Shulou(Shulou.com)06/01 Report--

The following is to quote a case from the book "Wireshark Network Analysis is that simple" to familiarize yourself with the basic operation of Wireshark.

First of all, ask the question: the network configuration of servers An and B in two days is shown in the following figure. The subnet mask of server B should have been 255.255.255.0, which was accidentally assigned to 255.255.255.224. Can they still communicate normally?

This question seems simple, but it involves basic routing principles, which can test whether your basic network knowledge is solid or not.

Let's first analyze this problem in theory, and then use Wireshark to grab the package and verify it.

There are basically two types of communication between hosts in a network:

Communication between hosts in the same network: data can be sent directly to each other without the help of a gateway.

Host communication between different networks: data must be sent to the gateway and then forwarded to each other through the gateway.

So how to tell if two hosts are on the same network? This is what the subnet mask does. The following is analyzed from the point of view of server An and server B.

(1) Communication from A to B

A has a subnet mask of 255.255.255.0, from which it knows that the network address of its network is 192.168.80.0. Now it wants to send data to B, calculate the IP address 192.168.80.3 of B with A's own mask, and know that the network address of B is also 192.168.80.0, so it judges that B is in the same network as B, and the data can be sent directly to B.

(2) Communication from B to A

B has a subnet mask of 255.255.255.224, from which it knows that the network address of its network is 192.168.80.0. Now it wants to send data to A, and calculates the IP address 192.168.80.129 of A with the mask of B. it knows that the network address of An is 192.168.80.128, which is not on the same network as B. therefore, it must forward the data to A with the help of gateway.

Therefore, it can be concluded that A can send data directly to B, while B can only forward data to A through the gateway. If there is no gateway, there will be no communication between An and B.

We can build an experimental environment in Vmware, and all networks choose NAT mode. In this mode, Vmware will provide a gateway 192.168.80.2 by default.

After the environment is set up, set up IP for An and B as shown in the previous figure, and find that they can ping each other. However, if the gateway of B is deleted, they will not be able to communicate, while deleting the gateway of A will not have any effect, thus verifying our above analysis. In the next blog post, Wireshark grab package will be used for further verification.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.