The Default Gateway
Objective:
- Determine the path between two hosts across a network
To fully comprehend the routing of data, it helps to start where much of the data in a network originates: the computer. As application data is sent down the protocol stack, the source and destination IP addresses are added to the IP header. If the destination IP address is located on the same IP subnet as that on which the computer is, the computer adds the destination MAC address of that device at Layer 2 and sends it on the wire.
In instances where the destination IP address is on a remote network, it must send that traffic to a router on its segment that can forward the packet toward the destination network. Although you will forward traffic to this default gateway, the destination IP address remains unchanged. However, at Layer 2, the destination MAC address of the Ethernet frame reflects the default gateway’s MAC address because this is the forwarding device on the local data link segment.
In the example illustrated in Figure 10.1, the PC sends traffic to the server on the remote 10.1.34.0 network. The source IP address and MAC address are those matching the PC. On the other hand, the Layer 3 destination IP address of the IP packet reflects the IP address of the server (10.1.34.101). Because the destination IP address does not exist on the PC’s local subnet of 192.168.1.0, the PC encapsulates the router’s Fast Ethernet 0/0 MAC at Layer 2 because that is the configured default gateway for this segment. The switch in this scenario is operating as only a Layer 2 switch. Thus, despite having an IP address for management, this is not the default gateway for this segment because it is only forwarding frames at Layer 2.
EXAM ALERT
Despite having IP addresses assigned to switches for management purposes, Layer 2 switches do not act as the default gateway. If the exam does not mention the switch is Layer 2 or Layer 3, assume it is a Layer 2 switch.
When the router receives the frame addressed to its interface MAC, it processes the Layer 3 information and consults its routing logic to determine whether it knows where to route the packet. Because the destination network is attached to the router, it knows to send the packet out its Fast Ethernet 0/1 interface. A new Ethernet frame using its Fast Ethernet 0/1 MAC address (1243 523F A26C) for the source MAC address and the server’s MAC address (A345 764C F234) as the destination MAC are added to the original IP data as it is sent out to the destination segment.
EXAM ALERT
Be comfortable identifying what the source and destination IP address and MAC address should be at any point of the data delivery.
Verifying and Troubleshooting the Default Gateway
Objective:
- Verify network connectivity (including: using ping, traceroute, and telnet or SSH)
Suppose that in Figure 10.1 the traffic was a ping packet to test connectivity to the remote computer. If for some reason that ping failed, you would need to determine where the problem occurred. One method of testing the failure would be to make sure that you have connectivity to and from the originating PC and the default gateway. The default gateway on a computer can be assigned manually in the operating system or dynamically from a DHCP server. To ensure that the local computer has its IP and default gateway configured correctly, you need to look at the local PC’s configuration. This step differs depending on the operating system installed on the originating computer. Let’s assume for
this example that the computer is using Windows as its operating system. You would need to go to a command prompt and enter ipconfig to see how the computer’s interface(s) are configured for IP. In Figure 10.2, you can see from the output on the computer that the computer has been dynamically assigned an IP address of 192.168.1.2 and a subnet mask of 255.255.255.0. Notice also that the default gateway is also configured correctly, pointing to the local router’s Fast Ethernet 0/0 IP address of 192.168.1.1.
To seal the troubleshooting deal, notice that we went so far as to verify that the computer has a correct IP-to-MAC address binding for the default gateway by issuing the arp -a command from the command prompt to display the computer’s ARP table. You can see from the output that the default gateway’s IP address of 192.168.1.1 does correspond to its Fast Ethernet 0/0 MAC address. This ARP entry will continue to remain in the computer’s volatile memory as long as it keeps getting used. If no packets are sent to this address for five minutes (default), the ARP entry is removed. If you want to manually clear your ARP table on your computer (useful in cases where you recently changed your default gateway), the command is arp-d followed by the IP address or a wildcard asterisk (*) to delete all the ARP entries.
Seeing that the configuration of the originating PC is correct, next we should see if we have IP connectivity to the router’s Fast Ethernet interfaces. Because this is a small network, we can simply ping those IP addresses. In larger networks with many routers in between, it might be administratively easier to do a traceroute (the tracert command in Windows) to discover at what point along the routed path the ICMP packet fails.
So what happens if we can ping the two interfaces? At this point, we know that a packet can traverse our network, reach the default gateway, and exit the router’s remote network interface. The only culprit left is the remote PC. It is a pretty sure bet that the remote computer must have an interface problem or configuration error. Keep in mind that it too must return that packet to our network. Therefore, the remote computer must also have a default gateway configured so that it can return that packet to its remote network. Using the same steps as we used for the originating computer, we should be able to determine exactly what is causing this computer to not successfully return packets to our computer.