A tale of two packets:Bob&Sally by CBT nuggets

MrXpertMrXpert Member Posts: 586 ■■■□□□□□□□
I've just started studying for the ccent and have finished watching video#7 entitled a tale of two packets, bob and sally. The trainer's name is Jeremy Ciora and I know he is very well considered as an excellent trainer. He explains things clearly but video 7 has left me very confused and actually while watching the video i actually shouted "wait a mo what you're saying is wrong. I'm sure it is" Perhaps i'm missing something. I'd be grateful if you nice people could watch video 7 of cby nuggets icnd1(if you have it) or read my description below careful and comment on it please.

Ok here's basically what he said (not word for word but is the crux)
On a local network which is 172.10.1.0 with a subnet mask of 255.255.255.0, we have a host (we'll call her Sally)with a private IP of 172.10.1.20. Sally needs to be able to ping a server located at 192.168.0.1(subnet mask is 255.255.255.0)
In between Sally and the server are four routers.These are called routers A,B,C and D. Router A is the default gateway on Sally's network. Routers are connected up via WAN links.

In order for sally to be able ping 192.168.0.1, she first checks whether 192.168.0.1 is on her network. No it isn't, so she gets the MAC address (using a broadcast arp packet sent to all devices inc default gateway) of her local router A(the ip of which is 172.10.1.1)Before sending the packet to router A, the packet is assembled with the following:

Source IP: 172.10.1.20
Destination IP: 192.168.0.1
Source MAC: Sally (actually its Hex but we'll just call it sally's mac)
Destination MAC: Router A (Hex again but we'll call it Router A's MAC)

Router A receives packet and sees that the destination IP isn't on its network so it looks in its routing table and sees it can send the packet to router B located at 10.10.1.2. Router A sends this packet to router B but before it does so, it strips off Sally's MAC address and the originaldestination MAC(which belongs to router A). The IP header info of 172.10.1.20 and 192.168.0.1 are left virgo intacta. The only parts that are changed are the MACs. Source MAC is changed to Router A's and Destination MAC is changed to Router B's. The packet is sent, router B receives it and repeats the process of stripping off the MAC addresses and replacing with its own as souce and sending to the destination MAC of router C.

All of the above continues to happen until the packet reaches the server of 192.168.0.1. He mentions the golden rule of that whenever packets are sent across networks the only header info that changes are the MACs.


The explanation seems wrong to me because I'm sure from what i've learn from networking is that MAC addresses are Not uses between routers nor are they used between different networks. MAC addresses are layer 2 for switches. Not for routers. So how come they are being used to send packets?
I also thought that routers will also use NAT which means the IP header information does change. I find it hard to believe that when I request a webpage, my private IP address is contained in the packet and is sent to google's server? and all along the way from my client pc to google's server, the thing that enables all this is the MAC address?
I'm an Xpert at nothing apart from remembering useless information that nobody else cares about.

Comments

  • MrXpertMrXpert Member Posts: 586 ■■■□□□□□□□
    I later found this on a website which pretty much covers with pictures(cbt nuggets slides) what is being said but again it goes against everything i've heard before regarding routing

    Love Thy Network: Basic TCP/IP: The Tale of Two Packets
    I'm an Xpert at nothing apart from remembering useless information that nobody else cares about.
  • lon21lon21 Member Posts: 201
    This is from what I’ve learnt, which I believe to be correct, if I’m wrong someone please correct me.

    Routers are layer 3 devices which means that they will use/work from packets (Network Layer), frame (Data Link Layer) and bits (Physical Layer).
    The same goes for Switches but they are layer 2.

    If you are on an internal network you would not use NAT therefore the router would not use your public ISP address to mask your private address. If you were on a public network then your NAT router would send out data from a public address. This is done by you router holding info on a NAT tables which links back to your private IP address. It’s to do with port numbers and their mapping, it in the NAT and PAT video. Even when your NAT router communicates to the outside world it would still change MAC addresses while moving packets between routers but the IP address stay the same otherwise the final/return destination would not be known. I guessing here that the only way to have a route back to your host would be to use return MAC addresses that way the routing table knows what interfaces are connected to the router and links back via the MAC address.

    MAC addresses are used to communicate with physical devices which are connected and IP address are used to communicate with end to end services.

    Only example I can give is, if you were to send a cheque to your college to sign. You would need the address destination address and a return address. These are the two IP address. The MAC addresses are the postmans address between the destination address and return address.
    I would say because a router could have more than one interface which can have more than one IP address. The IP addresses on the router are only used to route the data around the network.

    Hope it helps
  • onesaintonesaint Member Posts: 801
    I havent seen the video. That said, from what Ive read, it is exactly what you stated. Routers do rely on mac addresses for the next hop. They strip the address adding in their own as source, yet never changing source or dest. IP. This allows them to get to the next hop without issue. I think your thinking MAC and IP are exclusive to each device, but they arent. Switches use MAC's only, but they even have layer 3 switches these days. The MAC is used to determine the next stop on the packets route to its final destination. Think of it like the MAC tells you the next and last hop, while the IP tells you the final destination or original source. lon21's letter example is a good way to think of it.

    As for the NAT, I think your reading to much into it. The example is just for the ARP/IP/MAC points and I suspect he was trying to make it less complicated. Of course, this is speculation as I havent seen the video. HTH.


    Heres another good explanation of it from :
    All a computer needs to know is how to get to the next router on the way to its final destination (next hop). Once your PC has the mac address of your closest router and hands the data off to it, then it is that next router's job to have the mac address of the next router in line and so on. Each router is only going to keep arp tables with mac addresses of devices that are on the same subnets as they are on. Remember the way they usually acquire mac addresses is using a broadcast. This will only reach as far as the next router. Routers will not pass on this information. If they did the whole Internet would come to a screeching halt because there would be so many broadcasts that the real data would be choked out. They only need to know how to get to the next hop.
    Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
    Next up: eventually the RHCE and to start blogging again.

    Control Protocol; my blog of exam notes and IT randomness
  • ChitownjediChitownjedi Member Posts: 578 ■■■■■□□□□□
    I am very sorry for resurrecting this old thread, but my question is dealing with the video and a concept in it specifically and its the only direct reference to issues with it on internet...

    I follow the video perfectly and find everything fine.. except for the Server IP on the end. He gives it the IP address of 192.168.0.1...my question is about the routing of private or pinging of "private IP's across the internet"... I thought that you could not theoretically ping a device on a separate network that had a private Ip address such as 192.168... am I missing something?

    Oh wait a minute.... is it because those routers are all private IP's themselves (10.10.1.2 etc....) and the WAN links actually refer to a Wide Area Network and not a Internet routing concept at all? still trying to understand this sorry.
  • SomnipotentSomnipotent Member Posts: 384
    within the scope of the CCNA CBT, jeremy uses a lab environment, his own CCIE rack of yore, with RFC1918 private addressing. you are correct, RFC1918 addresses are not routable on the public Internet.
    Reading: Internetworking with TCP/IP: Principles, Protocols, and Architecture (D. Comer)
Sign In or Register to comment.