside.
While the transaction is in flight, and as long as the connection subsequently remains open, the router remembers the association between the outbound port number and the internal IP address and port number.
When the router receives an inbound packet, it uses the port number to back-translate the internal IP and port before sending the packet along.
In this way, a sort of firewall is created: an external host cannot initiate a connection with a given internal (protected) host because it has no way to know which port number connects to the target. Connections have to be initiated by the internal host (but I go on to talk about port forwarding below).
NAT routers can also be configured to do port-forwarding. When a connection requests arrives for one of the forwarded ports, it is translated into a connection request on the configured internal IP address and port.