Up until this point, we've discussed the general concepts of computer networks and networking protocols. We know that computers communicate over networks by breaking up data, encapsulating it, and sending it out on the network where it will eventually find its way to our intended recipient. How our packets reach their destination or what happens to them after they leave our computers is still a mystery.
In this lesson we will follow the path of the internet packet and in doing so, will discover the various components that form the Internet's infrastructure (i.e. the cloud you see below).
|⇐||Move your mouse over the cloud to see what our view of networks will be like by the end of this lesson.|
|Our current view of the Internet and computer networks|
Practically speaking, a network provides the medium for communication between the entities connected to it. Think of your room in Bancroft Hall as a network that provides a medium for communication for its occupants. If you are in your room and want to talk to your roommates, you just speak out loud and they will hear you because you all share the same network. Depending on your room, you could have as many as four roommates, or as few as one. With five people in one room, it can be very difficult to carry on a conversation if everyone is talking at once. So, each person must wait for a pause in the conversation before adding to the conversation. Computer networks, in their simplest form, are exactly like your room in Bancroft Hall. A packet sent across the network by one host is received by all other hosts on the same network. Hence, each host must wait for a break in packet transmissions on the network before sending their own packets. As each new host is added to the network, this wait time grows exponentially — i.e. really fast.
What if you want to communicate with a Mid outside of your room? How do you do it, since your spoken voice is confined to just your room? Forgetting about cellphones or the Internet chatting, let's use Bancroft's own infrastructure. You can use the Bancroft Hall telephone system to reach another room. Just dial 1 followed by the room number you wish to reach. For example, you would dial 1x3101 to reach room 3101, located on deck 3-1. Every room on the same deck has the first two digits of its room number in common. There is even a special number for the Company Mate of the Deck, so you could call the CMOD on that deck and ask for a specific person's room number if you knew which deck that person lived on. If each room in Bancroft is a network, Bancroft Hall's telephone system is like a network of networks (like the Internet, but on a much smaller scale), connecting rooms together. Your room phone provides you access to other rooms in the Hall, just as your modem at home provides you access to other computer networks via the Internet.
In the simplest case, a network is formed by a number of hosts connected by cables to a hub. Any packet your host sends to the hub is copied to every host on the network — so the situation is really just like the room in Bancroft: everyone hears everything. Naturally, this creates a lot of extraneous traffic.
Because we normally don't see all the wires and other hosts or
hubs in a network, it's not always obvious whether host A and host
B are on the same network.
So, how do we tell which hosts are on the same network? What
As we know, each host has
an IP address.
Two hosts on the same network have the same initial chunk of bit
in their IP Addresses. How big that initial chunk of bits has to
be is defined by a 32-bit number called the subnet mask. This
number, if you write it out in binary looks like a chunk of 1's
followed by a chunk of 0's. That chunk of 1's
defines the bits that are identical for every host in the network.
The subnet mask is
used, like a
secret revealer , to reveal a hidden address within an IP address. This hidden address is called the network address and is common to all IP addresses on the same network. If you were to apply a network's subnet mask on every IP address on that network, each one would reveal the same number. This common number is called the network prefix and you will often see it added on the end of an IP address as an alternative to explicitly specifying the subnet mask. For example, 220.127.116.11/8 is short for 18.104.22.168 mask 255.0.0.0 because a 255.0.0.0 network shares a common first eight bits of every IP address. See for yourself using the tool below.
ipconfigin a Windows command prompt or
ifconfigin a Unix terminal.
falseare replaced with
0, respectively. The adjacent truth table defines the result of A•B.
The network prefix is highlighted in yellow. The remaining bits of each IP address are used to distinguish each IP address on the network. You should notice that this part coincides with the 1's from the subnet mask ... this is no coincidence. The network address is calculated by ANDing the IP address and subnet mask bit by bit.
This is how computers determine if an IP address is on the same network as they are. The subnet mask is applied to two IP addresses. If the resultant network addresses are the same, then the two hosts are on the same network and, therefore, able to communicate directly with each other.
The maximum possible number of IP addresses, and, therefore, hosts
on any network is determined by its subnet mask.
Example: For a 255.255.255.0 network (prefix of 24),
the last eight bits are available for different IP addresses.
Therefore, since each bit can only be a
0 (one of two possibilities), the total number of unique
numbers is given by 28. Two IP addresses in every network
are reserved, therefore, the total number of available IP addresses of
the example network is 28-2 (see note).
http://maps.google.comin the address bar and hits enter. Let's assume that the name, maps.google.com, resolves to IP address 22.214.171.124. Next, the client will send a GET / HTTP/1.0 request to 126.96.36.199 on port 80, but where is 188.8.131.52 and how does one get there?
This problem is similar to passing notes in class. You want to send your note to Bob, but the problem is that Bob is across the room. You must rely on the other people in class to forward your note to Bob. There are many paths from you to Bob, but it would be inefficient to take the time to analyze all possible routes and then specify the optimal route because there is no way for you to enforce the specified route. Each person will make a decision as to what to do with the note next. Besides, as long as the note reaches Bob, do you really care how it gets there?
Computers do not waste time calculating the best route for each packet to its destination. Computers only decide where the packets goes next. That decision is made simpler by having a default IP address to send all packets to for destinations not on the host's network. The default address is known as the default gateway and the host at that address is a specialized computer called a router.
Now that we know about the default gateway and routers, our client has an easy decision to make as to where to send the http request. Since 184.108.40.206 is not on the client's network, the client sends the request to its gateway router. The router looks up the next hop based on the destination network and forwards the packet to the next router. This process repeats until the packet reaches the destination host's gateway router, where the packet will be forwarded directly to the destination host.
Let's step back to the point at which the client (the sender) received the destination IP address from the name resolution and see what happens when the hosts in a given network are connected via a switch rather than via a hub. Suppose the client ANDs the destination IP address with the subnet mask and the resultant network address is the same as the client's network address. That means that the client and server (the recipient) are connected to the same network. Now what?
A switch forwards packets to the recipient, like a router, rather than to every host on the network. The difference is how the switch determine where to forward packets. To explain further requires more understanding of the link layer of the TCP/IP stack.
The link layer is responsible for the interconnectivity of the physical links between hosts on a network. Links are the physical connections between hosts (e.g. Ethernet cable). Ethernet is the most popular type of link, but there are many other different types used in computer networks. Each different physical link type has its own implementation of the link layer, but all types share the same Internet layer. This is what allows hosts on any physical link type to communicate via the Internet.
Like the Internet layer of the TCP/IP stack, the Link layer must
provide a means of distinguishing one host from another. It does this
with physical addresses, which are commonly referred to as MAC
addresses. MAC (Media Access Control) addresses are associated
with a host's network adapter, not the host itself. Hence, a host may
have multiple MAC addresses (one for each adapter). Furthermore, MAC
addresses are permanently assigned to each network adapter when it is
manufactured, so each device has it's own unique MAC address. Also, like
Internet layer, the Link layer has a broadcast address used to send a
message to all devices on a physical network. The broadcast address for
It is important to also note that the differences between MAC addresses and IP addresses. Below is a summary of some key differences:
+------+-------------------+ | Port | Physical Address | +------+-------------------+ | 1 | 11:22:33:44:55:66 | | 2 | aa:bb:cc:dd:ee:ff | +------+-------------------+ Ethernet Switch MAC Table
Link layer addressing compares to Internet layer addressing, as switches compare to routers. A switch forwards packets based on MAC addresses, while routers forward packets based on IP addresses. Switches learn about host MAC addresses as a result of the network traffic created by each host. Each MAC address is associated with a connection to the switch, or port number, and the association is stored in a table in the switch's internel memory (see adjacent example).
"Sippernet" is the colloquial name for the DoD network - isolated from the Internet - that carries IP data that is CONFIDENTIAL or SECRET. SIPRNet packets are encrypted at the link layer, allowing CLASSIFIED data to travel across untrusted paths (e.g. from a ship to a military satellite), while also allowing non-secure services to still be used at higher levels of the protocol stack.