NET 222: Introduction to Routers and Routing

Chapter 5: IP Routing

Objectives:

This chapter describes the functions of routers. The objectives important to this chapter are:

  1. Configuring and verifying IP routing
  2. Static routing
  3. Default routing
  4. Dynamic routing
Concepts

The chapter begins by reminding us that a router connects networks together, and that its purpose is to pass traffic from one network to another. A router is also a host device on each network it is directly connected to. This becomes important in the discussion. Network addresses are used to pass data from one network to another, but hardware addresses are usually used to pass data to hosts on the same network.

For a router to function, it must have information about several things:

  • Remote Networks - networks that the router is not directly connected to
  • Neighbor Routers - routers on the same networks this router is connected to
  • Possible routes to remote networks - either stored in memory by network administrators (static) or advertised by routers connected to those networks (dynamic)
  • The best route to all remote networks - This is an exaggeration. It really means the best route of the known routes, based on defined metrics.
  • Updated routing information - This can mean that network administrators update the information, or that the router sends and receives updates dynamically.

The text spends several pages indicating how messages are passed from one device to another across networks. It is confusing. This is the way I have explained it in NET 121 class:
Routers pass signals from one network to another. Routers use software addresses instead of hardware addresses. This makes them independent of protocols used at lower layers. Almost. Example: a transmission is sent from a station on network 1 to a station on network 50. It could pass along any number of routes. What happens is like this

  • The Network Layer header of the outgoing message has a place to write information about the sender and the intended receiver. Assume we are talking about IP addresses. The sender's IP address is saved in the Network Layer header, along with the IP address for the recipient. This data stays in the Network Layer header until the intended recipient breaks down the header.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer    
  • The Data Link layer header also has a place to write down the address of the sender and the receiver, the difference being that this layer uses MAC addresses. Since the intended recipient is not on the sender's network, the sending station sets the Data Link Layer address of the recipient to the MAC address of the router (default gateway) on his network, and sends the message as a frame to that router. If necessary, an ARP signal is sent to determine the MAC address of the default gateway router.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Sender's MAC Default Gateway MAC
  • The router on the sender's network gets the frame, erases the sender and recipient addresses in the Data Link Layer, and decides on a route to the recipient's network (which is written on the header of the Network layer, remember?). The next router in a logical chain is selected. If necessary, ARP is used to find the MAC address of the next router. The next router's MAC address is written in the Data Link Layer header as the "recipient", and the current router's MAC address is written to the Data Link Layer header as the "sender". The frame is forwarded to the next router.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Default Gateway MAC Next router's MAC

  • The process in the step above is repeated until a router on the intended recipient's network gets the frame. Then, the final router's MAC information and the receiver's MAC information is written to the Data Link Layer header, and the frame is delivered, where it is unpacked and handed to the IP protocol on the Network layer.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Final router's MAC Receiver's MAC

In a sequence like this, the text asks you to determine the destination address of a frame, and an IP packet leaving a host. Remember that the destination address of an IP packet is the final destination address. The destination address of a frame is always the MAC address of the next device that takes us closer to the final device. The text tries to confuse you by throwing switches into the mix. Switches are not relevant to this kind of problem.

Obviously, this system would fail if routers did not have the ability to learn what routers can reach what networks. Passing a packet from one router to another is called a hop. Routers keep tables of router names, networks those routers can connect to, and how many hops away a network is through a given router. Some routers also track a cost value, which can be based on line speed. Route tables are usually constructed by using a route discovery protocol.

Static Routing

You need to know that static routing is not practical unless you are doing it for a small network. Every router that is added to the network must be added to the routing table of every other router. The command to set up static routing starts in configuration mode.

Router(config)#ip route remote_network_address remote_network_mask next_hop

The command is ip route. It is followed by the address of another network. That address is followed by the subnet mask used on that other network. The phrase next_hop stands for the address of the next router to send to, or the port on the current router that leads to the next router. You are only allowed to use a port name if the connection is point-to-point, such as a WAN link or a direct connection to another router. Example: assume we are configuring a route on a router whose address is 192.168.1.2. It is on network 192.168.1.0. We want a route to network 192.168.3.0.

ip route 192.168.3.0 255.255.255.0 192.168.1.4 100

This means that we are telling our current router that there is a route to network 192.168.3.0, which uses subnet mask 255.255.255.0. The route from here leads to a router addressed as 192.168.1.4. (That is its address on the .1 network. It has another address on the .3 network as well.) The final number is an Administrative Distance. The text explains it as a trustworthiness rating for the route. You can also think of it as a "cost" to use this route. Routers use the assigned cost of different routes to help choose the best one available.

Default Routing

Default routing is used when you only have one route out of your network, which means that all traffic leaving your network must pass through your router, and your router must have only one other router to hand off to. To use this in the example above, lets assume that:

  • The 192.168.1.2 router is our only gateway.
  • Instead of being on the same network, lets say the second router is on a VLSM network that links our router to it. They are the only two devices on that point-to-point connection.
If we were writing a command to do this for the two routers discussed above, it would look like this:

ip route 0.0.0.0 0.0.0.0 192.168.1.2

This means the route to any network not listed in our routing table, with any subnet mask, is to pass the data to the router at address 192.168.1.2. Default routing may not work unless you configure the router with the command ip classless. This allows the router to hand off to subnets. In version 12.x of the Cisco IOS, this command is on by default.

The text tells us that setting a default route is also called setting a gateway of last resort. This setting can be accomplished with the command as shown above, or by using a port name instead of an IP address for the next hop router. It can also be set by using another command. In this example it would look like this:

ip route default-network 192.168.1.0

Note that this version of the command specifies the network the router is on, not the address of the router. The default-network command is only valid if there is only one route out of the network. Such a network is called a stub network. If this command is used, the route specified is automatically given an Administrative Distance of 0.

Dynamic Routing

Dynamic routing is less labor intensive for administrator, according the text, but more processor intensive for routers. Of course, this is what routers are for, so the warning in the text is hard to take seriously.

  • Routing protocols - Routers communicate (advertise) information about the routes they know about to other routers using routing protocols. You have heard of some of them already, other will be discussed soon: RIP, RIPv2, IGRP, EIGRP, OSPF
  • Routed protocols - Routed protocols are used to discover and choose routes, and to send traffic across those routes. Routed protocols are also "bound" to NICs. IP and IPX are routed protocols.

Some basic information about IP networks may help:

  • IP networks can be divided into autonomous systems. Each autonomous system can be administered independently. This is like the concept of container administration in Active Directory or eDirectory. The text tells us that one way of defining an autonomous system (AS) is that all the routers in it share the same information.
  • Routers in this kind of system are also called gateways. Routing protocols used inside an autonomous system are called interior gateway protocols (IGPs). Two IGPs are RIP and OSPF.
  • Autonomous systems are connected with exterior gateway protocols (EGPs). Two of these are the Border Gateway Protocol and the Exterior Gateway Protocol. (This is confusing because the same phrase is used as a generic term, when in lower case, and as a proper noun, when in upper case.) Therefore, two EGPs are EGP and BGP.

The text returns to the concept of Administrative Distance. The value of AD can be any integer from 0 to 255. 0 is most trusted, 255 is not trusted. Cisco assigns AD values based on how a route is assigned, reached, or advertised.

  • A direct connection to a network is given an AD of 0.
  • A static route is given an AD of 1 by default. As noted above, a static route can be given a different AD, if desired.
  • A route advertised by EIGRP is given an AD of 90.
  • A route advertised by IGRP is given an AD of 100.
  • A route advertised by OSPF is given an AD of 110.
  • A route advertised by RIP is given an AD of 120.
  • A route advertised by External EIGRP is given an AD of 170.
  • A route advertised by an unknown protocol is given an AD of 255. It will not be used.

Most routing protocols fall into two classes. Cisco describes a third, which is a mixture of the other two.

  • Distance Vector - The first method discussed is the Distance Vector method, known as the bad method. (Think Distance Vector... DV... Darth Vader: bad.) This is a verbose method in which routers communicate with each other, sending their entire tables to each other with each message. Its advantage is that it is easy to set up and administer. Its disadvantage becomes obvious once you know that routers talk to each other all the time, sending table data to each other, attempting to reach convergence, the state of all routers knowing the information in each others' tables. Convergence takes a lot of traffic and a lot of time using the Distance Vector method. Tables are constantly in flux, and updates are sent at intervals ranging from 10 seconds to two minutes; default is every 30 seconds. RIP has protocol versions used in IP and IPX networks. This protocol is susceptible to the count-to-infinity problem. RIP and IGRP are Distance Vector protocols.
  • Link State - The second method is the Link-State method, known as the good method. (Think Link State... LS... Luke Skywalker: good.) This method is less verbose, since the routers only send messages with their whole tables when they first come on line. After that, they send messages about changes in routes to each other, making the messages less frequent and less verbose. Only first hand information is sent. This avoids the count-to-infinity problem. The routers send Link State Packets (LSPs) which contain only information about networks the routers connect to directly. IP networks use the OSPF protocol and IPX networks use the NLSP protocol. OSI has a protocol for Link State called IS-IS.
  • Hybrid protocols use features of both Distance Vector and Link State protocols. EIGRP is a hybrid protocol.

The count-to-infinity problem exists only in Distance Vector routing. As I have come to expect, our author calls this by a different name: a routing loop. It works like this:

  • All routers track the hops to other networks.
  • If a router is not connected to a given network, it must connect to it through another router.
  • Routers read the table information sent to them from other routers, and correct their own tables. They assume that the number of hops to a given network is the number of hops to another router, plus however many hops that router says it is to the other network.
  • When a router goes down, the other routers continue to update. If the router that is down is the only connection to a network, that network is unavailable.
  • The other routers will continue to send information to each other about how many hops away from the "down net" they are (not knowing it is down). Assume Router A was one hop away from the down router, and it will not get updates from the down router. It will now learn from its upstream neighbor, Router B, that Router B is two hops from the missing net. Router A will now assume it is three hops from the missing net, and tell other routers, who will update their tables.
  • Since there is no real connection to the missing net, the tables will continue to increment the assumed number of hops to it, approaching infinity. The maximum value allowed for hops is generally 15, so for the purposes of RIP 16 equals infinity.

To combat the count-to-infinity problem, two methods are used:

  • Split horizon (also known as best information) - a router is not allowed to advertise information about a path on the path that it is received from
  • Split horizon with poison reverse (also known as poison reverse) - the routers do advertise paths to themselves, but they show them as infinity (16)

Some protocols do not allow VLSM. The text refers to these as classful protocols. RIPv1 and IGRP are classful protocols. These protocols do not allow the use of summary routes, which you would expect if you are not subnetting subnets. Protocols that do allow VLSM are called classless protocols.

More terminology: a route that goes up and down is said to be flapping. This causes an update each time its state changes, which is not necessarily helpful. A holddown timer is like an automatic timeout that starts when a router announces that a working route is no longer working. The reason it waits is to give the down route time to come back up, which would eliminate the need to remove it from the routing tables. The holddown is released if the route comes back up, or if a better route becomes available.

RIP

The chapter continues with a discussion of configuring RIP on routers. RIP has several timers to be aware of:

  • update timer - RIP sends a router's routing table to other routers according to this timer. By default it is 30 seconds.
  • invalid timer - this is the amount of time a route must be down before the router providing it marks it as bad. Default is 180 seconds. If this much time goes by, the router marks the route as bad in its own routing table, and sends an update. It is not erased from the table yet: see below.
  • holddown timer - as discussed above, when an update is received about a route being down, routers start this timer. They do not update their tables about this route unless a better route is advertised while the timer is still ticking, or the timer expires. Default value is 180 seconds.
  • flush timer - This one is puzzling. The invalid timer (see above) is the amount of time that a route has to be down before a router connected to it considers it down. The flush timer is the amount of time that route has to be down before it is removed from the associated router's table. That means that the router will advertise the route as down, then wait a while longer before giving up all hope. This timer must be longer than the invalid timer. By default, it is 240 seconds.

If you have set up static IP routes, you can remove them with the same commands that created them, preceded by the word no. If the command was:
ip route 192.168.3.0 255.255.255.0 192.168.1.4
the command to remove it would be:
no ip route 192.168.3.0 255.255.255.0 192.168.1.4

To activate RIP on your router, you use a sequence of commands:
router rip
network address_of_directly_connected_network
ctrl-Z

You repeat the middle command for each network directly connected to the router. This is one of the reasons people use RIP: it is easy to set up. You tell each router about the routes connected to it. It advertises them to other routers, and those routers add to their own routing tables. Then the routers keep telling each other everything they know. Over and over and over again, even if there are no changes.

Once you have enabled RIP on your router, you can check the routing table on it with this command:
show ip route
The result should be several lines long. It may start with several lines of a legend, indicating the meaning of each code at the start of each line. (See page 233 of the text for an example.)

  • Static route lines start with an S.
  • The line for each route that was entered as a direct connection will start with a C.
  • Routes that were added to the table by RIP advertisements will start with an R. The text refers to these as "RIP-injected" routes.

Each R line will have new information after the IP address, in the format [DDD/hh]. The part I have indicate with DDD will be the Administrative Distance of the route. The part I have indicated by hh will be the number of hops. Remember that RIPv1 will only allow 15 hops in a working route. This information will allow the router to decide whether this route to a network is better, worse, or the same as a route it may already know about. In general, the table will only hold one route line for each network, as long as one is better than the others. If a route to that network is advertised that has a lower AD than the existing route in its table, the router will replace the existing line with the new route. If they have the same AD, a lower hop count makes a route better, so the route with the lower hop count is written to the table. RIP allows a router to have up to 6 equal cost routes to a network in the routing table. The default number of equal cost routes is 4.

The text notes that if our router holds a route to a network that takes 15 hops, it will still advertise that route to other routers, even though there is no point to it. Why? Because if our router is 15 hops away from a network, that means that another router would have to hop to our router to use that route, which makes it 16 hops long, which is unusable.

It is not a good idea to advertise routes outside our own networks. On the router that connects to the Internet, the port that does so should be configured with the command passive-interface port_designation.

RIPv2

RIPv2 works a lot like RIP. Both are Distance Vector protocols, both allow only 15 hops in a route. RIPv2, however, allows you to send subnet mask information with a route advertisement, so it is considered classless and it supports VLSM. To use RIPv2 use the same commands shown above, but insert one new line before pressing ctrl-Z:
version 2

RIPv2 should be used if you are connecting LANs that would otherwise use RIP but cannot due to differing subnet masks.

IGRP

The next improved routing protocol in the text is IGRP. It is still a Distance Vector protocol, but it has several improvements over RIP:

  • Maximum hop count for IGRP is 255. Default is 100.
  • Uses bandwidth and line delay as metrics for routes
  • Update timer: 90 seconds
  • Invalid timer: 270 seconds (default: 3 times the update timer)
  • Holddown timer: 280 seconds (default: 3 times the update timer plus 10 seconds)
  • Flush timer: 630 seconds (default: 7 times the update timer)
  • AD value is 100. RIP's AD is 120, so IGRP routes are preferred over RIP routes.

When you configure IGRP on a router, you declare it to have an Autonomous System number. Only routers with the same number will share routes with each other over this protocol. To activate IGRP, enter configuration mode and enter these commands:
router igrp autonomous_system_number
network address_of_directly_connected_network
ctrl-Z

The text notes that you must enter the classful address of each network you add in the configuration. If you are subnetting, ignore that fact for the configuration of this protocol.

As with RIP, you can check the routing table on it with this command:
show ip route
The result should be several lines long. Each route added by IGRP will be tagged with an I, each route configured as directly connected will start with a C. Each IGRP line will have new information after the IP address, in the format [DDD/cccccc]. The part I have indicate with DDD will be the Administrative Distance of the route. The part I have indicated by cccccc will be a composite metric based on bandwidth and data rate. The lower the number, the better.

IGRP allows up to six routes in the table for a given network. Unlike RIP, those six routes do not need to have equal ratings. They are used for load balancing, which gives better performance than using only one route to a destination. In addition to using multiple routes, IGRP is better for larger networks than RIP.

Even though the CCNA test covers both RIP and IGRP protocols, the author advises us that it would be better to use neither of these protocols, but one of the Link State protocols from the next chapter.

The text reminds us again that we can check configuration settings with show ip route. Several command options are discussed.

  • show ip route: displays the routing table
  • show ip protocols -shows protocols and their timer settings
  • debug ip rip - lets you watch routing updates on a terminal emulator
  • debug ip igrp events - shows a summary of the IGRP routing information that is running on the network.
  • debug ip igrp transactions - shows the separate IGRP transmissions on the network
  • undebug all - exits debug mode, regardless of which debug mode you entered

As you might imagine, there is no point to running RIP and IGRP on your routers, unless you must connect networks that only support one or the other.