Welcome back my networking geeks. In this part we are going to keep discussing about IP Addressing and I hope after you finish reading it you will become an IP wizzard.
So in the last tutorial we did what we did without the use of our default gateway. To be honest, in really rare circumstances you might have that kind of network-having a bunch of devices plugged into a switch and you just want them to communicate in the LAN (Local Area Network). In that case, indeed you don't need a default gateway. Our default gateway has an IP as well since it belongs to a network and its IP usually ends with '.1'. Why? The same way the network's IP ends with '.0' as we said on the last tutorial, the same way the default gateway's IP most of the time ends with '.1'. Let's open our terminal and figure that out:
Assuming that you are on a windows machine, open up the terminal and type ipconfig:
As you see my gateway's IP is 192.168.1.1.
So you may be asking yourself "what's the default gateway use for then?". Come on, I know you feel it. Remember, we used the switch for our local area connection. Do you feel it where this is going now?
The default gateway(router) gets you off your network, gets you to some other network which nowadays is called Internet. Internet is a giant network.
Let's fill that last key piece in the concept. I will use the example I used from the last tutorial. Let's say our computer has the IP 192.168.1.67 and we want to ping 9gag's webpage. Do you remember the process? Open your terminal and type ping www.9gag.com_ . The result that should be shown on your terminal screen should be 9gag's IP with some other info about it which are useless to us for now.
9gag's IP is 22.214.171.124. In your case, it will probably be different because their IP isn't static, which means it can change every other second or minute, for security purposes. Do you feel that last piece of the puzzle? Are you thinking what I'm thinking?
Remember the ping process we descirbed on Part 1? When our computer pings an address, it looks at the subnet mask in order to define the network it is aiming at. Our network in that case is 192.168.2.0. So our machine thinks "wow wow wow hold on right there. This is NOT in my neighborhood/network". It's quite obvious that they don't belong to the same network, right? I mean, look at the first 3 octets and compare them, not even close to being similar. All it takes is one of the numbers of the first 3 octets to be different and our computer immediately realizes that the specified computer we are trying to reach doesn't belong to his neighborhood. There is something else our machine realizes as well and this is the fact that it CAN'T send an ARP message and reach that IP Address. Why not? Because that is mission #2 of a router. What's is the mission #1 of a router? Well, the word spoils it by itself. It's to get you where you need to go based on IP Address information, but mission #2 is "I stop broadcasts". That's the fundamental function of the router, it is to separate network and this is how it does it:
Take a look at the picture above. Do you see where the router is placed at? It's not by coincidence. It keeps seperated the broadcast traffic for both the LAN and the Internet side. So if our computer sends an ARP message to our network, it will flood our local network but it will never reach the 9gag server, it will never go outside of our network because the ARP message gets sent to the switch and not to the router and since the switch doesn't know anything except for its local network, the packet will be dropped. So what our computer is thinking is "ok this IP Address is not in my network, so there is no point sending a message to the switch since the switch knows about the devices that are plugged into it only. I need to send this to my default gateway!". I need your full focus now, because what I'm about to say is probably one of the most important concepts you have to understand out of these series.
Our smart computer says "I'm going to ARP! but NOT for the 126.96.36.199", because it knows that it will be dropped, "instead, I'm going to send an ARP message for my default gateway. "I want the MAC Address for my default gateway, and this is the kind of packet I'm going to form." So we will send a ping packet with the destination IP Address of 9gag, the source IP address is ours 192.168.1.67, the destination MAC Address is going to be...our default gateway and the source MAC Address is our computer's. This is what allows our machine to send a ping message to the router because the switch as we said in the previous tutorial, it doesn't even see the IP Address. So the gateway is plugged into the switch and we send a message to the switch, the switch doesn't even see the IP Address as we said, they just don't have that capability, they just look at MAC Addresses.
The computer sends it to the switch, the switch says "oh ok, I'm going to send it to the destination MAC Address(which is the gateway)", and the router gets it and it says "oh oh message for me", but then when it looks further in the packet, because routers look at the IP, in contrast with the switches that don't, and it says "ooooh this isn't for me, this is for 9gag.com and I just happen to know how to get you there. I'm going to send you out to the ISP(Internet Service Provider) as the next hop".
Oh my my, go back and read those 2 paragraphs above, do it again and again and again, show it to someone, explain it to someone. If you do that, you've got the network fundamentals.
That is such a BIG concept. I will end this tutorial at this point because I know this concept is huge and probably quite hard to grasp from the first time. I was thinking of having an exercise example as part 3 of these series on what I discussed about so you can be able to solidify what you just learnt. Let me know if you are interested in that :) To sum up, the switch is responsible for the "inside traffic", while the router helps us reach out devices on the Internet. I'm looking forward to your feedback guys and girls. I hope you enjoyed reading it and have a wonderful day!
Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.
Other worthwhile deals to check out: