LAN Connections – Exploring the Packet Delivery Process
Understanding the packet delivery process is a fundamental part of understanding Cisco networking devices. You must understand host-to-host communications and routers to administer a network. The following sections describe host-to-host communications through a router by providing a graphic representation.
Layer 2 Addressing
Host-to-host communications require Layer 2 MAC addresses to form an Ethernet frame to be sent onto the wire. MAC addresses are assigned to end devices such as hosts. The physical interfaces on a router provide a Layer 3 function and are assigned a MAC address These addresses are fundamental in the end-to-end delivery process. Figure 4-29 shows the Layer 2 addressing that will be used during this discussion.
Figure 4-29 Layer 2 Addressing
Layer 3 Addressing
To be able to move data from one network to another, there must be some type of Layer 3 addressing that can uniquely identify both the network and the host. For this example, we will be using IP as the Layer 3 addressing. Figure 4-30 shows the Layer 3 addressing for each device along the path. The router has its own Layer 3 address on each interface. This will be the gateway address for the client on each subnet and, along with a subnet mask, will identify connected networks to the router.
Figure 4-30 Layer 3 Addressing
Host-to-Host Packet Delivery
The steps to deliver an IP packet over a routed network are similar to the steps to send a letter through a mail delivery service. The key is to know the sender’s source address and the destination address of the data. There are a number of steps involved in delivering an IP packet over a routed network. The next several figures give you a graphical understanding of the process.
Note from earlier discussion that an IP host determines the network it belongs to from its IP address and subnet mask. The host will send any packet that is not destined for the local IP network to the default gateway. The default gateway is the address of the local router, which must be configured on hosts (PCs, servers, and so on).
In Figure 4-31, host 192.168.3.1 has application data that it wants to send to host 192.168.4.2. The application selects a User Datagram Protocol (UDP) as the transport for this data, indicating that the reliability of delivery is unimportant for this application or handled by application.
Figure 4-31 Application Sends Data to Transport Stack
Because it is not necessary to set up a session, the application can start sending data. UDP prepends a UDP header and passes the protocol data unit (PDU) to IP (Layer 3) with an instruction to send the PDU to 192.168.4.2. IP encapsulates the PDU in a Layer 3 packet and passes it to Layer 2. This process is illustrated in Figure 4-32.
This example differs from previous examples of sending packets (now called frames) at Layer 2 because the two hosts are on different segments: 192.168.3.0/24 and 192.168.4.0/24. Because the host is configured with an IP address and a subnet mask, it understands that 192.168.4.0 is on a different network. Because it does not know how to get to this network,
it must send the frame to its default gateway, where the frame can be forwarded. If the host does not have a Layer 2 mapping for the default gateway, the host uses the standard ARP process to obtain the mapping for the router. Figure 4-33 shows this process.
Figure 4-32 Transport Sends Data to IP Stack
Figure 4-33 Determine Host Is on a Different Subnet
The user has programmed the IP address of 192.168.3.2 as the default gateway. Host 192.168.3.1 sends out the ARP request, and it is received by the router. Figure 4-34 shows the PC sending out an ARP request.
Figure 4-34 ARP Request for Router
Because an ARP is a Layer 2 broadcast frame, it is not forwarded by the router to the other segment. The router interface on the local segment will, however, send the ARP to the router CPU to be processed. The router processes the ARP request like any other host. Figure 4-35 shows the router processing the ARP request.
Figure 4-35 Router Processes ARP Request
The router will update its ARP table with the address of the PC and will then send a response to the ARP request, as shown in Figure 4-36.
Figure 4-36 Router Responds to ARP Request
The destination host receives the ARP request. The device can now form a Layer 2 frame to put on the wire. Because the destination host is off network, the Layer 3 address will be mapped to the router’s MAC address in the frame. Figure 4-37 shows this step.
Figure 4-37 Off-Net Layer 3 Mapped to Gateway Layer 2
The pending frame is sent with the local host IP address and MAC address as the source. However, the destination IP address is that of the remote host, but the destination MAC address is that of the default gateway. Figure 4-38 shows the frame being sent to the router.
Figure 4-38 Frame Sent to Router
When the frame is received by the router, the router recognizes its own MAC address and processes the frame. At Layer 3, the router sees that the destination IP address is not its address, and it passes all packets that are for nonlocal destinations to the routing process. This is illustrated in Figure 4-39.
Figure 4-39 Router Process Frame
The routing process looks up the destination IP address in its routing table. In this example, the destination segment is directly connected. Because of this, the routing process can pass the packet directly to Layer 2 for the appropriate interface. This is shown in Figure 4-40.
Figure 4-40 Routing Table Lookup
The router will then have to send the packet out the destination interface using Ethernet. This will require that the router know the destination MAC address of the end device. If it does not know the Layer 2 address, it will use the ARP process to obtain the mapping for the IP address and the MAC address. This is shown in Figure 4-41.
Figure 4-41 Router Performs ARP for End Station
The ARP is sent from the router to the end workstation. Layer 2 will use the ARP process to obtain the mapping for the IP address and the MAC address, as shown in Figure 4-42.
Figure 4-42 ARP
The host receives the frame containing the ARP request and passes the request to the ARP process, as shown in Figure 4-43.
Figure 4-43 Host Receives ARP
The host responds to the ARP request, as shown in Figure 4-44.
Figure 4-44 Host Responds to ARP
When the router has the MAC address of the end station of the end device, the frame is forwarded to the destination, which completes the process. This is shown in Figure 4-45.
Figure 4-45 Router Delivers Frame to the End Station
Using the show ip arp Command
From the EXEC mode of the router, you can use the show ip arp command to verify that the router has the appropriate Layer 2 mappings.
To display the ARP cache, use the show ip arp EXEC command, as follows:
show ip arp [ip-address] [host-name] [mac-address] [interface type number]
The command syntax is described in Table 4-7.
Table 4-7 show ip arp Command Syntax Description
ARP establishes correspondence between network addresses (an IP address, for example) and LAN hardware addresses (Ethernet addresses). A record of each correspondence is kept in a cache for a predetermined amount of time and then discarded.
Example 4-15 displays the show ip arp command, and Table 4-8 describes the sample output.
Example 4-15 show ip arp Command Output
Router# show ip arp Protocol Address Age(min) Hardware Addr Type Interface Internet 172.69.233.229 - 0000.0c59.f892 ARPA Ethernet0/0 Internet 172.69.233.218 - 0000.0c07.ac00 ARPA Ethernet0/0 Internet 172.69.233.19 - 0000.0c63.1300 ARPA Ethernet0/0 Internet 172.69.233.309 - 0000.0c36.6965 ARPA Ethernet0/0 Internet 172.19.168.11 - 0000.0c63.1300 ARPA Ethernet0/0 Internet 172.19.168.254 9 0000.0c36.6965 ARPA Ethernet0/0
Table 4-8 show ip arp Command Output Fields
Using Common Cisco IOS Tools
The Cisco IOS Software has many common IP tools to be used for troubleshooting and verification of network connectivity. The most common tools used are ping and traceroute.
To diagnose basic network connectivity, you can use the ping command in user EXEC or privileged EXEC mode. The ping command sends out an ICMP echo request to an end station to verify reachability. The command structure is as follows:
ping [protocol { host-name | system-address}]
The command syntax is described in Table 4-9.
Table 4-9 ping Command Syntax Description
To discover the routes that packets will take when traveling to their destination address, you can use the traceroute command in user EXEC or privileged EXEC mode. The command structure is as follows:
traceroute [ protocol] destination
The command syntax is described in Table 4-10.
Table 4-10 traceroute Command Syntax Description