Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
A hub transmits everything it receives out every port. you dont what your broadband router doing this or the whole world will hear all your secrets. Fine for small networks.
yet another bit of Truth : hubs and switches operate on the ethernet layer, routers on the IP layer. Google OSI network model to understand the layer-to-layer concept, then downsize the model to fit with TCP/IP (which implements only four layers while the theoretical OSI model has seven. Oh my !)
A hub is a device that simply sends every bit it receives out of all it's ports (except the one on which it received the signal).
A switch creates a table of which MAC address is on which port. It then uses this to send a frame directly to the correct recipient. If it received a frame destined for a MAC address about which it doesn't know, it'll push it out the "uplink" port (if available), and it not, it'll discard it.
A router is a device that works with whole packets. Packets have source and destination IP addresses (or IPX, Appletalk, etc), so routers can use this information to determine where to send the packets. Routers are used to separate two networks, for example your LAN and the Internet.
A typical example of the route information will take when accessing this site, for example, goes like this:
You type in this address into the URL bar of your browser.
Your computer will determine the IP address of this url by contacting a DNS server.
When it knows the IP address, it'll generate some PACKETs destined for port 80 (the HTTP port) of the webserver. Into this packet it'll put your IP address, the IP address of your destination, as well as the actual information you wish to send.
This packet is then encapsulated into a FRAME. This frame actually contains the packet, but it adds to it some extra information: your MAC address and the MAC address of the machine to which it needs to send the information next... so this might be the MAC address of your router.
Your NIC will convert this data into a series of voltage changes which represent 1s and 0s.
If you're connected to a HUB, then these 1s and 0s are re-transmitted out of all ports. Even if there are computers connected to those ports that really don't care about what you're sending, they'll receive it and ignore it.
If you're connected to a SWITCH then it'll receive the 1s and 0s, recombine them to make a frame. Analyse that frame to discover who it's supposed to send it to (the 'next hop' MAC address, of your router for example). It'll then consult the table it has of which MAC addresses are attached to which ports, and send the frame to the correct port. From here, I'll ignore the conversion of frames to binary 1s and 0s - I'll just deal with frames and packets.
Your "next hop" (perhaps the router) receives the frame from the switch. It'll strip away the information about the MAC address from which it came (ie your computer) since it has received it now. So, it's removed the FRAME information, and is left with a PACKET.
It analyses this packet for details of where it's destination is - ie 64.179.4.149. It'll create a new frame, but rather than use your MAC address as the source, it'll use its own MAC address. Again, it will use the next hop as the destination MAC address - if this router is connected to the Internet, that will probably be owned by your ISP.
All the routers along the way will do similar things, until you get to your destination...
The router at your destination (64.179.4.149) will receive the frame, strip it of it's encapsulation leaving the packet. It'll recreate that packet into a new frame with a destination MAC address of the specific machine that is the web server. It'll then send it down it's ethernet port...
The switch will receive it, consult it's tables to find which port is connected to that MAC address, and push the frame out of that port.
Now, that is a tremendously simplified version of what happens - the Internet doesn't necessarily use the same type of frames as your LAN, however, your router will understand both and be able to use both.
Basically packets remain the same from source to destination, regardless of distance. Frames, however, change at every stop that involves a router. Switches and hubs do not interfer with either frames or packets, but a switch will interrogate a frame to find out where it came from (for when it is building it's tables) and where it's going (so it knows which port to use).
If you need any further clarification, don't hesitate to drop me a line... if you choose to do so, please do not ask really awkward questions - I am not prepared to relay the whole CCNA syllabus to you over email!
Originally posted by cidrolin yet another bit of Truth : hubs and switches operate on the ethernet layer, routers on the IP layer. Google OSI network model to understand the layer-to-layer concept, then downsize the model to fit with TCP/IP (which implements only four layers while the theoretical OSI model has seven. Oh my !)
Not quite as it is... the OSI model represents a 7 layer model of how network communication works. The TCP/IP model is not a subset of the OSI model. Even though the TCP/IP model only contains 4 layers, it still covers all the concepts and functions of the 7 layered model.
Code:
-----------------------------
Application |
------------|
Presentation| Application
------------|
Session |
------------|-----------
Transport | Transport
------------|---------
Network | Internet
------------|---------
Data Link |
------------| Network Access
Physical |
-----------------------------
Err... sort of. There are Ethernet frames, and if you're running an Ethernet LAN, then yes. If you're using PPPoE (Point to Point Protocol over Ethernet) for an ADSL connection, then yes for that too. However, if you're running any other type of network (ISDN, serial connection (including 56k dialup), FrameRelay, etc), then the frames will be different. Don't forget, though, that frames are only a consideration between to connecting devices. If you connect to a router, and your router connects to the Outside World, then there may well be two different types of frames being produced - Ethernet frames for your LAN, and Other frames for your Router-->Internet connection. However, the principle of a frame remains the same.
To add a little to my above diagram (only considering OSI model, on the left):
Code:
Layer 7: Application - Data
Layer 6: Presentation - Data
Layer 5: Session - Data
Layer 4: Transport - Segments
Layer 3: Network - Packets
Layer 2: Data Link - Frames
Layer 1: Physical - Bits on the "wire" (or optical cable!)
What I've added to the right hand side are called PDUs in Ciscospeak - Protocol Data Units. Layer 3, the Network layer, is where packets are considered. If you're using TCP/IP (the technology, not the TCP/IP "model") then this is layer concerned with IP addresses, subnets, etc. If you're using AppleTalk or IPX, then this is where their network addressing comes in. This layer allows you to give sensible and meaningful numbering scheme to your computers.
Layer 2, the Data Link layer, is where frames are considered. If you're using Ethernet, then the frame is an Ethernet frame. If you've got an ISDN connection to the outside world, then you may find that your router will repackage your packets into HDLC (or a variant of HDLC) frames. At this layer, we can talk of MAC addresses if we're using Ethernet. MAC addresses are used to identify the hardware - the MAC address of the NIC in your computer is (or should be) unique to your NIC. My NIC's MAC address is 00:30:BD:1F:96:60. The MAC address is divided into two main parts, the first part (00:30:BD)is used to designate the manufacturer, and the second part (1F:96:60) is used by the manufacturer to designate an individual NIC. Other technologies use different hardware numbering systems.
Well, Thymox. Finally I found some information that was simple enough to understand but deep enough to be interesting and learning. I still have two questions about this structure of connections. How is the actual Internet structured with all ISP's, backbones and root-servers. All people just uses the word Internet between the first box and the final box, they way through here are poorly described, sadly enough.
Also I can't wonder how the command "traceroute" operates. Does it collect packages from every router on the way or is there footprints in some packages... or frames? :)
Unfortunately I have only just started reading the CCNP (Cisco Certified Networking Professional - next step up from CCNA)... I am a long way of teaching it!
Basically, all routers along the line between your machine and the destination need to either be able to understand IP, or be able to re-encapsulate data from one frame type to another without considering the layer 3 information held within them - if they do the latter, then they are effectively acting as a multiprotocol bridge (a bit like a really fancy switch, but bigger and more complex) rather than performing any routing functions.
All layer 3 protocols (IP, IPX, AppleTalk, etc) are called routed protocols. Routers use something called routing protocols (RIP, RIPv2, OSPF, IGRP, EIGRP, etc) to exchange information about the best path to a given point. Routers may also be configured with something that you may be familiar with: a default route (or "default gateway" as it tends to be called in PCs). This is a special entry in their routing tables that says "if you don't know where you should send this packet, then send it there and let them deal with it".
Basically, people use the term "the Internet" because it is really very complex and quite difficult to explain. A network of networks, all joined together by various links to eachother. Lots and lots and lots of routers, all of differing capabilities, most of which will be frighteningly expensive, all performing similar tasks: taking packets from one interface, deciding what to do with them and what's the best route to their destinations, and then passing them on through another interface - possibly of a different nature!
As for traceroute... what happens (simplified version) is that your computer sends a special kind of ping packet (well, usually it sends 3, but that's not important here) that tells a router "hey, I want this ping packet to go here, but I want you to tell me that you received this packet and you are sending it on." When the packet reaches its destination, that machine sends a reply saying "Yeah, I'm here!" You end up with a whole list of "hops" that the packet took in order to reach the destination.
Here's my traceroute to LQ:
Code:
gsewell@grants:~$ traceroute www.linuxquestions.org
traceroute to www.linuxquestions.org (64.179.4.149), 30 hops max, 38 byte packets
1 ipcop (192.168.1.1) 9.355 ms 11.970 ms 10.982 ms
2 192.168.0.1 (192.168.0.1) 37.739 ms 28.007 ms 27.039 ms
3 bt-hg-stm1-2.prodigynet.co.uk (217.47.5.73) 29.132 ms 27.470 ms 29.401 ms
4 th-linx-gw.prodigynet.co.uk (213.232.80.1) 53.416 ms 98.195 ms 51.480 ms
5 lvl3gw.thn.packetexchange.net (212.187.197.193) 31.649 ms 54.886 ms 29.713 ms
6 212.113.3.29 (212.113.3.29) 99.758 ms 36.173 ms 27.884 ms
7 ge-0-3-0-0.bbr2.London1.Level3.net (4.68.128.125) 31.730 ms 42.860 ms 144.852 ms
8 as-0-0.bbr1.NewYork1.Level3.net (4.68.128.106) 97.334 ms 97.458 ms 131.069 ms
9 ge-6-0-0.gar4.NewYork1.Level3.net (64.159.4.146) 103.077 ms 95.354 ms 92.641 ms
10 ewr-brdr-02.inet.qwest.net (205.171.1.97) 159.726 ms 142.760 ms 127.106 ms
11 ewr-core-02.inet.qwest.net (205.171.17.129) 95.354 ms 179.722 ms 162.550 ms
12 chi-core-01.inet.qwest.net (205.171.8.229) 123.787 ms 115.152 ms 120.709 ms
13 chi-edge-09.inet.qwest.net (205.171.20.122) 116.195 ms 114.291 ms 114.029 ms
14 63.149.3.230 (63.149.3.230) 162.004 ms 132.841 ms 127.121 ms
15 atm6-5-978-pitb-isp-cisco.choiceone.net (66.202.102.254) 173.768 ms 152.682 ms 134.459 ms
16 web1.linuxquestions.org (64.179.4.149) 175.994 ms 159.977 ms 135.971 ms
gsewell@grants:~$
As you can see, the packets went from my machine to my IPCop router, from there to my Modem/router, to one of my ISPs routers, to another of my ISPs routers, and then off to other routers along the way untill it reaches LQ. Each hop has sent back a message saying how long (cumulatively) it has taken for that packet to reach them.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.