Got it

how the packets are processed when it arrive the router

900 0 1 0 1

Have you ever have the doubt that what if both traffic filter and NAT are enabled on the interface, and the traffic match both of them, will the router forward it after NAT or just discard them?


As we know, when a packet arrives at the router, the packet has the following structure:


The router will check the MAC address in the layer 2 header, if the destination MAC address in the layer 2 header matchs the local MAC address, then, the router will remove the layer 2 header and hand the layer 2 payload which include layer 3 header and layer 3 payload to the network layer. If the destination MAC address doesn't match the local MAC address, router will drop the packet.


As the link-data layer did, router will check the IP address in the layer 3 header, if the destination IP address in the layer 3 header matchs the local IP address, router will remove the layer 3 header and hand the layer 3 payload to upper layer, if the IP address in layer 3 header doesn't match the local IP address, the router will check the FIB which is generated from the routing-table, if there isn't matching entry, the router will drop the packet, or it will send the packet as the matching entry described.


the two previous paragraphs describe the common IP unicast, what if we add traffic policy and NAT, how the router process the packet?


if the NAT and traffic policy are implemented, the router will check the traffic policy first, if the traffic is been redirected to other IP address, router will send it to the corresponding out interface. Or the router will check the FIB, and do the forwarding. Since the NAT has been implemented, the router will do the NAT before forward the packet out of the router.


As previous described, we can know the packet will be forwarded as the order which the below picture shows:



  • x
  • convention:


You need to log in to comment to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits


Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Please bind your phone number to obtain invitation bonus.
Information Protection Guide
Thanks for using Huawei Enterprise Support Community! We will help you learn how we collect, use, store and share your personal information and the rights you have in accordance with Privacy Policy and User Agreement.