4

I'm sorry if this is a really stupid question; my networking knowledge is pretty sparse.

So, a user makes a HTTP request to some address. That request comes from an address on a local subnet, but the router knows to send the request to its default gateway because the destination IP doesn't match anything else in its routing table. The request hops through the internet and is eventually received by the destination machine (a web server). That all makes sense.

But now, how does the web server manage to send the request back to the local machine? Didn't the request come from an IP address on a local subnet? Where did it pick up the IP address of the local machine's router? And even if it has that router's IP, how does the packet get routed to the local machine once it gets to the router?

ejk314
  • 143
  • 1
  • 5
  • Each TCP/IP [packet](http://en.wikipedia.org/wiki/IPv4#Packet_structure) includes the source ip-address of your users PC. The web server response is routed to that IP-address the same method the request made it to the webserver (although not necessarily along the same route). – HBruijn Oct 29 '14 at 15:30
  • But the source IP of my local machine is some local IP address, like 192.168.0.11/24. The router can't just send a packet to that address, can it? – ejk314 Oct 29 '14 at 15:36
  • 2
    If you [read the article](http://en.wikipedia.org/wiki/IPv4#Source_address) **Source address** *This field is the IPv4 address of the sender of the packet. Note that this address may be changed in transit by a network address translation device.* That *may be changed* should be considered as: is usually changed, as most consumers are indeed behind NAT devices. The NAT device maintains a translation table incoming packet at port X should go to internal address 192.168.0.11 port Y. – HBruijn Oct 29 '14 at 15:38
  • 1
    `But the source IP of my local machine is some local IP address, like 192.168.0.11/24. The router can't just send a packet to that address, can it?` - Not generally. The source ip address is most often actually the NAT ip address assigned to that particular packet/traffic stream by the clients firewall or router. NAT is applicable in 99.999% of scenarios. The only time NAT would not be in use is if the clients are using routable ip addresses assigned directly to the clients and NAT is not used at the firewall or router. – joeqwerty Oct 29 '14 at 15:38
  • Thanks. Network Address Translation - I've never heard of that. That's probably why I'm so confused. I'll read up on it. – ejk314 Oct 29 '14 at 15:45
  • 4
    duplicate of [How does Router know where to forward packet](https://superuser.com/questions/105838/how-does-router-know-where-to-forward-packet) or [How do IP answer packets reach their destination inside of a private LAN?](https://superuser.com/questions/401802/how-do-ip-answer-packets-reach-their-destination-inside-of-a-private-lan) – underscore_d Oct 29 '17 at 10:13

3 Answers3

2

The packet has a source address as mentioned earlier, but also has a port number assigned. This is especially needed in a NAT environment (where the internal IPs are private and external IP is constant - like sharing the internet connection). The router assigns a random unused port number and keeps a table of who the port number refers to (the user's computer). When the packet is received by the router, it looks at the port number and matches and sends to the computer/user.

feel free to update/correct this if found wrong, but that is the how it works. Hope this helps.

Sid_Hussey
  • 76
  • 1
  • 8
1

The web server's response is handled just like the client's request. They're just IP datagrams.

The web server has a default gateway that it sends its response to. The response "hops through the internet and is eventually received" by the client that originated the request.

The web server "knows" nothing about the requesting client's router.

Edit:

Your comment betrays an assumption that I made.

You're talking about a scenario where the requesting client computer has a private IP address and is attached to a network with a Network Address Translation (NAT) router at the border of the client's network (where that network connects to the Internet).

In that case, the client computer's IP address will be translated, by the NAT router, into the a public IP address assigned to the NAT router's "external" interface. The NAT router keeps track of the request such that the response is routed back to the client when it is received from the Internet.

Evan Anderson
  • 1,859
  • 13
  • 10
  • Clearly, there's some terrible preconceived ignorance here on my part - I'm trying to figure out what that is. The client's IP address is something like 192.168.0.11/24, so how can the packet get sent to that address? I couldn't just send off a request to some arbitrary address on a different subnet my router didn't know about, right? – ejk314 Oct 29 '14 at 15:39
  • 3
    Your router is a [network translation device](http://en.wikipedia.org/wiki/Network_address_translation) which modifies the source address in each and every packet and updates with its public ip-address. It also maintains a translation table so that reponse packets coming in on that public IP-address are routed to the correct internal IP-address. – HBruijn Oct 29 '14 at 15:47
0

The answer lies in SPI - Stateful Packet Inspection. This is how a router keeps track of where to send a response on its subnet. I don't know all the nitty-gritty myself (I have never needed to know), but if you follow up the link you will find as much as you probably need to know. If not, a search on "Stateful Packet Inspection" will fill any gaps.

AFH
  • 17,300
  • 3
  • 32
  • 48
  • I have just seen HBruijn's comment below, which gives summarises the process quite well without using technical jargon. – AFH Oct 29 '14 at 15:54