Okay, in this video I've actually set this network up, and I want to show you exactly what happens as we send IP packets from host A over here to host B. And so what we're expecting here is that when host A sends this packet, the source MAC address is going to match the MAC address of host A, and the source IP address is going to be this 9.2, and so that's going to match the IP address of host A. The destination IP is going to be the 20.2 over here of host B.
But the destination MAC address is actually going to be the MAC address of the San Francisco router right here because, again, the Ethernet frame is just going from host A to the router, and then the IP packet is going end to end. So to show you exactly how this works, what I'm going to do is I'm going to send a particular IP packet from here to here using the ping utility. And so the ping utility is a program that's available on pretty much any computer. And what it does is it lets you send a ping to a particular IP address.
So you might say ping 192.168.20.2. And what it'll do is it'll send a particular... It'll send an IP packet with ICMP, which is the Internet Control Message Protocol, ECHO. So it'll send an ICMP ECHO, which is just a particular protocol within IP. And then...
Any computer that receives an ICMP echo will send a reply back, which is called an ICMP echo reply. And actually the echo itself is called a request. And so what I can do is I can send, if I do this ping 192.168.20.2 from Host A over here, then it'll send an ICMP echo request to host B and then host B will reply. So I'm going to go ahead and do that, but when I do it, I'm going to run this Wireshark network protocol analyzer. And this is a this is actually a free program that's available on I think pretty much any operating system and I highly recommend that you that you go ahead and find this and download it it's a free program when you run it it captures any frames that your network interface sends or receives and so and then it will actually decode exactly what's in those frames and so it's incredibly useful for learning about networking so I highly recommend checking it out but what I'm gonna do is I'm gonna start running it and what's gonna happen is anytime I send or receive any network packets They're going to show up in this list here.
So now I'm going to go over here to a terminal and run the ping command. So in this terminal window, I'm going to say ping 192.168.20.2. And what happens is it sends a ping request to 192.168.20.2, and then it says it's received 64 bytes from 192.168.20.2.
So it sent and received a packet from that destination. tells us how long it took. So it says it took 1.808 milliseconds to send and receive the response. And so if you ping things that are further away from you, you'll find it takes longer just because the speed of light is not instant, especially over long distances across the internet. But this is pretty close.
And so if we go over and look at the Wireshark, we see that there are actually four frames that we captured. And so I'll stop it. And so the first frame is, I don't know if you can read this, but the first frame is ARP, an ARP protocol, and this tells us the length of the frame, but then the info here is Wireshark decoding the information in the frame for us.
And so it's saying that... this ARP frame is saying who has 192.168.9.1? Tell 192.168.9.2.
And so if we look over here, this is the initial ARP, because 192.168.9.2 needs to know the MAC address in order to send this ping packet. So it needs to know how to fill out this destination MAC right here. And so the first thing it does is that it sends this as a broadcast. And if we click on this, on this packet, or on this frame actually right here, you can see down at the bottom, this is the entire frame that it captured just in the raw hexadecimal.
And then the other thing you can see is if this middle window, it decodes it. If we look, we can see there's an Ethernet header in here, and then there's an ARP request. And so if we look at the Ethernet header, it highlights just the Ethernet header part.
And so we can see the first 6 bytes are the destination address. In this case, it's all Fs because this ARP request is being broadcast because computer A over here doesn't know where, you know, who has this 192.168.9.1 address, so it sends a broadcast to everybody on the Ethernet network. So the destination is a broadcast. And the destination address is...
is this 685B358E2C2D, which is the MAC address of host A. So it's being sent from host A to a broadcast. And then the last two bytes here is 0806, and that's the protocol ID, or the ether type rather, for ARP. And then the rest of this is the actual ARP itself. And if you want to, rather than trying to read the hex here, oops, you can expand these and it shows you Exactly what's what.
And so this is saying this is an ARP request for an Ethernet address. And so it's mapping an Ethernet address to an IP address. Ethernet address is 6 bytes long. The IP address is 4 bytes long.
And this is a request. And the sender is this MAC address, the 685B blah blah blah, this guy. The sender IP address is 9.2, so that's this guy. The target IP address is 9.1, that's what it's looking for, and then the target MAC address is all zeros because it doesn't know yet. But now if we look at the reply, here we have the reply, and this is from the sender now is AE95.
So the sender is now the San Francisco router down here. So the sender is that, the sender's IP address is 9.1, and then the target... MAC address and target IP are back up to A because the reply is going back from the San Francisco router to host A here.
And so this broadcast and then this reply allows host A to know what the MAC address here of the San Francisco router is. And there's another command that you can do, at least on some systems, certainly on the MAC that I'm using and also probably Linux, maybe Windows. If you do ARP 192.168.9.1.
then it'll actually tell us that it's learned that the 192.168.9.1 is at this particular MAC address. So that's just sort of a way to see that your computer has learned that MAC address. But anyway, back to the capture here. So once we have that ARP, now we can send the actual IP.
So here you can see we're sending an IP packet, and now the source is 192.168.9.2 with a destination of 192.168.20.2. And so that's actually going from 9.2 to 20.2. So that third packet that we see here is going end-to-end.
So here this third one is going end-to-end. And then we see the next one is the reply from 20.2 back to 9.2. So it's sending a packet over, and it's getting a reply back.
But what I want to emphasize is that if we look at this packet that's being sent from 9.2, we've got the Ethernet header which shows a destination address of 08002771AE95. So the destination Ethernet address of this IP packet is the San Francisco router. The destination IP address, so if we look inside the IP header, scroll down here to see the destination IP address is 192.168.20.2. And so that's what we're showing right here. So 20.2 is the destination IP, but the MAC address destination is the San Francisco router.
And then it's up to the San Francisco router to take that IP packet from within the Ethernet frame and forward it on to Denver. Denver is then going to forward it on to New York City. And then the New York City router is actually going to do the same thing.
It's going to do an ARP request to see who has 20.2 over here. And then once it has the ARP reply, then it can go ahead and put the correct Ethernet header on that IP packet and forward it out this Ethernet so that computer B gets it. And all of that is happening in order for us to get that reply.