Each IP route lists: a destination, an IP network, IP subnet, or some other group of IP addresses. Each route also lists instructions that tell the router where to forward packets sent to addresses in that IP network or subnet. For routers to do a good job of routing packets, routers need to have a detailed, accurate list of IP routes.
Routers use three methods to add IPv4 routes to their IPv4 routing tables.
Routers first learn connected routes, which are routes for subnets attached to a router interface. Second, routers can also use static routes, which are routes created through a configuration command (ip route) that tells the router what route to put in the IPv4 routing table. This method involves system/network administrator which would manually create routes in routing table. And third, routers can use a routing protocol, in which routers tell each other about all their known routes, so that all routers can learn and build routes to all networks and subnets. This is dynamical route learning and it actually involves all those routing protocols such as RIP, OSPF and others.
What is IP Routing?
IP routing is the process of forwarding IP packets or/and delivering packets across entire TCP/IP network(s) from the device that originally builds the IP packet to the device that is supposed to receive the packet. In other words, IP routing delivers IP packets from the sending host to the destination host.
The complete end-to-end routing process relies on network layer logic on hosts and on routers. The sending host uses Layer 3 concepts to create an IP packet, forwarding the IP packet to the host’s default gateway (default router). The process requires Layer 3 logic on the routers as well, by which the routers compare the destination address in the packet to their routing tables, to decide where to forward the IP packet next. The routing process also relies on data-link layer and nodes’ MAC addresses and physical details at each link (structure of network and cabling). IP routing relies on serial links, Ethernet LANs, wireless LANs, and many other networks that implement data link and physical layer standards. These lower-layer devices and protocols move the IP packets around the TCP/IP network by encapsulating and transmitting the packets inside data link layer frames.
How routing process begins?
Routing process starts with the host that creates the IP packet.
Host A asks the question: is the destination address of this new packet in my local subnet? The host will use its own IP address and mask to determine if the destination address inside the packet belongs to his subnet. Based on his decisions, a host acts as follows:
If the destination IP is on my network/subnet I will send this packet directly to the device. But before that, check these things:
I first have to find the destination host’s MAC address. He can find MAC using already-known ARP table entry or use ARP broadcast to learn where is the destination host (what is his MAC address). Then, when he finds out what is MAC address of destination host, encapsulates the IP packet in the data-link frame, with the MAC address of destination host and sends it directly to host B. Host A is able to do so because he knows destination IP address and destination MAC address. Therefore, he is able to craft L3 packet, and encapsulate it inside L2 frame and send it directly to the host B.
However, if the destination host is not on a local subnet, host A must send it to default gateway. Before that, the host will find default gateway’s MAC address, using ARP table entry or learn it by sending broadcast address. When he finds out router’s MAC, encapsulate the IP packet in data-link frame with the destination MAC address of the default gateway. Therefore, Host A did his job and forwarded packet to the default gateway. It is default gateway’s job to deliver that packet on other networks.
WHAT ROUTERS THINK WHEN THEY RECEIVE FRAME AND FIGURE OUT WHAT TO DO WITH THE PACKET:
For each received frame, choose whether to process it or not. The router will process (open) the frame if the FCS field has no errors and when the frame’s destination MAC address is the router’s MAC address. If frame passes these two checks, router will de-encapsulate the packet from the data-link frame and see what is inside the layer 3 packet.
Now, routing decisions come into place. Router will compare the packet’s destination IP address to the routing table and find the route that matches the IP destination address. That route should tell router on which outgoing interface to send a packet. Once the route is found, the router will encapsulate the packet into a new data-link frame ready to be sent to an outgoing interface based on the routing table entry. When forwarding through LAN interfaces, he will use ARP as needed, to find next device’s MAC address since ARP entries are being automatically deleted after some period of time (5 min I think)
Once router finds out MAC address of his next device/router, he will transmit the frame out the outgoing interface. The router receives a frame, strips the frame and opens L3 information. He then decides where to forward the packet. If destination IP is within his network he will forward the packet to that device. If not, router puts the packet into another frame, and sends the frame to the next router based on the entries in his routing table.
EXAMPLE OF ROUTING:
- IP 172.16.1.9/24
- SUBNET MASK: 255.255.255.0
- SUBNET ID: 172.16.1.0
- Interface Gi0/0: 172.16.1.1/24
- Interface S0/0/0: 172.16.4.1/24
- Interface S0/0/1: 172.16.5.1/24
- Interface Gi0/0: 172.16.2.2/24
- Interface S0/0/1: 172.16.4.2
- Interface Gi0/0: 172.16.3.3/24
- Interface S0/0/0: 172.16.5.3/24
- IP 172.16.2.9/24
- SUBNET MASK: 255.255.255.0
- SUBNET ID: 172.16.2.0
EXAMPLE: Host A sends IP packet to Host B:
Step1: Host forwards IP packet to the default router (gateway)
- Host A thinks the following
- My IP address is 172.16.1.9 and my subnet ID is 172.16.1.0. Also, my subnet mask has 24 network bits, with 8 host bits in the last octet. My subnet is 172.16.1.0 – 172.16.1.255
- The destination address is 172.16.2.9 which is not inside my subnet
- Send the packet to my default gateway, which is set inside OS to be 172.16.1.1
- To send that packet, I have to encapsulate it inside the new Ethernet frame. Make the destination MAC address to be MAC address of R1’s interface G0/0
Routing step 1: Decide whether to process the incoming frame or not:
- Routers receive many frames in an interface and they can and should ignore some of those frames
- First step of routing begins with a DECISION of whether the router should process the frame or discard it.
- First step, router checks if the frame has any errors during transmission.
- It uses the data-link trailer FCS field to check if the frame is damaged. If they are, and FCS math formula does not match, router discards the frame. (Router does not ask the sender to re-transmit the data because it doesn’t give a shit about your frames, ok?)
- Router also checks the destination MAC address to decide whether that frame is INTENDED for him. Sometimes routers receive multicast addresses that do not belong to the router, which they simply discard and move on
- All checks have been passed and R1 decides to process the frame. (By process, I mean to open it to L3 headers. Forwarding is not yet done)
Routing step 2: De-encapsulation of IP packet:
- A simple step, de-encapsulate the packet.
- Router removes any data-link header and frame from its memory and leaves IP packet naked
- He now has to know what to do with it, which leads us to the next step.
Routing step 3: Choosing where to forward the packet:
- now router has to think as fuck.
- he needs to make a huge choice, what should I do with this little motherfucker IP packet?
- to do that, router has to look inside his routing table and compare the packet’s destination address.
- first, an IP routing table lists multiple routes to other routers. You will see that it has two columns: one is subnet/network and the other is on which interface that subnet/network resides.
- The Routing Table contains all subnets and networks he knows about.
- for our example, destination IP packet has destination IP address of 172.16.2.9
- now, R1 will look at that poor naked packet that sits inside his memory, and he will say, you want to go to 172.16.2.9 host don’t ya? Let me see inside my routing table where should I forward you next
- he will then look inside his routing table, and find compare the RANGE of addresses defined by each subnet.
- based on the Subnet ID and the mask, he knows where this IP address belongs and out of which interface should he forward it.
- after R1 matches the specific route, he sees that that subnet sits on router with 172.16.4.2 IP address and that router is out on S0/0/0
- he then thinks, I don’t care anymore, I will send this packet to my neighbor 172.16.4.2 router that is connected with me with serial link on interface 0/0/0,
- i don’t give a fuck, let him deal with this boy
Routing step 4: encapsulating the packet in a new frame:
- at this point, our R1 knows where to forward the packet.
- however, he must make new data-link frame with the destination MAC address of his neighbor router at port S0/0/0
- because this is PPP and HDLC link, only two hosts in this case routers are connected, no broadcasts is needed
- also, router makes new frame and sends it directly to the R2
- to find R2’s MAC address, he would look inside his ARP table, if the R2 is not there, R1 would broadcast and yell on everyone. R2 would have to respond because he is afraid of R1’s glock pistol that he has behind his back.
Routing step 5: Transmitting the new frame:
- router simply needs to transmit the frame to the neigbor router
And this process repeats, and repeats, and repeats until router actually opens IP packet and sees destination IP which he knows about because he can compare IP address ranges for each subnet/network he is connected to.
CONFIGURING IP ADDRESSES AND CONNECTED ROUTES:
To make router ready to route packets on particular interface, interface must be up/up state
Routers can add routes to their routing tables through three methods:
- connected routes: added because of configuration of ip address interface subcommand on local router
- static routes: added because of configuration of the ip route global command on local router
- routing protocols: added as function by configuration on ALL ROUTERS, resulting in a process by which routers DYNAMICALLY tell each other about the network so that they all learn routes AUTOMATICALLY
1. CONNECTED ROUTES:
- Cisco router automatically adds a route to its routing table for the subnet connected to each interface.
- It will do this only when two facts are true: the interface is in the working state (up/up) and interface has an IP address assigned through IP address command
The end of each of these routes lists the outgoing interface.
THE ARP TABLE ON CISCO ROUTER:
- After a router has added connected routes, router can route IPv4 packets between those subnets.
- To do so, router looks its IP ARP table
- ARP table lists IP address and matching MAC address of hosts connected to the SAME SUBNET AS ROUTER
- When forwarding packet on the same subnet, router encapsulates the IP packet into frame with the destination MAC address of that host
- By default, IOS will timeout (remove) an ARP table entry after 240 minutes in which the entry is not used. (IOS resets the timer to 0 when an ARP table entry is used.)
- Note that to experiment in lab, you might want to empty all dynamic entries (or a single entry for one IP address) using the clear ip arp [ip-address] EXEC command.
Thinking about how Router R1 forwards a packet to host A (172.16.1.9), over that final subnet, R1 does the following:
- 1. R1 looks in its ARP table for an entry for 172.16.1.9.
- 2. R1 encapsulates the IP packet in an Ethernet frame, adding destination 0200.3333.3333 to the Ethernet header (as taken from the ARP table).
- 3. R1 transmits the frame out interface G0/0.
Routing between subnets on VLANs
Three options exist for connecting a router to each subnet on a VLAN. However, the first option requires too many interfaces and links, and is only mentioned to make the list complete:
- Use a router, with one router LAN interface and cable connected to the switch for each and every VLAN (typically not used).
- Use a router, with a VLAN trunk connecting to a LAN switch.
- Use a Layer 3 switch.
Configuring Routing to VLANs Using 802.1Q on Routers
- ROAS uses router VLAN trunking configuration to give the router a logical router interface connected to each VLAN, and therefore each subnet that sits on a separate VLAN.
- The router needs to have an IP address/mask associated with each VLAN on the trunk.
- However, the router uses only one physical interface on which to configure the ip address command.
- Cisco solves this problem by creating multiple virtual router interfaces, one associated with each VLAN on that trunk (at least for each VLAN that you want the trunk to support).
- Cisco calls these virtual interfaces subinterfaces.
- The ROAS configuration creates a subinterface for each VLAN on the trunk, and the router then treats all frames tagged with that associated VLAN ID as if they came in or out of that subinterface.
- we can see two VLANs and two subinterfaces on a router. VLAN 10 frames are sent to G0/0.10 and VLAN 20 are sent to G0/0.20
- most Cisco routers do not attempt to negotiate trunking, so in most cases, router and switch need to manually configure trunking by admin
- the matching switch interface would need to be configured with the switchport mode trunk command.
Following steps detail how to configure 802.1Q trunking on a router:
- 1. #interface fa0/0.10 – to create unique SUBINTERFACE for each VLAN that needs to be routed
- 2. #encapsulation dot1q <VLAN_ID> – to enable 802.1Q and associate specific VLAN with that new subinterface
- 3. #ip address <IP_ADDRESS> <MASK> – to configure IP settings
- Now that the router has a working interface, with IPv4 addresses configured, the router can route IPv4 packets on these subinterfaces
- That is, the router treats these subinterfaces like any physical interface in terms of adding connected routes, matching those routes and forwarding packets to/from those connected subnets.
Configuring routing to VLANs using layer 3 switch
- The other option for routing traffic to VLANs uses a device called a Layer 3 switch or multilayer switch.
- Layer 3 switch is one device that does two primary functions: Layer 2 LAN switching and Layer 3 IP routing.
- The Layer 2 switch function forwards frames inside each VLAN, but it will not forward frames between VLANs.
- The Layer 3 forwarding logic—routing—forwards IP packets between VLANs.
- The Layer 3 switch has an IP routing table, with connected routes off each of these VLAN interfaces.
- These interfaces are also referred to as switched virtual interfaces [SVI].
HOW TO CONFIGURE LAYER 3 SWITCHING:
- 1. enable hardware support for IPv4 routing
- 2. #sdm prefer lanbase-routing
- 3. reload the switch
- 4. ip routing command to enable IPv4 routing on the switch
- 5. interface vlan <VLAN_ID> to create VLAN interfaces for each VLAN so that layer 3 switch can route packets through
- 6. ip address <IP><MASk> to configure IP address and mask on the VLAN interface, enabling IPv4 on that VLAN interface
- 7. no shutdown to enable int
Configuring static routes:
- All routers add connected routes
- Then, most networks use dynamic routing protocols to cause each router to learn the rest of the routes in an internetwork.
- Networks use static routes—routes added to a routing table through direct configuration—much less often than dynamic routing.
Static route configuration:
- – first says, to send packets to the subnet off router R2, send them to R2 (R2’s IP address is 220.127.116.11 for that interface)
- – second, to send packets to the subnet off router R3, send them out my own local S0/0/1 interface (towards R3)
if R1’s interface fails, R1 removes the static route to 172.16.3.0/24 from the IPv4 routing table. Later, when the interface comes up again, IOS adds the route back to the routing table.