SystemsGM,
I'm assuming that WS1 and WS2 are in seperate networks based on your description.
The scenario of:
WS1 <-Ethernet-> SW1 <-Ethernet-> R1 <-Serial-> R2 <-Ethernet-> SW2 <-Ethernet-> WS2
WS1 IP: 192.168.1.2/24
WS2 IP: 192.168.2.2/24
R1 ethernet interface IP: 192.168.1.1/24
R2 ethernet interface IP: 192.168.2.1/24
WS1 has a packet of IP data destined for WS2.
The first thing WS1 does is determine if the destination of the IP packet is on the same network as itself. If it is, it checks its ARP table to determine if it already has a MAC address that corresponds with the destination IP address and puts that MAC address as the destination MAC for the outbound ethernet frame. If there is no MAC address in the local ARP table for the destination IP address, it sends an ARP request out the ethernet interface requesting 'whomever owns IP address x.x.x.x, please respond with your MAC address'.
If the destination IP address is on a different network, in this case it is, the workstation determines that the packet must be forwarded to the default gateway to be routed to the destination network.
WS1 has 192.168.1.1 as the default gateway, so it verifies if it has the MAC address for that IP address in its local ARP table. If it does not, it sends an ARP request asking 'whomever owns 192.168.1.1, please respond with your MAC address', in which the router will reply with it's MAC address for it's ethernet interface.
WS1 will then put the frame on the ethernet wire with a source MAC address of itself, and a destination MAC address of the ethernet interface of R1.
SW1 will forward the frame based on it's internal MAC forwarding table to the ethernet port that R1 is connected to on the switch. The switch does not alter or strip any layer 2 MAC address information.
R1 will receive the frame on its ethernet interface and will strip off the layer 2 MAC address information and look at the destination IP address and forward/route the packet accordingly.
If a route for a network that contains the 192.168.2.2 (destination IP) is in its routing table, it will forward the packet.
Let's assume that R1 has the 192.168.2.0/24 network in its routing table and the best way to that network is through its serial interface to R2. It will then forward the packet to R2 through that serial interface.
At this point, all of the previous layer 2 information is completely stripped from the packet. The source and destination IP address are kept in tact.
R2 receives the packet (technically a layer 2 frame) on its serial interface and checks the destination IP address of the packet, which in this case is 192.168.2.2. It has a directly connected ethernet interface that is associated/assigned the network that the destination IP address falls within, so it will prepare that packet to be forwarded out its ethernet interface.
The first thing that R2 does is check its local ARP table to determine if it knows what layer 2 MAC address is assigned to 192.168.2.2. If it doesn't have an entry, it will send and ARP request out the ethernet interface, with which WS2 will respond with its MAC address.
Once the destination MAC address is determined for WS2, R2 will add layer 2 information to the IP packet (encapsulating) making it a layer 2 ethernet frame with the source MAC address the MAC address of the ethernet interface of R2 and the destination MAC address the MAC address of WS2. Once the ethernet frame is created, it is forwarded out R2's ethernet interface to SW2.
SW2 then checks its MAC forwarding table to determine which port the destination MAC (WS2) is associated with, and will forward that frame to the port that WS2 is connected.
WS2 then receives the frame, strips the layer 2 information off and processes the IP packet accordingly.
Sorry for such a long winded explanation. Hopefully it was of some use.
Basic rule to remember - source and destination IP address never change between the source and destination device (unless you have a NAT device in the path), but the layer 2 information can change. Layer 2 information doesn't change until the packet has to traverse a layer 3 device (router).
HTH
Mike Morris
-----------------------------------------------------------
Hi guys,
great discussion here, you brought up a question I had long time ago. Is the MAC address of the switch ever attached to any packet/frame? I never heard the author say something like this, but since there are so many MAC addresses on the switch (one/port), what are those for?
As for systemGM, here is the answer to your question:
Let's start with your example, (of one router, 2 switches, and 2 PCs).
1. PC1 want to send PC2 some data, so the data moves from Layer 7, where data was generated, down to Layer 4. Now segmentation occurs, and L4 header is placed in front of the data. This is a segment.
2. The data continues its way down and come to L3, where destination IP address (IP address of PC2) and source IP address (IP address of PC1) is put inside the L3 header, which wraps around L4 Header + data. This is packet.
3. When data reaches L2, source MAC address (PC1's MAC address) and destination MAC address (Router's MAC address) is placed in the data link header. Note that layer 2 has a FCS trailer. This is a frame.
4. The frame is translated (from human language) to bits (computer language, 0 and 1) and send out on the physical media toward the switch.
Theoretically, the frame = (L2 header (L3 header (L4 header (data) ) ) L2 trailer)
Sw1 receives the bits, translated back to the frame and read the L2 header. After reading it, Sw1 now knows this frame is destined for the router and forward the frame to the interface that is connected to the router. L2 header remains intact and the frame is again translated into bits and send out to the router.
Router now receives the bits, turn it into a frame. Router now knows the frame is for itself, and discard the frame. This is like you received a letter for you, and you open it to see the content. After L2 header and trailer are discarded, what is left is L3 header, which contains the destination IP address. After reading the destination IP address and know that the packet isn't for the router, the router then made a decision to forward the packet. Following the previous analogy, you have received a letter for you, but it's titled to your best friend; of course you would want to give it to her. This is what routers do, they receive things never intended for them, and forward the things to where they are supposed to be. It's a little pathetic if you think about it.
Okay, now the router has made a decision where to send this packet, again, it wraps it up into a frame, which now has source MAC address of the router and the destination MAC address of PC2 (remember that MAC addresses are obtain using ARP). The frame turns into bits and send to Sw2.
Sw2 receives the frame, read L2 header and matches the destination MAC address to an entry in its CAM table (equivalent to routing tables for routers). Once an entry has been found, the frame is forwarded out on corresponding interface.
PC2 now receives the frame, decapsulate it 3 times (bits -> frame -> packet -> segment) until it becomes data only and can be read by PC2's application programs.
In summary, from PC1 to router: S MAC = PC1's MAC, D MAC = router's MAC, S IP = PC1's IP, D IP = PC2's IP. From router to PC 2: S MAC = router's MAC, D MAC = PC2's MAC, S IP = PC1's IP, D IP = PC2's IP
Best,
A
+++++++++++++++++++++++++++++++++++++++++++++++
Reference:
https://learningnetwork.cisco.com/thread/11735