gpg: failed to create temporary file '/var/lib/lurker/.#lk0x58316100.hantslug.org.uk.26220': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Wed Jan 30 12:34:03 2008 GMT
gpg: using DSA key 20ACB3BE515C238D
gpg: Can't check signature: No public key
On Wed, Jan 30, 2008 at 11:19:54AM +0000, alan c wrote:
> Berni Elbourn wrote:
> > Lots here for bedtime reading: http://www.debianhelp.co.uk/network.htm
>
> Thanks Chris and Berni.
> Useful link too.
>
> In the office network, which has a router, one switch and several PCs
> from the switch, is the router the only device which (probably?) knows
> the IP addresses of all the PCs?
No. See below.
> How does a switch know that one of its connections is from a router,
> and the other connections are from PCs, which it presumably has to know?
> tia
It doesn't.
(In the following, read it without the footnotes first).
[ I need to start with an aside about ARP. If a machine wants to send
a packet on the local network to a given IP address, it needs to find
out the MAC address of the destination so that it can address the
packet correctly at the ethernet layer, which is below the IP layer.
This is done using a protocol called ARP. All you need to know is that:
- Every packet sent must be addressed with both an IP address and a
MAC address
- A MAC address on the local network can be found given an IP address
and an ARP lookup
End of aside. ]
A switch(*) is basically a device that joins together all of its
ports into a single physical network. In this respect, it's like a
hub. The only difference between a switch and a hub is that a switch
keeps a record of which MAC addresses it has seen packets from on each
of its ports, and a hub doesn't. This allows the switch to redirect
packets for a given ethernet device to the right port, thus saving
bandwidth on the other ports. A hub simply broadcasts everything
everywhere.
Thus, the switch knows nothing at all about IP addresses -- it
works at the layer underneath that, and handles things at the ethernet
layer.
Now, to anticipate your next question: Packets for the outside
world get sent to the router because *each machine* on the network
knows that the router is special. This is the "default gateway"
setting in the network options on every machine. If you are using
DHCP, then the default gateway is set as part of the DHCP negotiation.
What happens is that every device(**) that has an IP address and
uses Internet Protocol must maintain at minimum three pieces of
information:
1) Its IP address
2) Its netmask
3) The default gateway
The IP address is used for (a) putting on outgoing packets as the
source address, so that returned packets can be sent to the right
place, and (b) identifying packets that are intended for the device.
(***)
The netmask is used to define the range of addresses which are
considered "local". Addresses which match the local network are sent
directly to the destination machine.
Finally, the default gateway (which is a router device) is the
destination for *everything else*.
All of this is embodied in the routing table. On a Linux box, you
can see the routing table thus:
hrm@vlad:~ $ sudo route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 br0
What this says is that 10.0.0.0/24 (or 10.0.0.0/255.255.255.0) is
the local network, and that packets for that network should be sent
out on the br0 interface. Then packets for anywhere else (0.0.0.0/0)
are to be sent through the default gateway (G in the Flags column) of
10.0.0.1, which is the router.
So... if vlad, the machine above, wants to send a packet to, say,
10.0.0.50, it will simply put it out on the local network, with a
destination of 10.0.0.50, and the MAC address of the destination
machine. The switch will look at the MAC address only, and send it out
on the correct port to get to where it's going.
If vlad wants to send a packet to, say, 152.78.64.20 on the
internet, it will construct a packet with that IP address as a
destination and then send it to the MAC address for 10.0.0.1. Again,
the switch looks at the MAC address only, and sends it to the gateway,
which then processes the packet, looks at the IP address of the
destination, and makes its own decision about where to send it next
(using a slightly larger and more complex routing table, because it's
a router).
Hope that helps clear up any questions,
Hugo.
(*) I'm talking about unmanaged switches here -- the sort that you're
likely to have at home. Managed switches -- the kind that get used in
big institutional networks -- are much more complicated things.
(**) "Device" here is really an *interface*, which is rather more
complicated than "machine", in that a machine could have several
network cards, and each network card could have several
interfaces. But don't worry about that for now.
(***) Of course, in a typical fully-switched environment, this is
redundant.
--
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
--- Our so-called leaders speak/with words they try to jail ya/ ---
They subjugate the meek/but it's the rhetoric of failure.
