Lesson 1: Routing Principles

Routing is one of the most important and most complex operations performed by TCP/IP. The protocols were designed with scalability in mind, but no one in the 1970s could have predicted the massive growth of the Internet that would occur two decades later. While packets might pass through a handful of routers on a private internetwork, Internet packets routinely pass through a dozen or more routers on the way to their destinations. Some of the routers on the Internet have to maintain information about a great many networks, and the process of compiling and maintaining this information makes routing very complicated.

After this lesson, you will be able to

Understand the functions of a router
Describe the information in a routing table
Understand the process by which a TCP/IP system selects a routing table entry

Estimated lesson time: 30 minutes

Understanding Routing

A router is a system that is connected to two or more networks and that forwards packets from one network to another. Routers operate at the network layer of the OSI reference model, so they can connect networks running different data-link layer protocols and different network media. On a small network, a router's job can be quite simple. When you have two LANs connected by one router, for example, the router needs simply to receive packets from one network and forward those destined for the other network. On a large internetwork, however, routers connect many different networks together, and in many cases, networks have more than one router connected to them, as shown in Figure 9.1. This enables packets to take different paths to a given destination. If one router on the network should fail, packets can bypass it and still reach their destinations.

On a complex internetwork, an important part of a router's job is to select the most efficient route to a packet's destination. Usually, this is the path that enables a packet to reach the destination with the fewest number of hops, that is, by passing through the smallest number of routers. Routers share information about the networks to which they are attached with other routers in the immediate vicinity. As a result, a composite picture of the internetwork eventually develops, but no single router possesses the entire image. Instead, the routers work together by passing each packet from router to router, one hop at a time.

Figure 9.1 Internetworks with redundant routers provide multiple paths between two end systems.

NOTE

See Lesson 3: Routing, in Chapter 3, "Network Connections," for more information about the packet-routing process.

Routers and Brouters

A router can be a standalone hardware device or a regular computer. Operating systems like Microsoft Windows 2000, Windows NT, and Novell NetWare have the ability to route IP traffic, so creating a router out of a computer is simply a matter of installing two network interface adapters, connecting the system to two different networks, and configuring it to route traffic between those networks. A computer with two or more network interfaces is called a multihomed system. Windows 95, Windows 98, and Windows Me can't route IP between two network interface adapters, but you can use these operating systems as a dial-in server that enables you to access a network from a remote location using NetBIOS Enhanced User Interface (NetBEUI) or Internetwork Packet Exchange (IPX).

Windows 98 Second Edition and Windows Me also include an Internet Connection Sharing (ICS) feature, which enables other systems on the local area network (LAN) to access the Internet through one computer's dial-up connection to an Internet Service Provider (ISP). There are also third-party software products that provide Internet connection sharing. In essence, these products are software routers that enable your computer to forward packets between the local network and the network run by your ISP.

When you use a computer as an IP router, each of the network interface adapters must have its own IP address that is appropriate for the network to which it is attached. When one of the two networks is an ISP connection, the ISP's server typically supplies the address for that interface. The other IP address is the one that you assign to your network interface adapter when you install it.

A standalone router is a hardware device that is essentially a special-purpose computer. The unit has multiple built-in network interface adapters, a processor, and memory in which it stores its routing information and temporary packet buffers. Routers are now available in a wide range of prices and with a variety of capabilities. You can purchase an inexpensive router for a few hundred dollars that enables you to share an Internet connection with a small network, or you can move up to enormously expensive models that connect the LANs of a large internetwork or provide wide area connectivity to remote offices or ISPs. Another hardware device, rarely used these days, is a combination of a bridge and a router called a brouter. A brouter is a device that forwards some packets based on data-link layer information and others based on network layer information, depending on the unit's configuration.

Routing Tables

The routing table is the heart of any router; without it, all that's left is mechanics. The routing table holds the information that the router uses to forward packets to the proper destinations. However, it is not only routers that have routing tables; every TCP/IP system has one, which it uses to determine where to send its packets. Routing is essentially the process of determining what data-link layer protocol address the system should use to reach a particular IP address. If a system wants to transmit a packet to a computer on the local network, for example, the routing table instructs it to address the packet to that system. This is called a direct route. In this case, the Destination IP Address field in the IP header and the Destination Address field in the data-link layer protocol header refer to the same computer.

If a packet's destination is on another network, the routing table contains the address of the router that the system should use to reach that destination. In this case, the Destination IP Address and Destination Address fields specify different systems because the data-link layer address has to refer to a system on the local network, and in order for the packet to reach a computer on a different network, that local system must be a router. Because the two addresses refer to different systems, this is called an indirect route.

The Routing Table Format

A routing table is essentially a list of networks (and possibly hosts) and addresses of routers that the system can use to reach them. The arrangement of the information in the routing table can differ depending on the operating system, but it generally appears in something like the following format, which is the routing table from a Windows 2000 system.


`Network Address`	`Netmask`	`Gateway Address`	`Interface`	`Metric`
`0.0.0.0`	`0.0.0.0`	`192.168.2.99`	`192.168.2.2`	`1`
`127.0.0.0`	`255.0.0.0`	`127.0.0.1`	`127.0.0.1`	`1`
`192.168.2.0`	`255.255.255.0`	`192.168.2.2`	`192.168.2.2`	`1`
`192.168.2.2`	`255.255.255.255`	`127.0.0.1`	`127.0.0.1`	`1`
`192.168.2.255`	`255.255.255.255`	`192.168.2.2`	`192.168.2.2`	`1`
`224.0.0.0`	`224.0.0.0`	`192.168.2.2`	`192.168.2.2`	`1`
`255.255.255.255`	`255.255.255.255`	`192.168.2.2`	`192.168.2.2`	`1`

The functions of the various columns in the table are as follows:

Network Address This column specifies the address of the network or host for which routing information is provided in the other columns.
Netmask This column specifies the subnet mask for the value in the Network Address column. As with any subnet mask, the system uses the Netmask to determine which parts of the Network Address value are the network identifier, the subnet identifier (if any), and the host identifier.
Gateway Address This column specifies the address of the router that the system should use to send datagrams to the network or host identified in the Network Address column. The hardware address for the system identified by the Gateway Address value will become the Destination Address value in the packet's data-link layer protocol header.
Interface This column specifies the address of the network interface adapter that the computer should use to transmit packets to the system identified in the Gateway Address column.
Metric This column contains a value that enables the system to compare the relative efficiency of routes to the same destination.

Routing Table Entries

The sample routing table shown earlier contains the typical entries for a workstation that is not functioning as a router. The value 0.0.0.0 in the Network Address column, found in the first entry in the table, identifies the default gateway entry. The default gateway is the router on the LAN that the system uses when there are no routing table entries that match the Destination IP Address of an outgoing packet. Even if there are multiple routers available on the local network, a routing table can have only one default gateway entry. On a typical workstation that is not a router, the majority of packets go to the default gateway; only packets destined for systems on the local network do not use this router. The Gateway Address column in the default gateway entry contains the IP address of a router on the local network, and the Interface column contains the IP address of the network interface adapter that connects the system to the network.

NOTE

In TCP/IP terminology, the term gateway is synonymous with the term router. However, this is not the case in other networking disciplines, in which a gateway can refer to a different device that connects networks at the application layer instead of at the network layer.

The second entry in the sample routing table contains a special IP address that is designated as the TCP/IP loopback address. IP automatically routes all packets destined for any address on the 127.0.0.0 network right back to the incoming packet queue on the same computer. The packets never reach the data-link layer or leave the computer. The entry ensures this by specifying that the system should use its own loopback address (127.0.0.1) as the "router" to the destination.

The IP address of the network interface adapter in the computer to which this routing table belongs is 192.168.2.2. Therefore, the third entry in the sample routing table contains the address of the local network on which the computer is located. The Network Address and Netmask values indicate that it is a Class C network with the address 192.168.2.0. This is the entry that the system uses for direct routes when it transmits packets to other systems on the local network. The Gateway Address and Interface columns both contain the IP address of the computer, indicating that the computer should use itself as the gateway. In other words, the computer should transmit the data-link layer frames to the same computer identified by the Destination IP Address value in the datagrams.

The fourth entry in the sample routing table contains the host address of the computer itself, and instructs the system to transmit data addressed to itself to the loopback address. IP always searches the routing table for host address entries before network address entries, so when processing any packets addressed to the computer's own address (192.168.2.2), IP would select this entry before the entry above it, which specifies the system's network address.

The fifth and seventh entries in the sample routing table contain broadcast addresses, both the generic IP broadcast address (255.255.255.255) and the local network's broadcast address (192.168.2.255). In both of these cases, packets are transmitted to the computers on the local network, so the system again uses itself as a gateway. The sixth entry in the sample routing table contains the network address for the multicast addresses that the Internet Assigned Numbers Authority (IANA) has designated for specific purposes.

The routing table on a router is considerably more complex because it contains entries for all of the networks to which it's attached, as well as entries provided manually by administrators and dynamically by routing protocols. A router also makes more use of the Interface and Metric columns. On a system with one network interface adapter, there is only one interface to use, so the Interface column is actually superfluous. Routers have at least two network interfaces, so the value in the Interface column is a crucial part of transmitting a packet correctly. In the same way, a singlehomed system has no information about routes more distant than those on the local network, so the Metric value for all of the entries is 1.

Selecting a Table Entry

When a TCP/IP system has data to transmit, the IP protocol selects a route for each packet using the procedure shown in Figure 9.2.

Figure 9.2 TCP/IP systems search the routing table for an address that matches the Destination IP Address value found in the header of each datagram.

The steps of the procedure are as follows:

After packaging the transport layer information into a datagram, IP compares the Destination IP Address for the packet with the routing table, looking for a host address with the same value. A host address entry in the table has a full IP address in the Network Address column and the value 255.255.255.255 in the Netmask column.
If there is no host address entry that exactly matches the Destination IP Address value, the system then scans the routing table's Network Address and Netmask columns for an entry that matches the address's network and subnet identifiers. If there is more than one entry in the routing table that contains the desired network and subnet identifiers, IP uses the entry with the lower value in the Metric column.
If there are no table entries that match the network and subnet identifiers of the Destination IP Address value, the system searches for a default gateway entry which has a value of 0.0.0.0 in the Network Address and Netmask columns.
If there is no default gateway entry, the system generates an error message. If the system transmitting the datagram is a router, it transmits an Internet Control Message Protocol (ICMP) Destination Unreachable message back to the end system that originated the datagram. If the system transmitting the datagram is itself an end system, the error message gets passed back up to the application that generated the data.
When the system locates a viable routing table entry, IP prepares to transmit the datagram to the router identified in the Gateway Address column. The system consults the Address Resolution Protocol (ARP) cache or performs an ARP procedure to obtain the hardware address of the router.
Once it has the router's hardware address, IP passes it and the datagram down to the data-link layer protocol associated with the address specified in the Interface column. The data-link layer protocol constructs a frame using the router's hardware address in its Destination Address field and transmits it out over the designated interface.

Exercise 9.1: Routing Tables

What type of routing is used by a packet in which the Destination IP Address and the data-link layer Destination Address values refer to different computers?
1. The default gateway
2. A direct route
3. The default route
4. An indirect route
Place the following steps of the routing table search process in the proper order.
1. Default gateway search
2. Host address search
3. Network address search
What is a TCP/IP system with interfaces to two different networks called?
1. A gateway
2. Multihomed
3. A router
4. All of the above