1. Can different network segments of the same VLAN be pinged?
Now there are two computers, and they're in the same VLAN.
pcA IP地址:10.1.1.1/8
pcB ip address: 11.1.1.1/8
01 无网关,A ping B
报出的Destination host unreachable
Obviously, machine A finds that the other party is not in the same network segment as itself, and tries to find the gateway, but the gateway does not exist, so it reports that the host is unreachable, and the Sniffer on B does not catch any packets, and the observation network card is also only sent but not received, obviously the data does not go out.
02 网关设成对方IP,A ping B
Can ping normally, why can it be passed?
As can be seen from the packet caught on computer Sniffer, A first made an ARP broadcast during the ping of A's other party, and it broadcast to ask what the MAC of 11.1.1.1 was.
Obviously, this ARP broadcast can be received by B (because they are in the same VLAN), and 11.1.1.1 happens to be B's IP address, so B has to respond to this ARP request. The following figure shows the packet capture situation on A, where A first performs an ARP broadcast and then receives a reply from B.
In this way, A has B's MAC, and B learns A's MAC address when he receives A's ARP broadcast, so both parties can ping.
03 网关设成自己,A ping B
The same can be pinged, and the packet capture on A is as follows:
The result of the catch is the same as in the second case, A still broadcasts the MAC asking 11.1.1.1 first, and after this ARP broadcast is received by B, B is obliged to answer, so both parties know each other's MAC, so they can PING.
Unlike the second case, it is clear that 11.1.1.1 in ARP refers to the IP address specified in the ping and not to the gateway (in this case, gateway A is 10.1.1.1).
So in the second case, 11.1.1.1 also refers to the IP specified in the ping? Let's take a look at the following.
2. Ping three non-existent IP addresses to gain an in-depth understanding of the principle of network communication
Set the gateway to itself and ping 3 non-existent IPs:
One is on the same network segment as yourself;
One is on the same network segment as the gateway;
One is not on the same network segment as anyone.
01 Ping the IP address of the same network segment as yourself
The ping returns a timeout, and the result of capturing packets on B is as follows:
It can be seen that A emits an ARP broadcast that asks 10.1.1.2 instead of asking the gateway (10.1.1.1) and since this IP does not exist, no machine responds.
02 ping和网关同一网段的IP
Timeout. B receives an ARP broadcast about 11.1.1.2 from A, and there is no response from the machine because the address 11.1.1.2 does not exist.
03 Ping and no one is in the same network segment
Timeout. B receives an ARP broadcast about 100.1.1.1 from A, but there is no response from the machine because the address 100.1.1.1 does not exist.
From the above three experiments, when the gateway is set to itself, no matter what the ping address is, the ARP broadcast sent by the computer directly asks the MAC corresponding to the IP specified in the ping, and does not ask the MAC of the gateway, which is in line with the above description.
In fact, the computer will still ask the MAC of the gateway before broadcasting the IP specified in the ping command, but here this step is skipped because the gateway is itself.
Is that really the case? Let's verify it again.
3. The IP address of B in the AI computer gateway settings and the IP address that does not exist in the gateway settings of B
Computer gateway A is set to the IP address of B, but the gateway of B is set to an IP address that does not exist (and it is not on the same network as A/B).
01 ping与网关同一网段IP
If you capture packets on A, you can see that A first sends an ARP broadcast request about gateway 11.1.1.1 (corresponding to B receiving this broadcast request), and B responds ARP to 11.1.1.1, but this IP does not exist, so the ping result times out.
02 Ping is not on the same network segment as anyone
Timeout. The result is similar to the 5.2 result, A makes a request about gateway 11.1.1.1, and B responds. But the ping is timed out.
03 Ping the address of computer B
The result times out, why doesn't this work? It is said that according to the above test, AB computer can get the other party's MAC, under Ethernet, there should be a possibility of communication with MAC, but at this time it is not possible.
Looking at the package caught by Sniffer reveals that:
A sends an ARP broadcast request about 11.1.1.1, and B responds to 11.1.1.1, but there are multiple ARP broadcast requests from B about 100.1.1.1, and the request for 100.1.1.1 does not get a reply from B, it seems that B has been trying to query the MAC corresponding to B's gateway (100.1.1.1), and B will not respond to the ping until the MAC of the gateway does not get a reply.
From all the above experiments, it can be seen that when the computer communicates with an address that is not the local network segment, the computer first looks for the MAC of the gateway, and if the gateway MAC does not get a response, it will not respond to the ping.
Therefore, the cases of instances 1 and 2 are special cases that deceive the computer by taking advantage of the fact that the gateway is the same as the host IP. If the AB gateways are set up to have nothing to do with the AB ip, they will definitely not communicate with each other.
Pay attention to the good of the industry: IT operation and maintenance base camp, and get the 60 G "Network Engineering System Gift Package"