Forwarding the network packets at the link layer, the network layer

A link layer forwarding

  Switch: According to Mac address to forward the data frame . The switch has a record LAN the correspondence between the MAC address and switch interface , the switch is responsible for data frame transmission to the host specified according to this table.

  Working principle: the switch after receiving the data frame, first, the records in the data frame interface to a MAC address table the source MAC address and the corresponding, then checks to see if the information in the data frame destination MAC address of the own MAC table , if the frame will be transmitted in accordance with the interface corresponding to the data recorded in the MAC address table out (unicast), if not, it accepts the data frame from the interface the non-transmitted (broadcast).

  Data frame is transmitted during a single switch:

  1. ping pc2 on pc1 ip, before construction icmp packets, you need to know mac address of the target host, since at this time there is no match on pc1 mac address entry, pc1 will first send broadcast messages.
  2. The switch receives the data frame, the first data frame source MAC address and corresponding interface (interface feth26) recorded in the MAC address table.
  3. The switch then checks whether the destination MAC address information of the data frame own MAC address table, if any, sent out from the interface recorded in the MAC address table, if not, it receives this data frame from the non-Interface We sent out all interfaces (that is, except feth26 Interface).
  4. At this time, the LAN all hosts will receive the data frame, but only the host B receives this broadcast will respond when the data frame and a response data frame, the data frame includes the MAC address of the host B.
  5. When the switch receives the data frame response host B will record the source MAC address of the data frame (i.e. MAC address of the host B), then, and then when the host A and host B communicate, the switch according to the MAC address table the record, achieved a unicast.

  A plurality of switches interconnected data frame transmission procedure:

  1. A source host to a MAC address for itself, the data of the destination MAC address of the host C is sent to the switch frame.
  2. After the switch 1 receives the data frame, will learn the source MAC address, and checking the MAC address table, we found no record of the destination MAC address, then the data frames broadcasted, the host B 2, and the switch receives the data frame.
  3. After 2 switch receiving this data frame will also record the source MAC address and the interface corresponding to the data frame to the MAC address table, and to check its MAC address, destination MAC address is not found in the record, this data will be broadcast frame.
  4. Host C after receiving the data frame, the data frame will respond to this, a source MAC address and respond to its own data frame, when switch 1 and switch 1 are the MAC address of the host C is recorded in its own MAC address table, and in the form of unicast frame send this data to the host A.
  5. At this time, hosts A and C communication is a unicast data frame transmitted in the form of, Hosts B and C as the communication process as described above, so the switch MAC address recorded in Table 2, Host A and Host B's MAC address are the corresponding interface feth26.

  If the Mac is no general relationship between the corresponding record on the switch, it is broadcast, all switches connected to the switch can receive the data frame, the match is unsuccessful broadcast ... in order to match the success of the response data frame and reply source MAC address of the frame for their data.

to sum up:

  1. The switch has a function of dynamically learn the source MAC address and the interface switch may correspond to a plurality of MAC addresses, but only one MAC address corresponds to one interface.
  2. Switch dynamically learn the MAC address of the default only valid for the 300S, 300S if the MAC address in the record of no communication, this record is deleted.

ARP cache table

  Each host has an ARP table that records the corresponding relationship between the IP address and MAC address of the host.

  ARP protocol: ARP protocol is working at the network layer protocol, which is responsible for IP address resolution for the MAC address.

  1. If the host A wants to send data to the host B, host A first checks its own ARP cache table, to see if there is correspondence between the IP address and MAC address of host B, if there will be a MAC address of host B the source MAC address encapsulated in a data frame. If not, the host A will send an ARP request message, the request destination IP address is the IP address of the host B, the destination MAC address is a broadcast frame MAC address (i.e., FF-FF-FF-FF- FF-FF), a source IP address and MAC address of the host IP address and the MAC address a, the host a transmits a broadcast packet is as follows. Wherein the Layer 2 packet header object mac broadcast of all F mac, arp packets encapsulated object mac address mac address of all zeros.

  2. When the switch frame after receiving this data, found that the data frame is a broadcast frame, and therefore, would send this data frame from the non-reception of all interfaces out.

  3. When the host B receiving this data frame, whether the destination IP address is found their correspondence between the IP address and MAC address of the host A and to record their own ARP cache table, and sends a unicast response message (ARP reply), which includes its own MAC address.

  4. A host in a data frame after receiving this response, the mapping between the IP address and MAC address of the host B is recorded in its own ARP cache table. At a time when the switch has learned the MAC address of host A and the host B.

 Second, the network layer forwarding

  Router is responsible for communication between different networks. In the router also has a table, this table is called a routing table, a record of the information to different network segments. Information routing table is divided into non-direct routes and direct routes.

  1. Direct routes: directly connected to the router interface network segment, generated automatically by the router.
  2. Non-direct route: the router is not directly connected to the network segment on the interface, this record needs to be added manually or dynamic routing.

  Recorded in the routing table entries need to add some (known as static routing) manual, and some test dynamically obtained (referred to as dynamic routing). Direct routes are static routes.

  Routing works: router works at the network layer, a logical address identifying the network layer. When an interface of a router receives a packet, the router reads the corresponding part of the target network packet logical address, and the routing table lookup. If the destination address to find the route entry in the routing table, put the packet is forwarded to the appropriate interface of the router, if the routing entry for the target address is not found in the routing table, then the default route if the routing configuration, it is forwarded according to the default routing configuration to a corresponding router interface; if not configure a default route, then the packet is discarded, and return information is not reached. This is the data routing process.


  1.PC1 packets from an upper layer in the network layer encapsulation into IP packets (where the source and destination IP addresses are PC1, PC2 IP address), so that the source, destination IP address "and" operation to derive whether the same segment, this time found PC1 / PC2 hosts on different network segments, so the packet will be forwarded via the gateway A.

  2. A gateway is not recorded because PC1 (i.e. routers R1) mac address, will send an ARP request to obtain, and the gateway A package for the purpose of mac address mac address, source mac host is A.

  3. arp gateway device receives broadcast packets found on destination ip is their own, will be sent arp packets (unicast) packets in response. PC1 after receiving the packets are logged into your source mac mac table.

  After studying to 4.PC1 ​​mac address, encapsulation icmp packets are sent, the packet source ip, ip host object ip respectively PC1 and PC2, the mac source mac address, destination mac PC1 to the gateway interface mac address.

  The routing device will decapsulates packets, ip not found their purpose while not the same network segment, this time will check whether the record matches the own routing table entry for object ip route segment, the routing information is found, then data packet to be forwarded corresponding to the interface feth27.

  6. Before forwarding the packet routing device needs to know the destination mac address, the broadcast will be sent from the interface arp feth27, PC2 acquired the broadcast packets as follows:

  7.PC2 will learn the source mac address arp request packet view packets ip is their purpose, will be sent arp response packet responded, this time on the device has learned the complete arp table.



Guess you like