Networking Basics – Router

In the previous articles, we were mainly focusing on internal networks (interested readers can follow the author to view the articles). But the world is vast, and we always want to explore it. In the network world, how do we connect from an internal network to an external network? This is where a gateway comes into play. Let’s first look at the following command:

ip route add 10.168.10.0/20 via 10.173.23.1 dev eth0

Those familiar with this command should know that it is used to configure a route in the router’s routing table. If you are not familiar with it, don’t worry, you can continue reading. Here, I mentioned routers, routing tables, and gateways. So, what is the relationship between a gateway, a router, and a routing table? First, let’s clarify that a router is a Layer 3 physical device that serves as a gateway. Therefore, we usually refer to a router as a gateway. However, a router has several ports, each connecting to a different target LAN. The routing table defines which port to use for forwarding to which LAN and what the next hop IP is. So, this combination of devices and routing rules meets our need to connect from an internal network to an external network. To understand its working principle, we need to start with the MAC header and IP header. Suppose there is a host A in LAN A that wants to access host B in LAN B.

We know that the MAC header and IP header formats of network data packets are as follows. Each forwarding of the request packet needs to contain the following content: The MAC header first contains the destination address, then the source MAC address, followed by the protocol type. The IP header usually contains the version type (typically IPv4), TOS, LLS, etc. We mainly focus on the source IP address and the destination IP address.

The request process should go through the following steps:

1. Before sending the request packet, machine A finds that the target IP is not in the same network segment as itself (how to calculate this? It is calculated by ANDing the IP address with the subnet mask). Then it sends the request packet to the gateway. The request packet should look like this:
   • Destination MAC address: Router A’s MAC address
   • Source MAC address: Machine A’s MAC address
   • Source IP address: Machine A’s IP address
   • Destination IP address: Machine B’s IP address
2. Router A receives the request and finds that the MAC address matches, so it takes the packet. It finds that the destination IP address is in LAN B and needs to be forwarded through 10.1.1.1/8. The next hop is 10.1.1.1/8 to Router B. The request packet should look like this:
   • Destination MAC address: Router B’s MAC address
   • Source MAC address: Router A’s MAC address
   • Source IP address: Machine A’s IP address
   • Destination IP address: Machine B’s IP address
3. Router B receives the request and finds that the MAC address matches, so it takes the packet. It finds that the destination IP address is in the same network segment as itself and needs to be forwarded. The request packet should look like this:
   • Destination MAC address: Machine B’s MAC address
   • Source MAC address: Router B’s MAC address
   • Source IP address: Machine A’s IP address
   • Destination IP address: Machine B’s IP address
4. Machine B receives the request and finds that the MAC address matches, so it takes the data. After responding, it returns the data to Machine A through the same route.

This routing method seems quite clear, right? It works fine when different LANs are in different network segments, but LANs are mutually unaware. It is quite possible that the IP addresses of machines in two LANs are exactly the same. For example, the IP address of Machine A is 192.168.1.100, and the IP address of Machine B is also 192.168.1.100. If data is sent in the above manner, it looks like sending data to itself.

At this point, we need to use a router with NAT (Network Address Translation) functionality. NAT’s full name is Network Address Translation. Its main forwarding principle is to convert the source internal network IP to a public IP during forwarding, allowing communication with the external network. It hides the internal network from the external network, so at least one public IP is needed for communication with the external network, greatly alleviating the shortage of IP resources. There are three main types of NAT:

1. Static NAT: Manually configured, maps a public IP to a specific private IP and port. This way, external networks can automatically map to the corresponding private IP by accessing this public IP. However, this configuration requires a one-to-one correspondence between public IPs and private IPs, which requires the organization to apply for enough public IPs. This is feasible if you have the resources, but for the average person, this method is not practical.
2. Dynamic NAT: Suitable for situations with limited economic conditions and few public IP resources but many internal network hosts. It is a responsive dynamic configuration. When an internal network host dials up to the internet or establishes a remote connection, it dynamically assigns a temporary external IP address to this internal IP and stores it in the NAT table. This temporary external IP is also one-to-one with the internal IP, so the network data forwarding process is the same as with static NAT. When there is no communication between the internal IP and the external network for a certain period, the router will delete its temporary external IP from the NAT table for future use, to some extent improving IP utilization.
3. Network Address Port Translation (NAPT): Maps a list of internal IPs to different ports of the same external IP. This translation method is the most commonly used. NAPT has two types of translation:
   • SNAT (Source NAT): Replaces the source address before sending data packets to the external network. An example is packet masquerading.
   • DNAT (Destination NAT): The opposite of SNAT, it modifies the destination address. An example is load balancing.