CCNA Routing and Switching
<< IP and Network Fundamentals Course
>> Models, Protocols, and Standards Section
- Understanding TCP/IP and OSI Models
- Understanding Packet Flow Across the Network Part1
- Understanding Packet Flow Across the Network Part2
- Understanding Ethernet LAN Standards
- Understanding Ethernet MAC Addresses
- Understanding WAN Technologies
- Understanding Data Link Layer Encapsulation
- Understanding EoMPLS WAN Technology
- Understanding IP Routing Process Concept
- Understanding Web Browser DNS Lookup
- Understanding ARP Broadcast Message
- Understanding TCP and UDP Protocols
- Understanding TCP and UDP Multiplexing
- Understanding Application Layer Services
- Understanding Quality of Service Concept
I remember the first time asking myself, how the heck IP Packets flow across the network? Well, Understanding Packet Flow Across the Network Part1 and Part2 will show you a clear picture of how Routing and Forwarding decision is made inside a Network device. To explain how packets flow across Network Devices (internally or externally), imagine IP packet generator such HTTP request from Web Browser asking ccnahub.com’s Web Server for a Web Page.
Below I will show you how PC1 requested a webpage from ccnahub.com website, hence, the PC1’s TCP/IP stack went through all the logical steps you learned from the previous article to accomplish a webpage request. However, to accomplish such request, it requires the web server’s TCP/IP stack response as well, therefore, Part1 of this article will go through PC1’s TCP/IP stack request, and part2 will show you how the server fulfilled PC1’s webpage request.
Table of Contents
IP Routing and Ethernet MAC Forwarding
In the end, Routing and Forwarding concept is almost the same thing, however, I believe using IP Packet Routing term at the Network Layer and Frame Forwarding term at the Data Link Layer will be more easy to understand both processes.
- Network Layer Routing Concept: is based on Dotted Decimal Notation Logical destination IP Address inside the IP Packet (172.16.10.20). Meaning, Internet Protocol (IP) Routes IP packets using IP Address System across the internet without really caring or bothering what LAN medium or WAN connection in use such Ethernet, PPP, HDLC, Frame Relay, ATM, Fiber, etc…, therefore, Internet Protocol (IP) Route IP Packets.
- Data-Link Layer Forwarding Concept: If Ethernet used, is based on 12-Hex Character Physical destination MAC Address inside the frame (3001.2222.2222). Meaning, Ethernet Physical Address is used as a vehicle to transport the Packet (s), hence, different MAC address is used on each Hop (a.k.a. different vehicle) till the IP Packet (s) reach handled to its final destination.
In Ethernet Networks: Each Hop represents its own vehicle (MAC address), therefore, Ethernet Protocol or dedicated WAN Protocols such HDLC, PPP, and Frame Relay – all of them, Froward Frames to be processed with the Next-Hop till the Packet’s destination IP Address hit its Network as the final destination.
Note: Keep in mind that Ethernet MAC addresses are ONLY and ONLY associated with Ethernet Protocol, and when it comes to WAN Protocols such, HDLC, PPP, Frame Relay, etc… Data-Link Layer DOES NOT encapsulate IP Packets into Frames using Ethernet MAC addresses.
Each WAN Protocols such HDLC, PPP, or Frame Relay has it’s own hardware Address to use that is different than Ethernet MAC Address System. Now, you might ask yourself, how about WAN using Ethernet, (since Ethernet Technology can be used as WAN Networks as well) will the MAC address be used as well? Of course, if Ethernet as WAN Technology used between 2 Routers or hops, which is called Ethernet over Multiprotocol Label Switching (EoMPLS), then the same MAC address system will be used to move IP Packets between the Routers that are connected using EoMPLS.
Routing IP Packets to Default Router
By Data, Segments, Packets, and Frames Encapsulation
Imagine that you are at PC1 requesting www.ccnahub.com homepage from a Web-Server.
Based on the Image above – PC1’s IP/Stack started to Encapsulate HTTP request as follows:
Note: The following is just to have an idea of the concept, I’ll be going in more detailed steps later on.
PC1’s TCP/IP Stack Application Layer encapsulated the HTTP Data Request into HTTP Data Header, and handled the Header to the Transport Layer for further Processing (1).
Transport Layer encapsulated the HTTP Data Header into Segment (s) adding source and destination TCP ports to the Segment (s), and handled the Segments to Network Layer for Packing using Logical Addressing (2).
Network Layer encapsulated the Segment (s) into an IP Packet (s) adding logical source and destination IP addresses to the packet (s), and handled the packet (s) to the Data Link Layer for Framing using Hardware Addressing (3).
Data Link Layer encapsulated the IP Packet (s) into a Frame (s) adding hardware source and destination MAC addresses to the Frame (s) with Ethernet Header and Trailer, and handled the Frame (s) to the Physical Layer for Delivery using Ethernet Standard or Protocol(4).
Physical Layer converted the Frame (s) one at a time to stream of bits, encoded the bits into signals based on the type of media used (Copper, Fiber, or Wireless), and transmitted the signals one at a time to the Default Gateway (5).
Forwarding Ethernet Frames to Default Router
As shown above, PC1 requested a ccnahub.com homepage from the Web-server, and while requesting, it does some analysis and figure out that the IP of ccnahub.com is located at different subnet, hence, PC1 chooses to send the IP packet (s) to the nearby router (R3).
PC1’s TCP/IP Stack analyzes was based on the destination IP address of ccnahub.com which is located on different subnet (web-server 172.16.10.20) and not the same LAN where PC1 resides. So PC1’s TCP/IP logic decided to route the HTTP Request packet (s) to a nearby default gateway (R3) which is located on the same LAN of PC1.
In order to route the IP Packet from PC1 to R3, PC1 forwards the frame (s) which hold the IP packet (s) across the ethernet medium to (R3); these frames include the packets in the data portion of the Ethernet frames. From PC1 perspective, the frame that holds the IP Packet (s) must use R3’s MAC address to reach R3’s interface port.
Once IP Packet (s) received by R3’s interface port, it will be unpacked/repacked using NEW MAC address, and forwarded again to the nearby Router. This process will be repeated again and again till the IP packet (s) can reach its final destination.
Detailed Steps: IP Packet (s) Flow Across the Network
I am going to map each step to the upper Large Figure, so I recommend to print or open it in different Window to MAP each step. All the routers in these detailed steps are using OSPFv2 Routing protocol already configured with routes and subnets. The steps demonstrates how TCP/IP Layers work together to deliver the data using IP Packets and Data Link Frames.
Step 1: PC1’s browsing ccnahub.com homepage
Application Layer – Downstream: Creates and encapsulates the application requests or data with any required Application Layer headers, and handle it the Transport Layer for segmentation.
That is: PC1’s Application layer creates and encapsulates HTTP (GET message) request inside a HTTP header.
Transport Layer – Downstream: Receives and encapsulates the data supplied by the Application Layer inside a TCP or UDP header forming a Segment, adds destination and source TCP or UDP port to the segment, and finally handle the segment to the Network layer for packing procedure.
That is: PC1’s Transport Layer receives and encapsulates the data supplied by PC1’s Application Layer inside TCP header forming a segment (1), adds a destination TCP port (80) as http service receiver (2), adds a dynamic source port (5480) as App (web-browser) sender (3), and finally handles the segment to the Network Layer for packing procedure (4).
Network Layer – Downstream: Receives and encapsulates the TCP or UDP header supplied by the Transport layer inside an IP Header forming an IP Packet, translates the destination domain name https://www.ccnahub.com to IP address using DNS, adds a destination and source IP addresses to the IP packet, and finally routes the IP packet using outgoing NIC or interface through the Data Link Layer.
That is: PC1’s Network Layer receives and encapsulates the TCP segment inside an IP header forming an IP Packet (1), adds a destination IP address of ccnahub.com (172.16.10.20) as final destination (2), adds PC1’s source IP address (192.168.1.100) as sender (3), and finally routes the IP packet using PC1’s NIC as outgoing interface through the Data-Link layer to default gateway (R3) (4).
Data Link Layer – Downstream using Ethernet LAN NIC: Receives the IP Packet from the Network Layer and encapsulates the IP Packet inside an Ethernet Header and Trailer to forming a Frame, Ethernet is used, adds destination and source MAC addresses to the Frame based on Address Resolution Protocol (ARP) table, and finally forwards the Frame to the next-hop using the device’s outgoing NIC or interface through the physical layer.
That is: PC1’s Data-Link Layer receives and encapsulates the IP packet inside an Ethernet Header and Trailer forming a frame (1), adds a destination MAC address of R3’s f0/1 LAN interface (3001.2222.2222) as next-hop (2), adds the PC1’s NIC source MAC address (3001.3333.3333) as sender (3), and forwards the frame using PC1’s NIC as outgoing interface through the Physical layer to R3’s f0/1 (4).
Physical Layer – Downstream: Receives and converts the frame to bits, encodes the bits into signals based on the type of media used (Copper, Fiber, or Wireless), and transmits the signals one at a time using the device’s outgoing NIC or interface through the media used.
That is: PC1’s Physical Layer receives and converts the frame to bits (1), since Ethernet Copper cable is used, encodes the bits into electrical signals (2), and finally transmits the electrical signals one at a time using PC1’s outgoing NIC interface, through the physical cable heading to R3 (3).
Step 2: R3’s Upstream using Ethernet LAN Port
Physical Layer: Receives the signals from PC1’s Physical layer through R3’s f0/1 interface and de-encode each electrical signal as bit stream (1), reassemble each bit stream as frame (2), and handles each frame to the Data-Link Layer (3).
Data-link Layer: Receives the frames from the physical layer and applies Frame Check Sequence (FCS) on each frame for any error (1), if no errors found, it de-encapsulates each frame contents (2), strips (discards) any MAC addresses with it’s Header and Trailer (3), and Handles ONLY the IP packet to the Network Layer (4).
Network Layer: Receives and reads the IP Packet’s destination and source IP addresses (1), compares destination IP (172.16.10.20) to known IP routes or subnets by reading the Routing Table Entries to analyze 172.16.10.20’s subnet – Bingo! 172.16.10.0/24 Subnet found, which includes addresses 172.16.10.1 through 172.16.10.254 (3), Now the Routing decision: the subnet’s route states: 172.16.10.0 via 10.50.20.2 using f0/0 interface as outgoing interface (4), and routes the IP packet using f0/0 interface as outgoing interface through the Data-link Layer (5).
Note: 172.16.10.0 via 10.50.20.2 using f0/0 >>> 10.50.20.2 is R2’s IP address which is next router, and f0/0 belongs to R3 as outgoing interface.
Data-link Layer – R3’s Downstream using Ethernet WAN Port: Receives the IP Packet back from the Network Layer and encapsulates it inside a NEW Ethernet Header and Trailer forming a NEW Frame (1), adds new destination MAC address of R2’s f0/0 (2001.2222.2222) as next-hop based on ARP cache table (2), adds new source MAC address of R3’s f0/0 (3001.1111.1111) interface as a sender (3), and forwards the NEW Frame using R3’s f0/0 as outgoing interface through the Physical layer.
Physical Layer: Physical Layer receives the New Frame from the Data link layer and converts it to bits (1), since serial copper cable is used, encodes the bits into electrical signals (2), and transmits the electrical signals one at a time using R3’s f0/0 outgoing interface, through the EoMPLS link heading to R2 (3).
Step 3: R2’s Upstream using Ethernet WAN Port
Physical Layer: Receives the signals from R3’s Physical layer through R2’s f0/0 interface and de-encode each electrical signal as bit stream (1), reassemble each bit stream as frame (2), and handles each frame to the Data-Link Layer (3).
Data-link Layer: Receives the frames from the physical layer and applies Frame Check Sequence (FCS) on each frame for any error (1), if no errors found, it de-encapsulates each frame contents (2), strips (discards) any MAC addresses with it’s Header and Trailer (3), and Handles ONLY the IP packet to the Network Layer (4).
Network Layer: Receives and reads the IP Packet’s destination and source IP addresses (1), compares destination IP (172.16.10.20) to known IP routes or subnets by reading the Routing Table Entries to analyze 172.16.10.20’s subnet – Bingo! 172.16.10.0/24 Subnet found, which includes addresses 172.16.10.1 through 172.16.10.254 (3), Now the Routing decision: the subnet’s route states: 172.16.10.0 via 10.50.10.2 using s0/0 interface as outgoing interface (4), and routes the IP packet using s0/0 interface as outgoing interface through the Data-link Layer (5).
Note: 172.16.10.0 via 10.50.10.2 using s0/0 >>> (10.50.10.2 is R1’s IP address which is the next router, and s0/0 belongs to R2 as outgoing interface.
Data-link Layer – R2’s Downstream using PPP Leased Line Serial Port: Receives the IP Packet back from the Network Layer and encapsulates it inside a NEW PPP or HDLC Header and Trailer forming a NEW Frame (1), and forwards the NEW Frame using R2’s s0/0 as outgoing interface through the Physical layer (2).
Physical Layer: Physical Layer receives the New Frame from Data link layer and converts it to bits (1), since copper cable is used, encodes the bits into electrical signals (2), and transmits the electrical signals one at a time using R2’s s0/0 outgoing interface, through the EoMPLS link heading to R1 (3).
Step 4: R1’s Upstream using PPP WAN Serial Port
Physical Layer: Receives the signals from R2’s Physical layer through R1’s s0/0 interface and de-encode each electrical signal as bit stream (1), reassemble each bit stream as frame (2), and handles each frame to the Data-Link Layer (3).
Data-link Layer: Receives the frames from the physical layer and applies Frame Check Sequence (FCS) on each frame for any error (1), if no errors found, it de-encapsulates each frame contents (2), strips (discards) any PPP or HDLC Header and Trailer (3), and Handles ONLY the IP packet to the Network Layer (3).
Network Layer: Receives and reads the IP Packet’s destination and source IP addresses (1), compares destination IP (172.16.10.20) to known IP routes or subnets by reading the Routing Table Entries to analyze 172.16.10.20’s subnet – Bingo! 172.16.10.0/24 Subnet found, which includes addresses 172.16.10.1 through 172.16.10.254 (3), Now the Routing decision: the subnet’s route states: 172.16.10.0 is directly connected using f0/0 interface as outgoing interface (4), and routes the IP packet using f0/0 interface as outgoing interface through the Data-link Layer (5). (directly connected, which means, there is no more routing can be done for this subnet, since this route connected directly to R1)
Note: 172.16.10.0 is directly connected using f0/0 >>> directly connected, meaning, there are no more routers in the middle to route to for this subnet, since this route connected directly to R1, and f0/0 belongs to R1 as outgoing LAN interface
Data-link Layer – R1’s Downstream using Ethernet LAN Port: Receives the IP Packet back from the Network Layer and encapsulates it inside a NEW Ethernet Header and Trailer forming a NEW Frame (1), adds new destination MAC address of web-server’s NIC (1001.3333.3333) as next-hop based on ARP cache table (2), adds new source MAC address of R1’s f0/0 (1001.1111.1111) interface as a sender (3), and forwards the New Frame using R1’s f0/0 as outgoing interface through the Physical layer (4).
Physical Layer: Physical Layer receives the New Frame from the Data link layer and converts it to bits (1), since Ethernet copper cable is used, encodes the bits into electrical signals (2), and transmits the electrical signals one at a time using R1’s f0/0 outgoing interface, through the LAN network heading to web-server (3).
Step 5: IP Packet arrived at its final destination
Web-Server’s Physical Layer: Receives the signals from R1’s Physical layer through R1’s f0/0 interface and de-encode each electrical signal as bit stream (1), reassemble each bit stream as frame (2), and handles each frame to the upper layer – Data-Link Layer (3).
Web-Server’s Data-link Layer: Receives the frames from the physical layer and applies Frame Check Sequence (FCS) on each frame for any error (1), if no errors found, it de-encapsulates each frame contents (2), strips (discards) any Ethernet MAC address with its Header and Trailer (3), and Handles ONLY the IP packet to the upper layer – Network Layer (3).
Web-Server’s Network Layer: Receives and reads the IP Packet’s destination and source IP addresses (1), compares its destination IP (172.16.10.20) to it’s IP Address and found out that it is the same IP address as the web-server’s IP address – Bingo!, the IP packet reached its final destination (2), it de-encapsulates the IP Packet and handle the Segment to the upper layer – Transport layer (3).
Web-Server’s Transport Layer: Receives and de-encapsulates the segments supplied by the Network Layer, analyze any destination TCP or UDP source port numbers, and finally handle the Data to the Application Layer’s service based on the TCP or UPD destination port Number used inside the segment.
That is: Web-Server’s Transport Layer receives and de-encapsulates the segments supplied by Network Layer (1), analyzes the segment’s destination TCP or UPD port fields (2), based on segment’s destination port number analysis, transport Layer decides that this port is TCP port type number 80 (3) , based on this port number, it handles the Data header to HTTP Service that is associated with port 80 and responsible to respond and process Web pages data.
Web-Server’s Application Layer: receives any headers that include data from the lower layer – Transport Layer, and have it’s application services process any data based on the port numbers was analyzed previously by the Transport Layer.
That is: Web-Server’s HTTP Service processing the Data since it was meant to its TCP port 80, and found out it is a GET Message Request from PC1 to view a website called ccnahub.com which is hosted by the Web-Server.
*Please Note: that most Routers do NOT deal with either Transport Layer Nor Application layer! Starting at the Physical layer and up to ONLY the Network layer, Routers receive the Frame then the IP Packet as Upstream, then Routers route the IP Packets through Data Link Layer using NEW Frames with New Hardware Address that is suitable to medium used as Downstream to the Next-Hop.
Pretty cool, huh? The GET Message reached its final destination. In the next article, I will show you how the web server responded to PC1 with the web page data, which amazes me to know how all these steps between PC1 and the Web Server are happening in a fraction of a second! 🙂
Post Office Concept Mapped to TCP/IP Concept
Corporate Director as Layer 5: Notice, how the Application Layer acted similar to a corporate director in a company where he wrote an urgent letter to his branch office manager in New York.
Corporate Director as Layer 4: decided to handle the letter to his secretary as is without envelope, and instruct her to packet and send it to the branch office manager in New York Office using a guaranteed delivery feature – acting similar to Transport Layer’s TCP feature.
Secretary as Layer 3: At this point, the corporate director doesn’t really care how the secretary would pack the letter, such what kind of envelope would she use or how the secretary would decide to put the envelope on the mailing box. The secretary job at this stage is very similar to the Network Layer. The secretary way of working similar to an IP Protocol functions of PC1.
She (IP) decided to encapsulate the letter inside an express mail envelope using the New York branch office destination mail address – which is equal to the IP destination address of Web-server as a receiver – and used the source mailing address of her corporate office as a sender – which is similar to the source IP address of PC1 as sender.
Corporate Mail Man as Layer 2: the secretary prepared everything and called the corporate mail man for further actions – which is very similar to Data-Link Layer. The mail man put or encapsulated the secretary envelope (Packet) in his special mailing box and carries it to his car in order to deliver it to the closest Post Office (R3) using the corporate Mail man car that has a plate number# 3333.4444.5555 (MAC Address)– which is very similar to a MAC address concept.
Obviously the Mail man can’t drive to New York straight using the same car, so he chose to go to the nearest Post Office site (router) to his office for further routing.
Note: choosing to use his car and not his bicycle, is very similar of using an Ethernet Header and Trailer control protocol (EoMPLS WAN Fiber Connection) versus a bicycle such PPP or HDLC WAN protocol which is a way slower than Fiber Ethernet. Remember, that Ethernet protocol can be used on LAN and WAN as well.
Driving a car with (Ethernet plate or MAC number) on the Road as Layer 1: the corporate mail man drove on the road to drop the envelope at the closest Post office box which is very similar of using a UTP cable between PC1 and R3. Obviously, there is no way that we can encode the Mail man and his car as electric signal yet, but at least we can map the idea to better understand the theory of TCP/IP Networking Model which is similar at some points to the Post Office Networking Model.
Summary
Person sending a Letter: the process from Corporate Director as Layer 5 up to Layer 4 is very similar to someone wrote a letter but didn’t put the letter inside an envelope, rather, he handled it to the secretary to do the job.
Post office: The process from the Secretary (Network Layer) up to driving on the Road (physical Layer) is a complete Packet Routing and Frame Forwarding Process; therefore, the last three layers act as internal Post Office belongs to the corporate office; a theory makes each network device has a complete TCP/IP Networking “Mini-Post Office” Model.
MAC addresses as a Mail Ethernet Vehicle: MAC addresses are used as a lower layer to keep processing of IP Packet routing moving till it reaches its final destination. MAC addresses are similar to the Post Office’s trucks, planes, or personal (each one of them carries a plate number) that keeps handling each other the mail till they deliver it to its final destination. Now Ethernet can’t represent all of them but one of them, let’s say the Airplane Medium!
Note: this Article explained the flow of Segments, Packets, and Frames among network devices. More detailed steps for the following Protocols were not included in this Article.
DNS: As seen on the above figure, we used ccnahub.com address as domain name, we said that Domain Name Resolution (DNS) resolved the domain to IP address, but we didn’t go through the DNS details. Why DNS? You and me use words and can’t remember all IP addresses around the world, e.g google.com and once entered in the browser it has to be translated from a Name to a dotted decimal number, that is, Public IP address used by google.com ISP router.
In order to translate a Host name or a Domain name like google.com, Network Layer MUST relay on Domain Name System (DNS) to provide layer 3 with destination IP address, DNS work back and fourth between Application Layer and Network Layer 3 and it can be configured at your Router as well. Understanding Web Browser DNS Lookup Article explains the basics of how Layer 3 depends on DNS to complete the packet with a destination IP address by translating a Domain Name entered by user to a Public IP address.
ARP: Data-link layer (if Ethernet Technology is used) relays on Address Resolution Protocol (ARP) which is part of (Network Layer 3 protocols functions) to create frames with destination MAC address, this Article’s examples and for sake of simplicity bypassed ARP requests detailed steps, this Article assumed that ARP table already populated with MAC addresses on each network device ARP Table. Understanding ARP Request Process Article will further explain why ARP needed in the Beginning of initializing a communication between the network devices if Ethernet standard is used.
NAT: At the above examples, we used Private IP addresses among all the networks and subnets. In reality it’s little bit different though, Private IP addresses to Public IP addresses translation or NAT will be involved. To get the point, let’s say you have requested the home page of google.com from your home or office PC, (assuming you are using IPv4 network) a very critical component called “Network Address Translation” (NAT) will be involved in order to translate between Private IP addresses (which are used at your home or your office network) and a Public IP addresses (which are used by your ISP Router and google ISP router), NAT functions at your home or Office Router. Understanding NAT Article is coming soon to further explain the concept in how it works by looking at the same examples but using NAT, DNS, and ARP all together! 🙂
Subject Related
By Wikipedia traffic Flow | Novel Docs | Oracle Docs | Cisco Forum Packet Flow | Juniper Docs Packet Flow | Introduction To Network | Practical Packet | Computer Network | Introduction to Networking | Who is Running the Internet | Networking Self-Teaching Guide
CCNA Routing and Switching
<< IP and Network Fundamentals Course
>> Models, Protocols, and Standards Section
- Understanding TCP/IP and OSI Models
- Understanding Packet Flow Across the Network Part1
- Understanding Packet Flow Across the Network Part2
- Understanding Ethernet LAN Standards
- Understanding Ethernet MAC Addresses
- Understanding WAN Technologies
- Understanding Data Link Layer Encapsulation
- Understanding EoMPLS WAN Technology
- Understanding IP Routing Process Concept
- Understanding Web Browser DNS Lookup
- Understanding ARP Broadcast Message
- Understanding TCP and UDP Protocols
- Understanding TCP and UDP Multiplexing
- Understanding Application Layer Services
- Understanding Quality of Service Concept
Jojo George author says
Can you tell 172.16.10.254 mentioned here
Ed author says
Nice write-up, Imad. I tried to tackle the same subject in my own article series:
www.practicalnetworking.net/series/packet-traveling/packet-traveling/
I went into less details in certain areas, and more details in others. But I like your strategy on it as well.
Sounak author says
This is by far the best explanation for encapsulation and strip of all headers through the layers. Loved the Blog Sir.
Mine is here – packetflow.wordpress.com
Imad Daou author says
Thank you! I liked your blog too.
Daniel Macuare author says
Great article and what an excellent way to breakdown most of the tasks needed to deliver a packet. The analogy with the post office was brilliant as well. Thanks a lot for this information Imad.
Imad Daou author says
You are welcome Daniel. Thanks for the comment.
Anupam Roy author says
MAC addresses for serial interfaces? 😮
Howcome?
Imad Daou author says
Hi Roy, yes you are right 😉 I remember, I had them all MPLS, but I added the serial to spice it up. I need to correct the image. Thank you!
Anupam Roy author says
Hello Mr. Daou 🙂 Thanks for your reply. Need to ask you something. I am facing a simple issue. But its boggling up my fundamentals.
I work in a Govt. Office in India and manage the local network there.
We have a Cisco Catalyst 2960 switch (24 port) on which I have configured 2 VLANs for 2 separate VSAT internet connections.
VLAN 1: ports 1 to 12
port 1 is directly connected to the VSAT 1 router (10.211.4.1)
VLAN 2: ports 13 to 24
port 13 is directly connected to the VSAT 2 router (10.202.6.1)
I configured this keeping in mind that VSAT 1’s network should be accessible to VLAN 1’s ports only. Similar thing for VSAT 2.
I used the VLAN concept to divide the broadcast domain into two and assign them accordingly to each connection.
But the issue is that, VSAT2’s internet is accessible by VLAN1’s ports aswell. Although VSAT2’s uplink is connected to VLAN2’s port 13, which means that its internet should be restricted to VLAN2’s ports only. But it still gets accessed from PCs in VLAN1. So whats the use of creating two separate VLANS if the signal is getting broadcasted through any port?
Can you predict what is happening here? and what should be done?
Abdul latif shaikh author says
As u sad u created 2 diff vlans 1 and 2 we cannot create vlan 1 …. vlan 1 is default it is called native vlan . create some other vlan and try .
Huff author says
It’s inner flan routing. You’ll need an ACL to properly restrict the traffic. Since you made the vlan on the same switch it has inter connected routes.
Network author says
Have a question here.
PC generates an IP Packet with source address (PC NIC address) and destination address (Web server IP). Then the IP packet gets encapsulated within frame with source MAC (PC NIC MAC) and destination MAC (R3 fa 0/1 MAC via ARP). My question is how it decides its destination MAC will be the MAC of its gateway.
What happens if the destination IP would be in the same subnet as of PC? Will it still ARP for R3 fa0/1 MAC or will it directly ARP for destination IP Address?
How it decides the IP for which it ARPs?
Imad Daou author says
I liked your question 🙂 First of all, each network device get an ARP table which will eventually hold all the Network MAC addresses that is part of this subnet. Consider you are plugging PC1 for the first time in this subnet, few things will happen, and among them such DHCP request. Once PC1 get its IP address, it’s IP Stack is now functional and capable to communicate with either local or WAN Networks. Remember, since we are using ethernet language, ARP request takes place to populate PC1’s ARP table with it’s neighbors’ MAC addresses which is crucial step for the communication to take place between PC1 and the rest of the network devices that is part of its subnet (R3 is PC1’s gateway to the rest of the World outside). ARP request by PC1 will ask the whole Network “what is the MAC address of the R3?” Another word, PC1 (and especially if it’s newly connected) is saying, “Guys, I have the R3 IP address, but I am missing the MAC from my ARP table, I need it since I am going to use Ethernet language, so I am going to Yell and ARP Request the MAC of the Router to everyone. Eventually, ARP broadcast hits everyone inside PC1 subnet and of course among them R3 device. R3 looks at the ARP request and find out the it carries it’s IP address, then R3 immediately response with it’s MAC address to PC1, knowing that PC1 needs to send him a Packet and needs its MAC to carry the packet. At this point, and after PC1 receive R3 MAC address and gathered all the pieces together in order to Packet and frame, PC1 gives the whole thing to the physical layer in order to handle it to R3 🙂 for more information check Understanding ARP Request Process article under IP Fundamentals as well for more information.
Newral author says
Ive gone through a lot of studying material and a lot of them have mistakes which can makes me fail the real questions on the test. This is THE REAL DEAL.. goes by the Cisco certified book concepts and covers the topics. a combination between this website, the book, a real lab and the Cisco Certification Practice Exam by MeasureUp: ICND1 (100-101) (30-day Key) should be good enough for anybody to pass the ICND1 test (which is the one Im taking before the end of the yr). THANK YOU.. ill post if it worked as soon as i take the test. Advice, follow this module and be careful with quizes out there. I can confuse you more than helping you. Too many wrong q & a and the way the lingo is different from the actual book. Good to know all the concepts and the variations but for test purposes, i rather go by the book since is certified.. This people are mostly experienced guys talking their own language…
Imad Daou author says
I agree, it’s good to study through different channels. I’ve been extremely busy to have more study resources in my site, however, it’s just a matter of time, Thanks for the comment and I wish you good luck in the test.