Switching Question (Basic / Newbie)

controlcontrol Posts: 309Member
All,

Please excuse the newbie question, we all have to start somewhere I guess.
Because I'm from a server background, I think I'm getting myself in a muddle here with regards to all this cisco stuff. Hopefully someone can make this clear to me.
Take the following example. I am sitting in office A - connected to Switch 1. I want to send some data to PC B, also in Office A but connected to Switch 2. The switches are connected to each other via cable.

I only know PC B's name. Does my request get broadcast to all ports on switch 2, or will switch 1 create a direct connection to PC B on switch 2 and data trasnfer can begin?

My understanding, would be the following. PC B's name would be resolved to IP Address via DNS. IP Address resolved to MAC Address using ARP, switch now has what it needs to send data (But I still need to know if a direct connection is established between my PC (Switch1) and PC B (Switch2).
Does this make sense or am I (like i think), getting in a muddle?

Comments

  • phoeneousphoeneous Go ping yourself... Posts: 2,331Member ■■■■■■■□□□
    control wrote: »
    All,

    Please excuse the newbie question, we all have to start somewhere I guess.
    Because I'm from a server background, I think I'm getting myself in a muddle here with regards to all this cisco stuff. Hopefully someone can make this clear to me.
    Take the following example. I am sitting in office A - connected to Switch 1. I want to send some data to PC B, also in Office A but connected to Switch 2. The switches are connected to each other via cable.

    I only know PC B's name. Does my request get broadcast to all ports on switch 2, or will switch 1 create a direct connection to PC B on switch 2 and data trasnfer can begin?

    My understanding, would be the following. PC B's name would be resolved to IP Address via DNS. IP Address resolved to MAC Address using ARP, switch now has what it needs to send data (But I still need to know if a direct connection is established between my PC (Switch1) and PC B (Switch2).
    Does this make sense or am I (like i think), getting in a muddle?


    It depends if Switch 2 has entered PC B's mac address in its mac address table already. If it has, then Switch 2 will forward the frame only out of the port to which PC B is connected.
  • Did you check for VLANS
    Go EVERTON

    evertonfc-crest.gif
  • controlcontrol Posts: 309Member
    Hi,

    Sorry this is just a basic scenario i made up in my head to ensure I am thinking along the correct path. No VLANS invloved.
  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users
    Basically yes.

    But if PC 1 and PC2 are in different networks then a couple of other things will happen. Can you tell me what would happen (at layer 3)?
  • controlcontrol Posts: 309Member
    Ok, so if PC1 and PC 2 are in different networks, we would need to assume some sort of Layer 3 device is now in the equation, be it a layer3 switch or an actual router.
    Once the router receives the packet, it would check the IP destination address against the info in its routing table and route it according to what information ir holds...........

    I think!!
  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users
    control wrote: »
    Ok, so if PC1 and PC 2 are in different networks, we would need to assume some sort of Layer 3 device is now in the equation, be it a layer3 switch or an actual router.
    Once the router receives the packet, it would check the IP destination address against the info in its routing table and route it according to what information ir holds...........

    I think!!
    There you go.

    Now consider you have this network

    PC1>>Switch1>>>Router1>>>Switch2>>>PC2

    PC1 has an ip address of 192.168.1.2
    PC2 has an ip address of 172.16.1.2

    They want to talk to each other. What will be the layer 2 and layer 3 addresses during each stage of the conversation? (hint 1 will stay the same and 1 will change, going both ways)
  • controlcontrol Posts: 309Member
    knwminus wrote: »
    There you go.

    Now consider you have this network

    PC1>>Switch1>>>Router1>>>Switch2>>>PC2

    PC1 has an ip address of 192.168.1.2
    PC2 has an ip address of 172.16.1.2

    They want to talk to each other. What will be the layer 2 and layer 3 addresses during each stage of the conversation? (hint 1 will stay the same and 1 will change, going both ways)


    Would this not just be the same process as I described above? Can you talk me through this please, just so I understand where you're coming from?

    Thank You
  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users
    control wrote: »
    Would this not just be the same process as I described above? Can you talk me through this please, just so I understand where you're coming from?

    Thank You

    Yep. The way I worded that question was bad. Lets look at that network again:

    PC1>>Switch1>>>E1>>>Router1>>E2>>>>>>Switch2>>>PC2

    Lets add some more info in as well

    PC1 has an ip address of 192.168.1.2
    PC1 has a mac address of aaaa.bbbb.cccc

    Router 1 Ethernet port 1 has an ip address of 192.168.1.1
    Router 1 Ethernet port 1 has a mac of mac address is Bbbb.CCCC.DDDD

    Router 1 Ethernet port 2 has an ip addres of 172.16.1.1
    Router 1 Ethernet port 2 has a mac address of CCCc.DDDD.EEEE

    PC2 has an ip address of 172.16.1.2
    PC2 has a mac address of DDDDD.EEEEE.FFFFF

    So when PC1 is putting together a frame to be sent to PC2, it will arp in the local broadcast domain to try to find out where PC2 is. The router will reply to the broadcast with send it to me, here is my mac. It will send out the mac address of its Ethernet port 1. The "packet"/"frame" will use the layer 2 to source address of PC1 and the layer 2 to destination address of Router1 E1. It will use layer 3 source from computer 1 and the layer 3 destination of PC2.

    Now tell me what happens when the frame gets to the router. How are the source/destination information changed?
    Frame wil
  • controlcontrol Posts: 309Member
    Ok, so my understanding (high probability this is crap!), is - the router will take packet in through E1, and looking at the layer3 will know to route it out to its E2 port.
    Before routing it out through E2, it will amend the current layer 2 information within the packet. The layer 2 info will now have E2 (MAC Address) as the source address, and PC2 (MAC) as the destination address..............

    Shoot me down...cmon icon_smile.gif
  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users
    control wrote: »
    Ok, so my understanding (high probability this is crap!), is - the router will take packet in through E1, and looking at the layer3 will know to route it out to its E2 port.
    Before routing it out through E2, it will amend the current layer 2 information within the packet. The layer 2 info will now have E2 (MAC Address) as the source address, and PC2 (MAC) as the destination address..............

    Shoot me down...cmon icon_smile.gif

    No you got it. Basically the only thing that doesn't change is the layer 3 destination and that is important to know.

    Here is a different one

    We have a slightly different network:

    PC1>>Switch1>>>E1>>>Router1>(ISP)Server1

    Lets add some more info in as well

    PC1 has an ip address of 192.168.1.2
    PC1 has a mac address of aaaa.bbbb.cccc

    Router 1 Ethernet port 1 has an ip address of 192.168.1.1
    Router 1 Ethernet port 1 has a mac of mac address is Bbbb.CCCC.DDDD

    Router 1 Ethernet port 2 has an ip addres of 190.1.1.1
    Router 1 Ethernet port 2 has a mac address of CCCc.DDDD.EEEE

    Server 1 has an ip address of 170.1.1.2
    Server 1 has a mac address of DDDDD.EEEEE.FFFFF

    Router 1 is running nat (overloaded) so all host off of the 192.168.1.1 /24 network can get translated to ip address 190.1.1.1. When host 192.168.1.2 (Pc1) goes to webserver 170.1.1.2 what happens to the source ip address and at which osi layers does a change (if any) happen?
  • controlcontrol Posts: 309Member
    Thanks for all this Knwminus.

    I'm guessing that all requests to the webserver will have a source IP of 190.1.1.1, and this change happens at layer 3?
  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users
    control wrote: »
    Thanks for all this Knwminus.

    I'm guessing that all requests to the webserver will have a source IP of 190.1.1.1, and this change happens at layer 3?

    Yes but these is something else. What is Nat (I gave you a hint when I said overload icon_wink.gif)? More importantly what does PAT or Port Address Translation do (to answer that question you need to thing about what layer for the osi do ports reside) ?

    Oh an no problem. I have to wait until Sat to take my CCNA (scheduling bull) so this is just another way for me to study.
    This, transcender, random reading in my weak areas (wan) and transcender.
  • knwminus wrote: »

    So when PC1 is putting together a frame to be sent to PC2, it will arp in the local broadcast domain to try to find out where PC2 is. The router will reply to the broadcast with send it to me, here is my mac.

    Doesn't PC1 use ARP to determine if PC2 is on the same network and if not, send the frame to it's default gateway? Not "The router will reply to the broadcast..."?
    "There are 3 types of people in this world, those who can count and those who can't"
  • controlcontrol Posts: 309Member
    Right, this is the first time I have ever heard of this so had to do some research!

    So the router will receive the packet (request) from a PC. After routing and verifying the packet for translation, the router saves the PCs IP address and port number to its table.
    The router replaces the sending PCs IP address with its own Public one. The router replaces the sending PC's source port with the port number that matches where the router saved the sending PC'saddress information in is table.
    The routers 'translation table' now has a mapping of the computer's non-routable IP address and port number along with the router's IP address.

    When a packet comes back from the Internet, the router checks the destination port on the packet. It then looks in the address translation table to see which computer on the attached LAN the packet belongs to. It changes the destination address and destination port to the one saved in the address translation table and sends it to the PC.
    I believe PAT takes place at the transport layer, but like I say this is the first time I have ever heard of it, I've just started looking at CCNA stuff so please correct me or explain in an easy to understand manner if you can! icon_smile.gif
  • kalebkspkalebksp Posts: 1,033Member
    knwminus wrote: »
    So when PC1 is putting together a frame to be sent to PC2, it will arp in the local broadcast domain to try to find out where PC2 is. The router will reply to the broadcast with send it to me, here is my mac. It will send out the mac address of its Ethernet port 1. l
    Doesn't PC1 use ARP to determine if PC2 is on the same network and if not, send the frame to it's default gateway? Not "The router will reply to the broadcast..."?

    Whoa there guys, neither of those are quite how it works. knwminus's description is roughly how proxy ARP works, but in a normal network proxy ARP isn't used.

    How it should work is PC1 determines whether PC2 is on it's network by comparing its network (identified by it's IP address and subnet mask) with the IP address of PC2. If it is on the same network it ARPs for PC2's MAC address and uses that for communication. If it determines PC2 is not on the same network it will ARP for it's default gateway's MAC (assuming that it hasn't already been cached) and sends the packet to the default gateway (router). The header addressing when sending a packet to the router is how knwminus described; layer 2 destination = router's MAC, layer 3 destination = PC2's IP.
    Contradictions do not exist. Whenever you think you are facing a contradiction, check your premises. You will find that one of them is wrong.
    -Ayn Rand

    vCabbage
  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users
    kalebksp wrote: »
    Whoa there guys, neither of those are quite how it works. knwminus's description is roughly how proxy ARP works, but in a normal network proxy ARP isn't used.

    How it should work is PC1 determines whether PC2 is on it's network by comparing its network (identified by it's IP address and subnet mask) with the IP address of PC2. If it is on the same network it ARPs for PC2's MAC address and uses that for communication. If it determines PC2 is not on the same network it will ARP for it's default gateway's MAC (assuming that it hasn't already been cached) and sends the packet to the default gateway (router). The header addressing when sending a packet to the router is how knwminus described; layer 2 destination = router's MAC, layer 3 destination = PC2's IP.

    I stand corrected.
  • controlcontrol Posts: 309Member
    kalebksp wrote: »
    Whoa there guys, neither of those are quite how it works. knwminus's description is roughly how proxy ARP works, but in a normal network proxy ARP isn't used.

    How it should work is PC1 determines whether PC2 is on it's network by comparing its network (identified by it's IP address and subnet mask) with the IP address of PC2. If it is on the same network it ARPs for PC2's MAC address and uses that for communication. If it determines PC2 is not on the same network it will ARP for it's default gateway's MAC (assuming that it hasn't already been cached) and sends the packet to the default gateway (router). The header addressing when sending a packet to the router is how knwminus described; layer 2 destination = router's MAC, layer 3 destination = PC2's IP.


    For PC1 to know PC2's IP Address, I'm assuming it has gotten this information from DNS? I really want to make sure I'm understanding this! Thanks
  • Agent6376Agent6376 Posts: 201Member
    kalebksp wrote: »
    Whoa there guys, neither of those are quite how it works. knwminus's description is roughly how proxy ARP works, but in a normal network proxy ARP isn't used.

    How it should work is PC1 determines whether PC2 is on it's network by comparing its network (identified by it's IP address and subnet mask) with the IP address of PC2. If it is on the same network it ARPs for PC2's MAC address and uses that for communication. If it determines PC2 is not on the same network it will ARP for it's default gateway's MAC (assuming that it hasn't already been cached) and sends the packet to the default gateway (router). The header addressing when sending a packet to the router is how knwminus described; layer 2 destination = router's MAC, layer 3 destination = PC2's IP.

    I'm sitting my CCENT soon and I had hoped that someone was going to throw this out there. Thank God all that reading wasn't for nothing.

    And to the OP, yes. DNS works like this (if you don't already know)

    1. PC needs to resolve a hostname so it first checks it's HOSTS file.
    2. If not found in HOSTS then it checks its local DNS cache
    3. If it's not in cache then it forwards the request to the DNS server either statically set or dynamically learned from DHCP.

    DNS Server gets the request, so it has to check to find the info as well.
    1. DNS server checks its HOSTS file

    2. It then checks its cache

    3. It then looks to see if it's authoritative for the zone

    4. If it is, then it relays the IP address of the hostname that was queried, if it isnt then it will either forward it to a specified DNS server (either an ISP's DNS, 4.2.2.1, or something like opendns.com), or use Root Hints.

    5. Once the request hits Root Hints, it will find the DNS server that is authoritative for the zone and query it for the original hostname (www.google.com)

    6. The DNS server authoritative for google.com checks its HOSTS, cache, then sees whether it's authoritative for the zone which it is, then forwards the IP address of www.google.com (or whatever host in google.com you're trying to access) back to you.

    From there it follows the same rules:
    PC1 needs to get to google.com, so it queries DNS to get google's ip address, 74.125.67.100
    -It looks at Google's IP address and subnet mask and determines that it's not a local address.

    -PC1 arps for its default gateway's IP MAC address (HEY 192.168.1.1 WHATS YOUR MAC ADDRESS?)
    -Router responds back with it's MAC to PC1

    -PC1 sends data with the following info: Source Mac Address (PC1's Mac) Destination Mac Address (Router's Mac) Source IP (PC1's IP) Destination IP (74.125.67.100)

    -The router receives the segment (since you're communicating with google, you're probably trying to access the website over port 80 so you're using TCP) and strips off the layer 2 header and trailer, then looks at its own table. It looks to see if it has a route to the network that 74.125.67.100 resides on. Keep in mind that this is where NAT/PAT usually takes place, so be aware that this is where your private IP transitions into a public IP for the internet.

    -The router will either forward the segment to the network directly, or out to another router that knows how to get to the 74.125.67.100 network. To do so, it adds a l2 header and trailer to the already existing segment. Source MAC (Router's MAC) Destination MAC (Remote router) Source IP (PC1's Public IP address) Destination IP (74.125.67.100)

    -After the request gets through however many routers (or hops, however you want to look at it) and you finally reach Google.com, it views the request (port 80) and sends back the webpage, making its way through the routers back to PC1's router, which provides translation back to PC1.

    I apologize if you already knew this, it kinda got out of hand. Since I'm studying for CCENT as well and I want to sit it soon, it was a good review for me. I hope it helps if you didn't know it though.
  • Morty3Morty3 Posts: 139Member
    Agent6376 wrote: »
    I'm sitting my CCENT soon and I had hoped that someone was going to throw this out there. Thank God all that reading wasn't for nothing.

    And to the OP, yes. DNS works like this (if you don't already know)...
    ...
    ...

    Damn man, you nailed that! CCENT will be so easy for you :)
    CCNA, CCNA:Sec, Net+, Sonicwall Admin (fwiw). Constantly getting into new stuff.
Sign In or Register to comment.