This article takes a simplified network architecture as an example to walk through the entire transmission process of TCP segments that happens when you type a URL (e.g., www.google.com) in your browser and press Enter. We’ll explore how DNS resolution, ARP, TCP/IP encapsulation, PAT, and routing cooperate to send your data from a PC across LAN and WAN to Google’s servers. While this article presents a basic case for learning purposes, keep in mind that real-world implementations are often more complex.
1. DNS Resolution: Translating Domain Names to IP Addresses
When you type a domain like www.google.com, the browser first needs to resolve it into an IP address to initiate communication:
- The system checks the local DNS cache, including /etc/hosts or OS cache.
- If not found, it sends a DNS query to the configured DNS server (usually provided by your ISP or router).
- The DNS server responds with the corresponding IP address (e.g., 142.250.190.132).
- Now the browser is ready to start a TCP connection with the target IP.
2. prepare for establishing tcp connection
before sending packet, system needs to do some preparations.
source IP: the ip of network card
Destination IP: the ip gotten from the DNS server
Source MAC: the Mac of network card
-
Destination MAC:
- If the destination is in the same subnet, it can be obtained via ARP.
- If it’s in a different subnet (which is usually the case), the packet must go through a default gateway, and we need the gateway’s MAC.
How does the system find the MAC of gateway: ARP (Address Resolution Protocol)
- Determine if the destination is outside the subnet using the subnet mask.
- If yes, send an ARP broadcast: “Who has 192.168.1.1?”.
- The gateway replies with its MAC address.
- Your PC caches this MAC for future use and proceeds with frame encapsulation.
3. Data Encapsulation: The 4-Layer Protocol Stack
- Application Layer (HTTP Message): • e.g., GET / HTTP/1.1 request.
- Transport Layer (TCP Segment): • Adds source/destination ports (e.g., 40000 → 443 for HTTPS), source port is a dynamic port (1024-65535) assigned by the OS (e.g., 40000) • Segments data if necessary.
- Network Layer (IP Packet): • Adds source/destination IPs. • Other fields: TTL, checksum, etc.
- Link Layer (Ethernet Frame): • Adds source/destination MAC addresses. • Includes a trailer with FCS (Frame Check Sequence) for error checking.
Finally, the complete Ethernet Frame is handed to the LAN switch.
4. Sending to the Gateway via Switch (Layer 2)
The switch maintains a MAC address table. For example: 00:1A:2B:3C:4D:5E → Gi0/1,VLAN 10 means the device which holds the Mac address is connecting the Gi0/1 port.
When the switch receives the frame from one port, the switch check whether the map between the source MAC and the port exists in the table. If not, adding the map to the table.
The switch check whether the dest MAC of the gateway exists in the table.
If not, it send the frame through all the ports except the source port. After the gateway receives the broadcast frame, it replies with its MAC address (e.g., 00:1A:2B:3C:4D:5E). The switch then records this MAC-port mapping in its table, so future frames to the gateway can be forwarded directly (no more flooding).
5. Gateway Performs PAT (Network Address Translation)
If your PC uses a private IP, the edge router (PAT device) must translate the address:
- Source IP: Changed from private (e.g., 192.168.1.100) to the router’s public IP (e.g., 203.0.113.10).
- Source Port: Replaced with a temporary public port (e.g., 50000).
- PAT Table Entry: 192.168.1.100:8080 → 203.0.113.10:50000.
The router then forwards the modified IP datagram into the WAN.
6. Routers in the WAN: Finding the Shortest Path
Routing tables are built either manually (static routing) or automatically by dynamic routing protocols (e.g., OSPF for internal networks, BGP for communication between ISPs), which exchange path information to find the best route. Every WAN router maintains a routing table database that maps destination IP networks to:
- The "next-hop" router (the next router in the path).
- The outgoing interface (the physical port used to send the datagram).
- Metrics (e.g., hop count, bandwidth, latency) to determine the "best" path.
Routing Decision Process:
- Check IP header: TTL, checksum, etc.
- Longest Prefix Match: Match the destination IP to the most specific network.
- Select Best Path: Based on lowest cost metric.
- Update headers:
- Decrement TTL
- Replace destination MAC with next-hop MAC
- Forward to next router
This continues hop-by-hop until the packet reaches the destination’s local ISP.
7. Final Delivery and Decapsulation
The last router determines the packet belongs to a directly connected LAN segment:
- It forwards the frame to a switch or directly to the server.
- The server receives the frame and begins decapsulation:
- Link Layer → IP Layer → TCP Segment → HTTP Message
- The message is finally processed by the application (e.g., web server like Nginx or Apache).
8. How the Server Responds
The server’s response follows the same encapsulation process as the request, but with reversed source/destination IPs and ports (e.g., source IP: Google’s server IP, destination IP: your PC’s private IP after PAT translation).
- The server crafts a response and sends it back.
- At the first router (PAT gateway), the PAT table is used to map: 203.0.113.10:50000 → 192.168.1.100:8080
- The router rewrites the IP and port fields accordingly and forwards the packet back to your PC.
Top comments (0)