How to check if its a Router or a Switch? Address in packet from a host in private lan?

Question

I'm in a campus network, Where the network has an hierarchy. We connect to internet using Proxy servers. All our computer IPs are something like 10.*.*.*.

• 10.1.*.* => Dept 1 (mathematics)
  • 10.1.1.* => 1st floor of this dept.
  • 10.1.1.2 => Default gateway for this floor1
  • 10.1.2.* => 2nd floor of this dept.
  • 10.1.2.2 => Default gateway for this floor2
  • 10.1.3.* => 3rd floor of this dept.
  • 10.1.3.2 => Default gateway for this floor3

Similarly for other department

• 10.2.*.* => Dept 2 (computer science)
  • 10.2.1.* => 1st floor of this dept.
  • 10.2.1.2 => Default gateway for this floor1
  • 10.2.2.* => 2nd floor of this dept.
  • 10.2.2.2 => Default gateway for this floor2
  • 10.2.3.* => 3rd floor of this dept.
  • 10.2.3.2 => Default gateway for this floor3

etc.. This goes on for 30 such deparments. I hope you got the picture. Now, I've following queries:

1. I want to know if the hardware (which is hanging in the corridor of each floor) that is used as "Default Gateway" is a Router or a Switch? I've its physical address "00:07:0d:e2:57:fc" / Cisco_e2:57:fc. Well, I don't have any kind of access to inspect the hardware. Its locked inside a box and hanging at a height of 3 meters.

2. I'm wondering what would be the src address in the IP Header of a packet that is sent from my computer (my IP is 10.3.2.47) and received by say google.com. Will it be my local IP address? Wouldn't that cause problem? How would google.com again send a reply packet to me? Because my computer is not visible outside my campus.

3. What if I want to send a packet from my machine( 10.3.2.47) to a computer in another private lan like mine. Say to a guy in mathematics deptartment in university of china. He may have IP address like (10.3.2.57) or even my IP address ( 10.3.2.47).

I'm really curious about how the communication occurs between a computer in private lan and outside world.

Answer 1

I can't answer whether that hardware is Router or Switch, but I will answer the other questions. Private IP address conflicts like the one you are suggesting in #3 are resolved by Network Address Translation. For question #2, as your request is sent to the internet, the IP address is translated into one that is suitable for the internet. The router or proxy that is doing this remembers your request and when the response comes back, it reverses the translation and sends it to you on the LAN at your private IP address.

EDIT: Let me clarify that both of these scenarios use NAT, but a proxy server does not do NAT exactly, they have a similar method.

Answer 2

1. You can try talking to the router on its telnet or http port. It probably won't let you in but its "go away" message might give you some information of its device type.

Answers 2 and 3 are as Segfault said; the Wikipedia page is worth a read.

Answer 3

1. Some hardware performs both switch and router services (eg if there's 4 ports, 2 of them are for one vlan and 2 of them are for the other, it acts as a router between the two vlans but it also switches between the 2 ports on the same vlan). It can be difficult to tell where switches are without physically inspecting the network, but a lot of routers identify themselves if you start tracerouteing across them.

2. The IP headers of the packet received by google.come will be generated by a machine doing NAT somewhere on the edge of your network (more than likely your internet gateway machine). Thus the src address will be whatever public IP address the private address is mapped to in the NAT configuration.

3. In the case of the two different vlans within your organizations LAN, your traffic will traverse them unmolested, except for a decremented TTL. In the case of traffic going to a different host on the same vlan, it will probably be unchanged all together.

4. You cannot route between two different private LANs ove the internet directly. That's kind of the point of the private addressing ;). Any packets to/from a reserved private address range (eg. 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8) will be dropped on the floor by any respectable internet router. You can, however, create a tunnel between two private networks over the internet using any one of a number of VPN/tunneling solutions.