

When a host IP packet sent to the destination is forwarded through multiple routers, the destination IP address remains unchanged.
When the ip packet is forwarded via routing, do the source ip and destination ip change?
This question is often asked in recent interviews with network professionals. The answer cannot be changed unless a nat conversion is performed. (Recommended learning: web front-end video tutorial)
But the mac address changes, because the sending end does not know the mac address of the destination host at first, so the mac address changes every time it passes through a router .
How to get the destination mac address?
TCP/IP uses the ARP protocol. For example, if a new intranet is created, if machine A is looking for machine B, when encapsulating FRAME (the data format used by the second layer of OSI), the other party's MAC must be encapsulated. At the beginning, A does not know B's MAC, but only knows the IP. It sends an ARP packet, the source IP is its own, the destination IP is B's, the source MAC is its own, and the destination MAC is broadcast.
Then the request packet is broadcast within the intranet. When other machines receive the packet, they compare the destination IP with their own IP. If not, they discard it. When B received it, he found that the IP was the same as his own, so he agreed to the request of the packet and sent his MAC to A. If B is a machine in another subnet, then the router will determine that B is in another subnet, and then the router will return its MAC to A. When A sends a packet to B in the future, the destination MAC will be encapsulated by the router.
Routing and forwarding process:
When the data flow sent from host A to host B is encapsulated into an IP data packet at the network layer, the header of the IP data packet contains the source address and destination address. Host A will use the 24-bit IP network mask 255.255.255.0 configured on this machine to perform an AND operation with the target address to determine whether the target network address and the network address of this machine are in the same network segment. If not forward the IP packet to the gateway.
Host A will also obtain the MAC address of the default gateway through an ARP request before sending it to the gateway. The IP data packet at the data link layer of host A is encapsulated into an Ethernet data frame and then sent to the gateway... which is a port on the router.
When the gateway router receives the Ethernet data frame and finds that the target MAC address in the data frame is the physical address of one of its own ports, the router will remove the encapsulation of the Ethernet data frame. The router thinks that this IP packet is to be forwarded through itself, and then it matches the routing table. After matching the routing entry, it sends the packet to the next address.
This is how the router forwards data packets, so it will never change the IP address. Only the MAC will be changed.
When a data packet is transmitted to the router, the router first compares its destination address with the routing table. If it is a local network, it will not be forwarded to the external network. Instead, it is forwarded directly to the destination host in the local network; but if the destination address is compared with the routing table and it is found that it is not in the local network, if there is NAT, the IP of the source address will be changed (the IP address of the original source address will be changed to the IP address of the router) ), the router forwards the data packet to the corresponding port for communication.
The above is the detailed content of When a host IP packet sent to the destination is forwarded through multiple routers, does the destination IP change?. For more information, please follow other related articles on the PHP Chinese website!

一、黑/白名单IP限制访问配置nginx配置黑白名单有好几种方式,这里只介绍常用的两种方法。1、第一种方法:allow、denydeny和allow指令属于ngx_http_access_module,nginx默认加载此模块,所以可直接使用。这种方式,最简单,最直接。设置类似防火墙iptable,使用方法:直接配置文件中添加:#白名单设置,allow后面为可访问IPlocation/{allow123.13.123.12;allow23.53.32.1/100;denyall;}#黑名单设置,

ip与mac绑定是指将特定的IP地址与特定的MAC地址关联起来,使得只有使用该MAC地址的设备才能够使用该IP地址进行网络通信。ip与mac绑定可以防止被绑定的主机的IP地址不被假冒,前提条件:1、MAC地址是唯一的,并且不可假冒;只能绑定与路由器直接相连的网络上的主机(也就是主机的网关在路由器上)。

微信查看ip地址的方法:1、登录电脑版微信,右键点击屏幕下方的任务栏,点击“任务管理器”;2、弹出任务管理器时,点击左下角的“详细信息”;3、任务管理器进入“性能”选项,点击“打开资源监视器”;4、选择“网络”,勾选微信进程“Wechat.exe”;5、点击下面的“TCP连接”即可监视微信网络IP相关情况,发送消息得到回复就会显示他人的IP地址。

1.设置目录白名单:对指定请求路径不设置限制,如对请求路径为api目录下的请求不做限制,则可写为server{location/app{proxy_passhttp://192.168.1.111:8095/app;limit_connconn20;limit_rate500k;limit_reqzone=fooburst=5nodelay;}location/app/api{proxy_passhttp://192.168.1.111:8095/app/api}}#因nginx会优先进行精准匹

引言nginx做反向代理时,默认的配置后端获取到的Ip地址都来自于nginx,用request.getRemoteAddr();获取到的是nginx的ip地址,而不是用户的真实ip.1.修改Nginx配置:server{listen80;server_namejenkins.local.com;location/{proxy_set_headerHost$host;proxy_set_headerX-Real-IP$remote_addr;proxy_passhttp://192.168.10.

本机ip地址查询的方法有:1、 Windows系统下,打开“开始菜单”并搜索“cmd”打开命令提示符,输入“ipconfig”,然后按回车键,查找名为“IPv4 地址”的一行,其旁边的数字就是本机的IP地址;2、macOS系统下,点击屏幕左上角的苹果图标,选择“系统偏好设置”,在“网络”选项中找到当前连接的网络,点击“高级”按钮,在“TCP/IP”选项卡中查找本机的IP等等。

wifi显示无ip分配的解决办法:1、重新启动设备和路由器,关闭设备上的Wi-Fi连接,关闭设备,关闭路由器,等待几分钟,然后重新打开路由器链接wifi;2、检查路由器设置,重启DHCP,确保DHCP功能已经启用;3、重置网络设置,将删除所有已保存的WiFi网络和密码,在执行此操作之前,请确保已备份;4、更新路由器固件,登录路由器管理界面,查找固件更新选项,并按照提示进行操作。

IP常见的含义有“IP地址”、“知识产权”、“独特卖点”和“独立性”四种:1、IP地址,是计算机网络中用于标识和定位设备的数字标识;2、知识产权,指人们的智力创造成果所享有的权益,包括专利、商标、版权和商业秘密等;3、独特卖点,是产品或服务的独特特点,使其与竞争对手区分开来并吸引顾客;4、独立性,指一个国家或地区拥有自主决策和自我管理的能力,不受外部控制或干涉。

Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

AI Hentai Generator
Generate AI Hentai for free.

Hot Article

Hot Tools

ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment

mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

WebStorm Mac version
Useful JavaScript development tools

DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
