1. Design & Planning
Investigation 1 — Your Machine’s Layer 3 Identity
VM #1
VM #2
Reflection
The information is stored in the computer’s operating system networking configuration and routing table, which keeps track of IP settings and network paths. The computer could still communicate with devices on the same network, but it would not be able to reach the internet or other networks.
2. Technical Development
Part 1 – Your Inside Identity
Reflction
My device uses a private IP address, which is not globally unique. Other networks can reuse the same private address ranges because they are reserved for internal use (10.0.0.0/8, 172.16.0.0–172.31.255.255, and 192.168.0.0/16). Since my address falls within one of these ranges, it is meant only for local communication inside the network.
Part 2 – Your Outside Identity
| Question | Private Address | Public Address |
|---|---|---|
| Are they the same? | No | No |
| Why or why not? | A private IP address is used within a local network and is not accessible from the internet. | A public IP address is assigned by an ISP and is visible on the internet. It allows communication outside the local network. |
Reflection
My machine appears to have two IP addresses because one is private (used inside my local network) and the other is public (used on the internet). The router performs Network Address Translation (NAT), which translates private addresses into a public one. This device is located at the edge of the network, typically the home or school router.
Part 3 – The “Can I Reach You?” Investigation (with a partner)
Step 1 – Private Address Test
Step 2 – Public Address Test
Reflection
Devices on the same network often share one public IP address because NAT allows multiple internal devices to access the internet using a single external address. If pinging a public IP fails, it is usually because a firewall or router is blocking ICMP traffic, not because the address does not exist. Network security settings commonly prevent direct responses.
Part 1 - Build the network
Steps 1 & 2
Topology Layout
Step 3
IP Addresses Configured
Step 4
Router Interface Configured
Part 2 - Observe Same-Network Communication
Simulated PDU Movement
Reflection
Devices on the same network often share one public IP address because NAT allows multiple internal devices to access the internet using a single external address. If pinging a public IP fails, it is usually because a firewall or router is blocking ICMP traffic, not because the address does not exist. Network security settings commonly prevent direct responses.
Part 3 - Observe Inter-Network Communication
Simulated Packet from PC0 –> PC1
Reflection
When traffic moves between networks, the router removes the old Ethernet frame and creates a new one for the next network segment. The MAC address changes at each hop because MAC addresses only work locally, but the source and destination IP addresses remain constant from start to finish.
Part 5 – Failure Thought Experiment
Failed Attempt After Deleting the Router
Reflection
Communication breaks when traffic needs to leave the local network but there is no router to forward it. Switches cannot solve this problem because they only operate within a single network. A router is required to connect different networks and determine the next hop for packets.
3. Testing & Evaluation
Investigation 2 — Three Destinations
Case 1 — Send Traffic to Itself (Loopback)
Reflection
When testing loopback, traffic never leaves the device and no gateway is needed. For same-network communication, packets are delivered directly using a connected route, so the default gateway is not used. For off-network communication, the default route sends traffic to the router, which handles forwarding. The ip route get command shows the local routing decision, while traceroute reveals every hop along the entire path.
Case 2 — Send Traffic to the Other VM (Same Network)
Reflection
TTL (Time To Live) limits how long a packet can travel across routers. Each router decreases the TTL by one to prevent packets from looping forever. Traceroute works by sending packets with small TTL values, causing each router along the path to respond when the TTL expires.
Case 3 — Send Traffic Off the Network
Reflection
The routing table entry that made this possible was the default route (0.0.0.0/0) pointing to the gateway. Ubuntu cannot deliver this traffic directly because the destination is outside the local subnet, meaning it does not share the same network address. Since it is off-network, the system must forward the packet to the router. The router (default gateway) handled the first step by receiving the packet and forwarding it toward the destination network.
Investigation 3 — How the Decision Is Made
Will the next hop be:
• Direct?
• Gateway
Part 1 - Predict Before Testing
Reflection
The directly connected network is the subnet assigned to the active interface. The default route is 10.12.16.1, and the gateway IP is the internal address of the router. Traffic sent to another VM on the same subnet will go directly, with the first hop being the destination itself and typically requiring only one hop. Traffic sent to 8.8.8.8 or google.com will go through the gateway because those destinations are outside the local subnet. The first hop will be the router, and multiple hops are expected because the packet must traverse ISP and backbone routers to reach the destination.
Part 2 – Run Traceroute
Reflection
The first hop in traceroute should be the default gateway. Private IP addresses typically appear at the beginning of the path because those routers are within the LAN or the ISP’s internal infrastructure. Private addresses stop appearing once traffic enters publicly routed internet infrastructure. The total hop count represents the number of routers traversed. When comparing traceroutes to different destinations, the first hop is usually identical because traffic exits through the same gateway. Paths diverge further along once packets reach different backbone routing paths.
Part 3 – Interpret What You Are Seeing
In the first five hops of traceroute output, the first IP address is usually private and represents the local router inside the LAN. The next one or two hops may also belong to private or ISP-managed infrastructure. After this point, public IP addresses appear, representing regional ISP routers or backbone infrastructure. Private IP addresses indicate internal routing within the LAN or ISP, while public IP addresses indicate broader internet routing beyond the provider’s internal network.
Part 4 – Validate with Routing Table
ip route get 8.8.8.8
Reflection
The next hop shown is the gateway IP address. The interface listed is the active network interface. This matches the first hop seen in traceroute, confirming that traffic is initially forwarded to the router before continuing across external networks.
ip route get
Critical Thinking
The ip route get command shows only one hop because it reveals the local routing decision made by the operating system. Traceroute shows multiple hops because it displays every router along the entire path to the destination. The routing table exposes the system’s Layer 3 forwarding decision, while traceroute exposes the full Layer 3 path across interconnected networks.
Part 5 – TTL Experiment
Reflection
When only stars appear in traceroute, it indicates that routers are not returning responses when the TTL expires, often due to filtering or firewall rules. TTL (Time To Live) is a value in the IP header that limits how many routers a packet may traverse. Routers decrement TTL to prevent packets from looping indefinitely. Traceroute works by sending packets with progressively increasing TTL values; when TTL reaches zero at a router, that router responds, revealing its position in the path.
4. Reflection & Analysis
Reflection
The routing table determines how packets are forwarded based on destination networks. The default gateway is used when traffic must leave the local subnet. Direct delivery requires that both devices share the same subnet. Router involvement is required when the destination resides on a different network, since only routers can forward traffic between separate networks.
Part 4 – NAT Reasoning
Private IPv4 addresses are reused because they are valid only within local networks and are not globally routed. They are not routed on the public internet to prevent address conflicts and conserve limited IPv4 space. If every internal device required a unique public IP, the available address space would quickly be exhausted. Businesses typically have one public IP and many internal devices because Network Address Translation (NAT) allows multiple internal systems to share a single external address efficiently.
Part 4 - Analytical Pause
A switch does not modify the IP address because it operates at Layer 2 and forwards frames based on MAC addresses. A router modifies the MAC address at each hop because each network segment has different Layer 2 addressing. The source IP remains the same from origin to destination to preserve end-to-end identity. The “next hop” refers to the next router or device that a packet is forwarded to. The default gateway is necessary to enable communication beyond the local subnet. This hierarchical routing structure allows WANs to scale by interconnecting multiple networks through routers.
Final Synthesis
The path of data from a device can be determined by examining the routing table and running traceroute. The first hop represents the default gateway, which connects the local network to external networks. Private IP addresses appear early in the path because traffic begins inside the LAN or ISP’s internal infrastructure. Different destinations may share the same first several hops because they exit through the same gateway and ISP routing path. A routing-table decision shows how the local system selects the next hop, while a traceroute path reveals the complete sequence of routers across the full network journey.
Your explanation must reference: • At least one routing-table output • At least one traceroute observation