Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: What are "Routed" packets?

  1. #1
    zaswing Guest

    Default What are "Routed" packets?

    Firewall log classifies TCP packets from port 139 (NetBIOS session) of another, trusted, PC on the LAN to MyComputer as "Routed" and properly blocks it when not needed, using some ZA default rule (not mine) called 'ExtBlockAll2'. I just want to know about the "Routed" part.

    HELP says "Routed or virtual network connections are not detected." That's in the "Setting network security options".
    I use two routers, the inside one is the DHCP server for the PCs. The external one is the DHCP server for the internal router. The external router knows nothing about the internal PCs other than passthrough function. No VPN.

    What does "routed" means in this context?
    The most frequent types are "incoming" and "outgoing" and 'routed' to me implies hopping over couple routers which cannot be the case here.

    ZoneAlarm Pro version:8.0.298.000

    Message Edited by zaswing on 03-20-2009 10:28 PM

  2. #2
    stupefy Guest

    Default Re: What are "Routed" packets?

    Good question for knowledge.....
    http://en.wikipedia.org/wiki/Routing
    see 'packet switching'

  3. #3
    zaswing Guest

    Default Re: What are "Routed" packets?

    Thanks for the link.
    I've read it before and after you post. But, unfortunately, it doesn't answer my question about the meaning of "routing" in the context of packets.

  4. #4
    stupefy Guest

    Default Re: What are "Routed" packets?

    The Packets are 'Routed' as the Packets are not traveling through the Networks Edge Gateway (external router)
    The Packets are 'Routed' Internally through an Router other than the Edge Gateway
    The Internal Router is acting as an Router (hub/switch) not an Gateway

  5. #5
    zaswing Guest

    Default Re: What are "Routed" packets?

    I goggled new edge and it has to do with Florida power company or some external routers on a WAN.
    Now. I'm from a North east state, not Florida, and no WAN in site.
    So I have hard time relating to the sentences you offered.

    For starters I don't think 1 applies, I don't think 2 applies (I don't understand it - the routed internally part), and internal router is a gateway here, not a switch though a router probably contains switches inside.

    Can you please, talk to me like you would to a five-year-old so I can understand what you explain. Thanks.

  6. #6
    stupefy Guest

    Default Re: What are "Routed" packets?

    Routers are one of the most misunderstood devices found in an Network.
    Most people do not understand the difference between an Connectivity Device, such as an Switch, and an Router.
    Confusion is further compounded when devices include both Router and Switch functionality in One Unit.
    This document (Post) refers to Router and Switch functionality in One Unit.
    Not every Network needs an Router.
    A Small Office or Home LAN can use an LAN Switch and have all the File an Printer Sharing needed.
    A Router is only needed when an Packet needs to travel to an different logical IP Subnet or Network outside the LAN.
    The boundary between the LAN and Another Logical IP Subnet or Network is known as the Network Edge.
    Where the Modem meets the Router is an Network Edge. LAN to WAN (Local Area Network to Wide Area Network)(the Internet)
    The Router at an Network Edge is referred to as the Gateway, or Edge Gateway, or Default Gateway.
    Some call the Router at the Network Edge the Gateway Router, because the Router is acting as an Gateway between the
    LAN and Another Network or Logical IP Subnet. If the Router is not acting as an Gateway, the Router is acting as an Switch.
    To act as an Gateway the Router must be connected to Another Logical IP Subnet or Network.
    The Logical Address Space and Flat Address Space of the TCP/IP Protocol determine how the Router/Switch Acts.
    Routers send and receive packets and make decisions at the third layer of the TCP/IP Protocol called the Network Layer,
    known as the Logical Address Space. Routers remember where to send data based on Routing Tables. Routers must open
    the Packets to read the Header Information in order to send the Data to its Destination. To send the Data Packets to
    their intended destination Routers use:
    (1) NAT (Network Address Translation). NAT allows the Network to use One Valid IP Address on the Internet connection side
    of the Router, and an Private Address Space on the Local Network Side of the Router. When communications take place
    between the client on the Local Network and the Server on the Internet, the traffic passes through the Router, the Router
    uses its own Valid IP Address (provided by your Internet Provider) to make contact with the Outside Server. Responses
    received from the Outside Server are repackaged and returned to the Original Client.
    (2) ARP (Address Resolution Protocol). ARP is used by the Router to determine what Hardware Address (MAC Address)
    (Media Access Control) is associated with an IP Address. This is necessary because IP Addresses are used to Route Data
    between Networks, while communications on the Local Network Segment are preformed using the MAC Address burned into the
    Network Cards by the Manufacturer. The Router sends out an ARP Broadcast Message that Every Computer on the Local Network
    can see. This ARP Message contains the Routers MAC Address and the IP Address of the Destination Computer. When the
    Destination Computer recognizes its IP Address in the ARP Broadcast Message it sends its MAC Address to the Router and
    the Router sends the Packet to the Computer.
    Switches send and receive packets and make decisions at an lower layer of the TCP/IP Protocol called the Data Link Layer,
    or Ethernet Frame, known as the Flat Address Space, using MAC Addresses. Switches remember where to send data by
    remembering the MAC Address of the Device connected to its Port. Switches are fast, to send the Packet on its way Switches
    only have two devices, the Switch Port and the Device Connected to it. Switches are not required to Open the Packets and
    Read the Header Information in order to transfer data like Routers are required to do.
    Each Computer on Each Segment is an Peer to All Other Computers on the Same Segment.
    When Computer 'A' wants to send Packets to Computer 'B'
    Computer 'A' sends out its MAC Address and the Destination IP Address through the Flat Address Space using ARP. When the
    MAC Address of Computer 'A' reaches the Switch, the Switch already knows the Port and MAC Address of Computer 'A'
    When Computer 'B' recognizes its IP Address it sends its MAC Address back to Computer 'A' The Switch already knows the
    Port and MAC Address of Computer 'B' and sends the Packet on its way. Computer 'A' and Computer 'B' can now talk to
    each other. There is no Inbound and Outbound Traffic and the Data Packets Do Not Travel Through the Router.
    If Computer 'B' were in Another Logical IP Subnet or Network, then the Packets Would Travel Through the Router, and use
    the Network Portion of the IP Address, the Logical Address Space of the Network Layer.
    The Switch knows that the Data Packet is not intended for Local Destination because of the Information in the
    Flat Address Space and Passes the Packet to the Router. The Router knows that the Data Packet is intended for Another
    Logical IP Subnet or Network because of the Information in the Logical Address Space and Transfer's the Data accordingly.
    Data only travels through the Router when Data Packets are traveling beyond the Network Edge, Outbound to Another
    Logical IP Subnet or Network, or Inbound from Another Logical IP Subnet or Network.
    It is Important to Remember that Routers make decisions based on the Network Portion of the IP Address:
    The Network Layer, the Logical Address Space, and communicate through this.
    Whereas Switches work at an Lower Level, on the Ethernet Frame of the IP Address:
    The Data Link Layer, the Flat Address Space, and make decisions based on the Media Access Control Address (MAC Address)
    burned into the Network Card by the Manufacturer, and communicate through this.
    Communications between the Computers within an Local Subnet occur with MAC Addresses,
    and do not pass through the Router.
    Communications between the Local Subnet and an External Network or External Logical IP Subnet occur with IP Addresses,
    and pass through the Router.

  7. #7
    pakrat Guest

    Default Re: What are "Routed" packets?

    "Who's on first?"

    I noticed the same thing. The answer you are looking for is here:
    http://forum.zonelabs.org/zonelabs/b...ssage.id=14288

  8. #8
    zaswing Guest

    Default Re: What are "Routed" packets?

    Pakrat,
    Interesting scenario in that reply by Guru Hoov
    In one instance, that of broadcasts and delivery of IP address from the router I can actually relate to it. The relation to the NetBios session is much less clear to me in trying to define "routed" and blocked.
    A good, but difficult, reference is Microsoft's own
    http://technet.microsoft.com/en-us/l.../bb727001.aspx
    chapter 5 about routing if you want to do some bit-picking through things.

    Message Edited by zaswing on 03-29-2009 09:18 PM

  9. #9
    zaswing Guest

    Default Re: What are "Routed" packets?

    stupefy,
    Is there an an answer to my question somewhere in your text-book writing?

  10. #10
    stupefy Guest

    Default Re: What are "Routed" packets?

    QUOTE/(2) ARP (Address Resolution Protocol). ARP is used by the Router to determine what Hardware Address (MAC Address)
    (Media Access Control) is associated with an IP Address. This is necessary because IP Addresses are used to Route Data
    between Networks, while communications on the Local Network Segment are preformed using the MAC Address burned into the
    Network Cards by the Manufacturer. The Router sends out an ARP Broadcast Message that Every Computer on the Local Network
    can see. This ARP Message contains the Routers MAC Address and the IP Address of the Destination Computer. When the
    Destination Computer recognizes its IP Address in the ARP Broadcast Message it sends its MAC Address to the Router and
    the Router sends the Packet to the Computer.\UNQUOTE

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •