|
Posted by Albert Manfredi on December 29, 2007, 1:49 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Imagine a common home DSL internet setup:
>
> =A0 =A0 1) You have a router that has a public IP address on the WAN port
> (I'll pick an entirely random value of 73.52.66.5) and a private IP
> address on the LAN port (192.168.1.1).
> =A0 =A0 2) Your two home PC's are 192.168.1.3 and 192.168.1.4.
> =A0 =A0 3) The router uses Network Address Translation to allow the home P=
C's
> to surf the web.
>
> (Ok, nothing exciting there)
>
> =A0 =A0 Now, the router has a feature called "IP Passthrough" whereby the =
IP
> address of the WAN port can become the IP address of one of the machines
> on the LAN. Forgetting for the moment the effect this would have on the
> router's NAT facility, I'd like ask how the following setup could work:
>
> 1: You have a LAN with two machines and a router.
> 2: Router's LAN port address =3D 192.168.1.1
> 3: Machine One's address =3D 192.168.1.3
> 4: Machine Two's address =3D 73.52.66.5 (because of IP passthrough)
>
> =A0 =A0 I'm curious what would happen if you tried to ping Machine One fro=
m
> Machine Two. Firstly assume that both machines have the following setup:
>
> =A0 =A0 Default gateway =3D 192.168.1.1
> =A0 =A0 Netmask =3D 255.255.255.0
>
> Here's what I *think* would happen:
>
> (Assume that the ARP cache is empty)
>
> 1) Machine Two performs a bitwise-AND with its own netmask and the
> address of Machine One. From this, it finds that Machine One is *not* on
> the same network.
> 2) Because the machine is not on the same network, it decides to send the
> packet to the default gateway (hard-coded as 192.168.1.1).
The default gateway of Machine Two has to be in the same IP subnet as
Machine Two. So Machine Two would communicate with Machine One through
the WAN side of the NAT.
See RFC 1122 Section 3.3.
If the destination is on a connected network, the
datagram is sent directly to the destination host; otherwise,
it has to be routed to a gateway on a connected network.
"A connected network" means an IP subnet to which the host is
connected. In order for Machine Two to be able to use the 192.168.1.1
gateway, Machine Two would have to be dual-homed, on the 73.52.66.0
subnet and on the 192.168.1.0 subnet.
> But first, it
> needs the MAC address of the default gateway.
> 3) So it broadcasts an ARP request looking for the MAC of 192.168.1.1.
> 4) Once it gets the MAC, it uses the router's LAN port of 192.168.1.1 as
> a default gateway to reach machines that are 192.168.1.*
>
> Is this right? Basically I'm asking if it's possible to have unrelated IP
> addresses on the same LAN?
Unrelated IP addresses can certainly coexist on any given L2 network.
But if a host on that L2 network only has one IP address, belonging to
one of the IP subnets, then it would have to send packets targeted at
the other IP subnet in that same LAN through the default router, no
matter that there's a quicker way that bypasses the router.
This is the norm. Even if you use Proxy ARP, a strange ARP hack, the
gateway is still involved in forwarding packets to the other L3 net.
Bert
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map