How a network knows a certain packet is for that network:
Each network has to apply for a NetID with the LoRa Alliance. For example, The Things Network has NetID 19 (0x000013). Device addresses are based on this NetID as follows: The seven LSB of the NetID (which are called NwkID) match the seven MSB of the device address. This means that all devices within The Things Network will have addresses that start with 0x26 (0x13<<1) or 0x27. This allows us to drop messages that are not meant for The Things Network (or forward them to the correct networks when the specification for roaming is done).
Note that this filter is currently not active in the staging environment. When the production environment is launched we will probably start doing this.
How a network knows a certain packet is for a specific application within that network:
An application has to register devices with the network. This is done when you create a device in the dashboard or through the ttnctl command line tool. With this registration, you must also give the network your NwkSKey, which is used to “sign” messages (MIC). When a message arrives from a device, it only contains a dynamic, non-unique DevAddr, no AppEUI or DevEUI. The network retrieves a list of all devices with that specific address from the database. Next, it tries to verify the message signature (MIC) for all matching devices using the NwkSKey of each device. When a match is found, the network knows to which application the message should be forwarded.