Up until this point, we've discussed the general concepts of computer networks and networking protocols. We know that computers communicate over networks by breaking up data, encapsulating it, and sending it out on the network where it will eventually find its way to our intended recipient. How our packets reach their destination or what happens to them after they leave our computers is still a mystery.

In this lesson we will follow the path of the internet packet and in doing so, will discover the various components that form the Internet's infrastructure (i.e. the cloud you see below).

Move your mouse over the cloud to see what our view of networks will be like by the end of this lesson.
Our current view of the Internet and computer networks


We've already talked about the Internet as a network, but the Internet is actually a network of interconnected networks — hundreds of thousands of them! So, what is just a plain old network?

Practically speaking, a network provides the medium for communication between the entities connected to it. Think of your room in Bancroft Hall as a network that provides a medium for communication for its occupants. If you are in your room and want to talk to your roommates, you just speak out loud and they will hear you because you all share the same network. Depending on your room, you could have as many as four roommates, or as few as one. With five people in one room, it can be very difficult to carry on a conversation if everyone is talking at once. So, each person must wait for a pause in the conversation before adding to the conversation. Computer networks, in their simplest form, are exactly like your room in Bancroft Hall. A packet sent across the network by one host is received by all other hosts on the same network. Hence, each host must wait for a break in packet transmissions on the network before sending their own packets. As each new host is added to the network, this wait time grows exponentially — i.e. really fast.

What if you want to communicate with a Mid outside of your room? How do you do it, since your spoken voice is confined to just your room? Forgetting about cellphones or the Internet chatting, let's use Bancroft's own infrastructure. You can use the Bancroft Hall telephone system to reach another room. Just dial 1 followed by the room number you wish to reach. For example, you would dial 1x3101 to reach room 3101, located on deck 3-1. Every room on the same deck has the first two digits of its room number in common. There is even a special number for the Company Mate of the Deck, so you could call the CMOD on that deck and ask for a specific person's room number if you knew which deck that person lived on. If each room in Bancroft is a network, Bancroft Hall's telephone system is like a network of networks (like the Internet, but on a much smaller scale), connecting rooms together. Your room phone provides you access to other rooms in the Hall, just as your modem at home provides you access to other computer networks via the Internet.

Recall from a previous lecture that a host is just a generic term for a computing device connected to a network endpoint, like the PCs in the diagram at the top of the page. A host could be a laptop, desktop, printer, super computer, server, cellular phone, or even a really fancy refrigerator.

In the simplest case, a network is formed by a number of hosts connected by cables to a hub. Any packet your host sends to the hub is copied to every host on the network — so the situation is really just like the room in Bancroft: everyone hears everything. Naturally, this creates a lot of extraneous traffic.

Because we normally don't see all the wires and other hosts or hubs in a network, it's not always obvious whether host A and host B are on the same network. So, how do we tell which hosts are on the same network? What dicates that? As we know, each host has an IP address. Two hosts on the same network have the same initial chunk of bit in their IP Addresses. How big that initial chunk of bits has to be is defined by a 32-bit number called the subnet mask. This number, if you write it out in binary looks like a chunk of 1's followed by a chunk of 0's. That chunk of 1's defines the bits that are identical for every host in the network. The subnet mask is used, like a secret decoder
secret revealer
, to reveal a hidden address within an IP address. This hidden address is called the network address and is common to all IP addresses on the same network. If you were to apply a network's subnet mask on every IP address on that network, each one would reveal the same number. This common number is called the network prefix and you will often see it added on the end of an IP address as an alternative to explicitly specifying the subnet mask. For example, is short for mask because a network shares a common first eight bits of every IP address. See for yourself using the tool below.

To view your IP address and subnet mask, enter ipconfig in a Windows command prompt or ifconfig in a Unix terminal.
To find out what your network address is, type in your IP address and subnet mask below:
IP Address:  
Subnet Mask:
Network Address:  
Bitwise AND (•) is just a variant of the logical AND, discussed in a previous lecture. Essentially, bitwise AND applies the logical AND to two numbers, bit by bit. Additionally, true and false are replaced with 1 and 0, respectively. The adjacent truth table defines the result of A•B.

The network prefix is highlighted in yellow. The remaining bits of each IP address are used to distinguish each IP address on the network. You should notice that this part coincides with the 1's from the subnet mask ... this is no coincidence. The network address is calculated by ANDing the IP address and subnet mask bit by bit.

This is how computers determine if an IP address is on the same network as they are. The subnet mask is applied to two IP addresses. If the resultant network addresses are the same, then the two hosts are on the same network and, therefore, able to communicate directly with each other.

Each network has two special addresses, which cannot be used by a host. They are the network address and the broadcast address. The broadcast address is used to send a single packet to all hosts on the network and is characterized by the network address followed by all 1's.

The maximum possible number of IP addresses, and, therefore, hosts on any network is determined by its subnet mask. Example: For a network (prefix of 24), the last eight bits are available for different IP addresses. Therefore, since each bit can only be a 1 or 0 (one of two possibilities), the total number of unique numbers is given by 28. Two IP addresses in every network are reserved, therefore, the total number of available IP addresses of the example network is 28-2 (see note).


Our IP packet journey will begin with a host, which we call the client. The client's user types http://maps.google.com in the address bar and hits enter. Let's assume that the name, maps.google.com, resolves to IP address Next, the client will send a GET / HTTP/1.0 request to on port 80, but where is and how does one get there?

This problem is similar to passing notes in class. You want to send your note to Bob, but the problem is that Bob is across the room. You must rely on the other people in class to forward your note to Bob. There are many paths from you to Bob, but it would be inefficient to take the time to analyze all possible routes and then specify the optimal route because there is no way for you to enforce the specified route. Each person will make a decision as to what to do with the note next. Besides, as long as the note reaches Bob, do you really care how it gets there?

Computers do not waste time calculating the best route for each packet to its destination. Computers only decide where the packets goes next. That decision is made simpler by having a default IP address to send all packets to for destinations not on the host's network. The default address is known as the default gateway and the host at that address is a specialized computer called a router.


All routers must be connected to at least two different networks to actually route packets.
Routers are special hosts that are connected to multiple networks and make decisions on where next to send, or route, the packets they receive. In addition to forwarding packets for others, routers also generate their own packets used to communicate with other routers. They communicate using a routing protocol, which is used to maintain accurate routing information for the Internet and to determine where the best next hop is for a packet based on its destination network.

Now that we know about the default gateway and routers, our client has an easy decision to make as to where to send the http request. Since is not on the client's network, the client sends the request to its gateway router. The router looks up the next hop based on the destination network and forwards the packet to the next router. This process repeats until the packet reaches the destination host's gateway router, where the packet will be forwarded directly to the destination host.

Switches and the Link Layer

If hosts on the same network are connected by a hub, we have a reasonable picture of how things work. However, hubs are not often used these days for an obvious reason: it's extremely inefficient to have every host on the network receive a copy of every packet sent. A better (and far more common) approach is to use a switch, which only forwards packets to the host they're addressed to, rather than echoing each packet to every host.

Let's step back to the point at which the client (the sender) received the destination IP address from the name resolution and see what happens when the hosts in a given network are connected via a switch rather than via a hub. Suppose the client ANDs the destination IP address with the subnet mask and the resultant network address is the same as the client's network address. That means that the client and server (the recipient) are connected to the same network. Now what?

A switch forwards packets to the recipient, like a router, rather than to every host on the network. The difference is how the switch determine where to forward packets. To explain further requires more understanding of the link layer of the TCP/IP stack.

Some examples of different links:

The link layer is responsible for the interconnectivity of the physical links between hosts on a network. Links are the physical connections between hosts (e.g. Ethernet cable). Ethernet is the most popular type of link, but there are many other different types used in computer networks. Each different physical link type has its own implementation of the link layer, but all types share the same Internet layer. This is what allows hosts on any physical link type to communicate via the Internet.

Check out your smart phone's MAC addresses!

Like the Internet layer of the TCP/IP stack, the Link layer must provide a means of distinguishing one host from another. It does this with physical addresses, which are commonly referred to as MAC addresses. MAC (Media Access Control) addresses are associated with a host's network adapter, not the host itself. Hence, a host may have multiple MAC addresses (one for each adapter). Furthermore, MAC addresses are permanently assigned to each network adapter when it is manufactured, so each device has it's own unique MAC address. Also, like Internet layer, the Link layer has a broadcast address used to send a message to all devices on a physical network. The broadcast address for Ethernet is ff:ff:ff:ff:ff:ff.

It is important to also note that the differences between MAC addresses and IP addresses. Below is a summary of some key differences:

| Port |  Physical Address |
|  1   | 11:22:33:44:55:66 |
|  2   | aa:bb:cc:dd:ee:ff |
 Ethernet Switch MAC Table

Link layer addressing compares to Internet layer addressing, as switches compare to routers. A switch forwards packets based on MAC addresses, while routers forward packets based on IP addresses. Switches learn about host MAC addresses as a result of the network traffic created by each host. Each MAC address is associated with a connection to the switch, or port number, and the association is stored in a table in the switch's internel memory (see adjacent example).


"Sippernet" is the colloquial name for the DoD network - isolated from the Internet - that carries IP data that is CONFIDENTIAL or SECRET. SIPRNet packets are encrypted at the link layer, allowing CLASSIFIED data to travel across untrusted paths (e.g. from a ship to a military satellite), while also allowing non-secure services to still be used at higher levels of the protocol stack.

Really Useful Demos

We have two really useful demos that former Midshipman Herber put together to illustrate some basic concepts. We strongly recommend that you check them out.

Reprise: What it takes to be a host

This lesson describes an ethernet network, and it describes how multiple networks are connected (via routers) to form an internet. If nothing else, you need to walk away with the following mantra of what it takes to be a host:
Every host on an ethernet network has a MAC address. That's the minimum requirement to play on an ethernet network. Every host that's also on the internet has an IP Address, a subnet mask and the IP Address of a Gateway Router. That's the minimum requirement to play on the internet.