I got a host having a IP Address 192.168.10.176. We will see how it reacts when it wants to reach out to different IP Addresses.
IP Addresses within Network
In the above picture, whenever the host wants to reach to any IP Address within the network, it sends out ARP Request to resolve the MAC Address. To demonstrate, we tried to ping 192.168.10.177, 192.168.10.178 and 192.168.10.190. As I connect only *.177 PC there was reply from only that machine. It is not important.
Analysing the following sniffer capture.
Note those ARP Requests that our host generates. It requests MAC only for *.177, *.178 and *.190. The conclusion is for all the IPs that are within the network host will directly requests for MAC addresses of those machines.
IP Address outside Network
I try to ping some IP Address outside its network that do not exist.
As there are no hosts with those IPs, all pings fail. Let us analyze the sniffer capture:
Here the host wanted to reach out to an IP Address that is not in its configured network interface. The sequence of things that happened here:
IP Addresses within Network
In the above picture, whenever the host wants to reach to any IP Address within the network, it sends out ARP Request to resolve the MAC Address. To demonstrate, we tried to ping 192.168.10.177, 192.168.10.178 and 192.168.10.190. As I connect only *.177 PC there was reply from only that machine. It is not important.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | # ping -c 1 192.168.10.177 PING 192.168.10.177 (192.168.10.177): 56 data bytes 64 bytes from 192.168.10.177: seq=0 ttl=64 time=0.724 ms --- 192.168.10.177 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max = 0.724/0.724/0.724 ms # # ping -c 1 192.168.10.178 PING 192.168.10.178 (192.168.10.178): 56 data bytes ^C --- 192.168.10.178 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss # ping -c 1 192.168.10.190 PING 192.168.10.190 (192.168.10.190): 56 data bytes ^C --- 192.168.10.190 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss # |
Analysing the following sniffer capture.
Note those ARP Requests that our host generates. It requests MAC only for *.177, *.178 and *.190. The conclusion is for all the IPs that are within the network host will directly requests for MAC addresses of those machines.
IP Address outside Network
I try to ping some IP Address outside its network that do not exist.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | # ping -c 1 192.168.10.200 PING 192.168.10.200 (192.168.10.200): 56 data bytes ^C --- 192.168.10.200 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss # ping -c 1 192.168.1.20 PING 192.168.1.20 (192.168.1.20): 56 data bytes ^C --- 192.168.1.20 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss # ping -c 1 1.3.2.4 PING 1.3.2.4 (1.3.2.4): 56 data bytes --- 1.3.2.4 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss # |
As there are no hosts with those IPs, all pings fail. Let us analyze the sniffer capture:
- Requests for the MAC Address of 'Default Gateway' that is configured(i.e. 192.168.1.177).
- Host took note of the MAC address of gateway, say it gw-mac
- Following packets destined to that IP address will have destination mac as gw-mac. Other elements like source mac, source IP and destination IP will be as usual
The aim here is -- Host has to deliver the packet to the gateway that is capable of routing. That is why the destination mac is of the gateway's. The gateway must be configured such that the packet is routing to its desired network.
No comments:
Post a Comment