How does a router know that it should receive the packet, if the packet was sent to a public IP address?

Question

Let's say that I have a router that has a public IP address on one of its interfaces and a private address on one of the other interfaces, let's say 192.168.1.1/24. Then there is a computer connected to that second interface that also has a private IP address (192.168.1.2/24). Now, the computer wants to send a packet to some public IP address, let's say 11.12.13.14, so I think it would place this public address in the IP packet's destination field, wouldn't it?

But now, how does this packet get delivered to the router, if the router's local IP (and the computer's default gateway) is 192.168.1.1?

This seems like a very simple question, but I'm really struggling to understand how this works.

Answer 1

A network with Internet and Local is setup as follows.

Your network is connected to the internet through a Modem. A modem can exchange information from and to the internet to exactly 1 device.

You usually have more than one devices in your network. In order to allow these devices to communicate with each other, you need something with multiple network ports and a bit of software to manage this. In the past, this was a network hub. A hub basically copies incoming traffic to all ports, and whoever listens will respond.

Research allowed these devices to become smart and that's how the switch was created. A switch is slightly different than a Hub. It will try to figure out who the destination is by transmitting a new connection to all ports and seeing who replies. When it gets a reply on a port, it will tag that port with the ipaddress that was given in the initial request and will route all traffic for that ip address to that port without broadcasting it to all the other ports.

The modem and the switch cannot be used together to connect local pc's to the internet, so a new device was created, called a Router. A router sits in between the modem and the switch. A router is usually packed with extra functionality, such as a DHCP server, allowing the management of a local network. The router will have a lookup table that will help figuring out if an ipaddress is meant to be local or on the internet. It will also have a table with port mappings so you can open a port from the internet and forward its traffic to a local device.

So. Lets say, PC1 with IP: 192.168.1.2 sents a packet out to 192.168.1.3. The packet is transmitted out of the networkcard over its attached cable. The packets reach the port on the switch.

The switch has 3 ports enabled: Port WAN, which goes to the router, Port 1 which is 192.168.1.2 (itself) and Port 2 which is 192.168.1.3. The router will transmit it to the WAN port and port 2 unless it already figured out that 192.168.1.3 belongs to and sends the packet directly to that port.

Lets say your computer now transmits a packet to 11.22.33.44. The packet travels over the network card and reaches the switch again. It has no collection of this ip address, so it sends it to all ports. The router receives the packet and forwards it to the modem, which transmits it to the internet.

A bit later, the internet responds and a package comes in from the modem. This is being forwarded to the router who recognizes this is a response to the earlier packet (through uPNP) and forwards it to the switch. The switch forwards it back to your port.

This is how a router works in a nutshell.

I hope it made sense. :)

Also, in case your question is that 2 devices has the same ip, you cannot have 2 devices with the same ip address. You get an ip conflict and the network will not work correctly.

Answer 2

Just to complement the previous answer, you asked:

So, the router receives the packet destined for 11.22.33.44, even though it's address on that local (LAN) port (through which the packet came) is 192.168.1.1?

Yes, because your computer is physically linked to the router via Ethernet link or Wi-Fi link. That's a physical link where you're sending all your network traffic (all IP packets go to through the same physical MAC address to reach the router device). Your router link has an IP address, as you said, 192.168.1.1, and that's your default gateway IP, so that any incoming traffic from that address will be recognizable as coming from the network via router.

However, don't forget that you're physically sending every network packet via Wi-Fi or Ethernet link, and those links are lower level than IP, so all your packets get sent to the router via physical connection, regardless of their TCP/IP protocol contents (source IP, destination IP, source port, destination port).

So, regardless of your source IP or the destination IP of your packets, all your IP packets are reaching the router via wired connection or wireless connection, and from there, it is the router or any such device that decides what to do with them, whether to check your packet's source IP and port to send any response traffic that matches your PC's IP and port back to it (router), or to send all response traffic to every device connected to the router to probe for a reply, as in a switch or a hub. The difference, like the first answer said, is that the hub always sends out all traffic to all devices linked to it probing for a reply, while the switch only does so before getting one reply and then tags that device to that connection and no further probing is needed.