Embedded Files
Project Overview
This was a one week series of assignments on how layer 3 of the OSI works. It looked deep into routing, gateways, and how they are optimized.
In order to find the IP address and route, the ip addr and ip route commands were used. this shows, that for the server vm, the ip is 10.12.17.91, on the local network, and has a default route that takes 5 hops through the default gateway 10.12.16.1
This is the same, but on the main VM. main ip was 10.12.17.234 and gateway was 10.12.16.1 (note that its the same for both vms)
The hostname was also the same for both devices
Looking into the IP route command, it shows that the computer is directly connected to 10.12.17.234, via the default route 10.12.16.1, with a gateway ip of 10.12.17.234
Taking this further, predictions were made on what happens when traffic is sent to specific IPs:
The other VM (local): it would go directly to it, as the gateway is only required for connections on the internet. Therefore it wouldn’t take any hops, as it has a direct route on the LAN.
8.8.8.8 (internet, no dns): As it isn’t on the LAN, it would need to use the gateway, but take very few hops as it is going directly to an IP. total hop amount of somewhere around 10.
google.com (internet, dns): It also isn’t on the LAN, but also requires a DNS lookup. It would take much more hops in the process of this lookup, anywhere in the range of 15-30.
Directly connected to 10.12.17.234, via the default route 10.12.16.1, with a gateway ip of 10.12.17.234
Predictions on if traffic was sent to:
The other VM (local): it would go directly to it, as the gateway is only required for connections on the internet. Therefore it wouldn’t take any hops, as it has a direct route on the LAN.
8.8.8.8 (internet, no dns): As it isn’t on the LAN, it would need to use the gateway, but take very few hops as it is going directly to an IP. total hop amount of somewhere around 10.
google.com (internet, dns): It also isn’t on the LAN, but also requires a DNS lookup. It would take much more hops in the process of this lookup, anywhere in the range of 15-30.
Technical Development
Comparing the pings of:
pinging myself
pinging a device on the LAN
pinging a device on the internet
it shows that with less hops (closer), the ping is way faster. Crossing the barrier over the router adds much more latency to the ping.
IP addr shows that the local IP of the machine is 10.12.17.234. This address is not globally unique, as any local IPs are LAN specific. It was determined to be that through the first numbers in it, with 10.12 being the IP starter for a local ip.
Some reserved ranges according to RFC1918 include:
10.0.0.0-10.255.255.255
172.16.0.0-172.31.255.255
Some of the other big assignments were within Cisco Packet tracer. Exploring layer 3, a very simple WAN was created. While they do share the same gateway, they have different switches so it is a rough analogy.
Testing & Evaluation
The prediction was when sending traffic to the UTM VM, since it is on the same network, it should directly hop to it. Sending to an external server (8.8.8.8) would required a hop through the gateway. Upon running the commands, the prediction was found to be right
On pinging the partners private IP, the ping successfully was sent
On pinging the public IP, the ping failed to be returned.
My partner noticed that our IP addresses were the same. Upon looking into it, it was found that all the computers on campus shared this IP address. This explains why the pings to it didn't work, as the router doesn't know where to send it within the network.
Using that psuedo internet created in development, A packet was attempted to be sent accros networks. It was found that the packet couldn't cross the router boundry, because it wouldn't know where to go.
Packet step 1: still originating from host device
Packet step 2: Within the switch
Packet step 3: Within the router, notice that there's no out layers because it doesn't know where to route it from here
When the packet leaves PC0, it has the proper intended destination, But it is unaware of the MAC of that device. When it gets to the router, the frame fizzles out as it doesn't know the destination IP due to it being a private network. In the process of getting there, it keeps the same data completely. Without any TCP or UDP layers involved, the packet undergoes no changes.
Comparing 8.8.8.8 to google.com, the first hop is the same as it is going to the router, and then google has more hops, probably for DNS as above, and they diverge at hop 6 (first 5 hops are identical)
Looking deep into the google.com traceroute, the first 5 hops are a mix of LAN and ISP.
10.12.16.1 – LAN, router, private address (private range)
10.0.0.3 – LAN, router, private address (private range)
173.95.44.209 – Public, Backbone, routing server (173 range is not assigned to anyone)
24.25.62.237 – Public, ISP, routing server (24.25 is a ISP range)
24.25.62.242 – Public, ISP, routing server (24.25 is a ISP range)
Comparing the first routing step of a a LAN IP to a public IP, the routing decision for the LAN is to take a hop straight there, no “via xxx.xxx.xxx.xxx” like the LAN.
IP route get shows the gateway(router) and eventual destination, while traceroute traces the whole route by basically pinging every server along it. Route shows layer 2, while traceroute with its continued connection shows layer 3
Reflection & Analysis
After the first assignment, which introduced routing and traceroute, it taught us the role of the routing table, which was to be a digital database stored on the router that helps determine the next hop (and generally helps to direct data packets around the network). The default gateway is where anything that doesnt match the routing table, which will get it to a DNS server/an internet-wide routing table to get the packet where it needs to go. Basically, for local, thanks to the routing table, direct delivery is possible. If it is not on the same local network, the packet will be sent to the default gateway, which will use its advanced routing table to get it where it needs to go. This means that the router doesn't need to be involved on local packets at all, past providing the routing entry in the table.
NAT Reasoning
By reusing private IP addresses, it allows for way more devices. It makes every internet gateway only take 1 IP, and then the devices on the inside can have whatever IP the router decides. They are not routed on the public internet to avoid congestion. If every internal device required its own public IP, the internet would drastically slow down with all the new routes that previously local only packets can't take anymore. Business es typically have 1 public ip as thats all they need. By keeping private ip addresses only within a network, it greatly simplifies WAN design.
Packet Tracer Experience
The packet tracer activity illustrated how fragile networking is. By not setting a default gateway, the packet got lost, and without higher upper layers, fizzled out without any warning of its failure. The switch never modifies an IP address because it's job is just to get a packet where it needs to go, and it has enough technology in it to remember the correct path. The router must modify the MAC address though to make sure that when it is being sent back to it, it comes to the router, which will then route it back to home port. the source IP remains the same as they are 2 private networks and share the IP address, which is one of their issues. In this situation, the next hop refers to the next device the packet will go to. The default gateway is always a necessary hop, as it is the entrance/exit to the private network.
Traceroute/Ip Route
Using these 2 new commands, traceroute and ip route, advanced or simple information on the route a packet takes can be gained. It shows the first hop, which is usually the router connecting to the internet, and private IPs along this route that the packet takes within this LAN. It shows how, as long as the same network is used, the first couple jumps are standard, as they all need the same route before being able to branch out on the internet. A routing-table decision is what's behind this, as it's the actual thing making the choice to consistently take the first steps, while a traceroute path shows this.
Page updated
Report abuse