What Address Does Arp Work in Conjunction With Ipv4 to Discover?

Chapter 1. Routing and Switching Strategies

The previous book in this series, The Packet Guide to Core Network Protocols, covered the IPv4 protocols, masking, and devices that are function of every network. At present information technology'southward time to take on the routing and switching for the network. In that location are an astonishing number of tabular array-based decisions that have to be made in order to get a unmarried packet across a network, let alone across a serial of networks. Non limited to routers, switches, and access points, these decisions are made at each and every device, including hosts. As networks are constructed and devices configured to forward packets and frames, network administrators must make critical decisions affecting performance, security, and optimization.

When moving to avant-garde ideas, the net admin should know how and why networking tables are constructed, and in what cases manual changes will be beneficial. This chapter provides details near the routing and switching operations, as well as design elements. This affiliate assumes that the reader understands the basic operation of routers and switches, also as the standard suite of protocols including Ethernet, Internet Protocol (IP), Address Resolution Protocol (ARP), and the Net Control Bulletin Protocol (ICMP).

Switching: Forwarding and Filtering Traffic

Most protocols are foregone conclusions, so when edifice networks, many of the choices are not choices at all. It is highly probable that a network volition exist a mixture of Ethernet and 802.eleven nodes. These nodes will run the Net Protocol at Layer 3 of the Transmission Control Protocol/Internet Protocol (TCP/IP) networking model (see Effigy 1-one). The applications will be designed for TCP or the User Datagram Protocol (UDP).

At that place are many types of switching: packet, excursion, multilayer, virtual circuit, wide area network (WAN), local area network (LAN). Circuiting and virtual circuit switching virtually always refer to WAN or telephone technologies, and as such, will not be role of our word. Package switching normally concerns a router or perhaps a WAN switch. Multilayer switching is a technique for improving the processing of IP packets, but most vendors have different ideas as to the best approach. Oft, LAN switches are deployed without any thought to how multilayer switching might improve performance. In fact, other than routing betwixt VLANs, administrators are rarely interested in how advanced features might be used on the network. Since this book is about IP-based networking, switching will nigh always refer to Ethernet frames and the routing will be that of IP packets.

Figure i-1. TCP/IP model

Switches operate at Layer 2 of the TCP/IP (and OSI) model and are the workhorses of most networks. The operation of switches and bridges is defined in the IEEE 802.1D standard. The standard also describes the behavior of other Layer 2 protocols, such every bit the Spanning Tree Protocol, which will exist covered in Chapter three.

In network design, we often talk about the "access" layer or how host devices are connected to the network. Switches and access points (nosotros'll ignore the use of hubs and collision domains) cover all of the bases. In addition to forwarding Ethernet frames based on Media Admission Control (MAC) addresses and processing the Cyclical Redundancy Check (CRC), switches provide a couple of very of import services:

• Filter out traffic that should not be forwarded, such every bit local unicast frames

• Prevent the forwarding of collisions

• Prevent the forwarding of frames with errors

Switches also provide a collection of features that are office of most medium and large networks:

• Virtual local area networks (VLANs)

• Simple network management protocol (SNMP)

• Remote direction

• Statistics collection

• Port mirroring

• Security such every bit 802.1X port-based hallmark

Any device continued to a network, regardless of its specialization, still has to follow the rules of that network. Thus, switches yet obey the rules for Ethernet admission and standoff detection. They as well get through the same automobile-negotiation operations that Ethernet hosts consummate. In that location are several dissimilar link types used when installing switches. They can be connected direct together in point-to-point configurations, continued to shared media or to hosts. Depending on the location in the network, the requirements for operation and security can be significantly dissimilar. Cadre or backbone switches and routers may have the requirement of extremely high throughput, while switches connected to disquisitional elements may exist configured for stricter security. Many switches have absolutely no configuration changes, and are but pulled out of the box and run with default manufacturing plant settings.

Forwarding Based on MAC Addresses

To forward or filter Ethernet frames, the switch consults a source address table (SAT) earlier transmitting a frame to the destination. The Sabbatum is also called a MAC address table or content addressable memory (CAM). Only the destination indicated in the table receives the transmission. In general, a switch receives a frame, reads the MAC addresses, performs the Cyclical Redundancy Bank check (CRC) for error command, and finally forwards the frame to the correct port. Broadcast and multicast frames are typically forwarded everywhere except the original source port. Figure one-ii depicts a typical topology with a switch at the center.

Figure ane-ii. Basic switch topology

Network nodes take unique MAC addresses and Ethernet frames indentify the source and destination by these MAC addresses. A MAC address is a six-byte value, such as 00:12:34:56:78:99, which is assigned to the host. The SAT is a mapping betwixt the MAC addresses and the switch ports. This table too keeps track of the virtual local area networks, or VLANs, configured on the switch. On near switches, all ports are in VLAN 1 by default. The source address table for the network shown in Figure 1-two might look similar Table 1-1.

Table ane-1. Switch source address table

MAC Accost	VLAN	Port
Node A MAC	i	1
Node B MAC	1	two
Node C MAC	one	3
Node D MAC	1	4

If the accost is known, the frame is forwarded to the correct port. If the address is unknown, the frame is sent to every port except the source port. This is called flooding. If the destination MAC address is a broadcast address (in the form ff:ff:ff:ff:ff:ff), the frame is again sent everywhere except the original source port. In many cases, this is also the behavior for multicast frames. Recollect that multicast frames commonly begin with a hexadecimal 01 in the start byte. The range of a multicast frame can be affected past using the Interior Group Management Protocol (IGMP). Switches tin can perform IGMP snooping in order to make up one's mind which ports should receive the multicast traffic. IGMP is likewise divers in the IEEE 802.1D standard. VLANs can reduce the effect of flooding or broadcasting because they can be used to interruption the switch into smaller logical segments. We'll talk most VLANs in Chapter 4.

Figure 1-3 displays the source address table from an operating Cisco switch. This output was obtained using the show mac-address-table command for the Cisco switch. The term "dynamic" means that the switch learned the accost by examining frames sent past the attached nodes.

Figure i-three. Cisco switch Saturday

Notation that there are 3 VLANs and port 1 (FastEthernet0/1) has several associated MAC addresses. This is because another switch was connected at that point. An case of this type of topology in shown in Figure 1-4. Two switches are interconnected via Port 3 on Switch one and Port three on Switch 2. As normal traffic flows, the switches will larn where all of the MAC destinations are by recording the source MACs from the Ethernet transmissions.

Figure 1-4. Ii switch topology

In topologies such as this, it is impossible for a switch to connect direct to each destination. For case, the but piece of information Switch 2 will possess is the source MAC from its perspective. So, from the perspective of Switch ii, all frames announced to take come from the unmarried port (3) connected to Switch one. The reverse is also true. Building on what is known of source address tables and the learning process, the SATs for the two switches would look similar Table 1-2.

Table 1-2. Sat for two switch topology

Switch ane			Switch two
MAC address	VLAN	Port	MAC address	VLAN	Port
Node A	one	1	Node A	one	3
Node B	1	ii	Node B	1	3
Node C	1	3	Node C	1	ii
Node D	i	three	Node D	one	i

When Node A sends traffic to Node D, Switch 1 forwards the traffic out Port 3. Switch 2 receives the frame and forwards the frame to Port 1.

Figure i-3 likewise depicts several VLANs. What isn't clear from these SATs or topology diagrams is how traffic moves from one VLAN to another. Interconnected switches configured with VLANs are typically continued together via trunk lines. In addition, Layer 2 switches demand a router or routing functionality to forward traffic between VLANs. With the advent of multiplayer switches, the boundary between routers and switches is getting a scrap blurry. VLANs and trunks will be covered in-depth in Affiliate 4.

Ane other very nice feature of a switch is port mirroring. Mirroring copies the traffic from one port and sends it to another. This is important because over the concluding several years, hubs have been nigh entirely removed from the network. Only without hubs, information technology can be a challenge to "see" the traffic that is flowing on the network. With mirroring, a management host can be installed and collect traffic from whatsoever port or VLAN. The following are examples of the commands that might be issued on a Cisco switch:

monitor session 1 source interface Fa0/24 monitor session 1 destination interface Fa0/9 encapsulation dot1q

The offset control describes the source of the traffic to be monitored. The second command not only specifies the destination, but the type of frame encapsulation too. In this case, the traffic monitored is actually flowing over a trunk line. Trunks are function of Affiliate 4. Mirroring commands tin too specify the direction of the desired traffic. It is possible to select the traffic traveling to or from a specific host. Typically, both directions are the default.

Effigy 1-5 depicts an example in which Nodes A and B are communicating and the network admin would like to run into what they are up to. So, the traffic coming to and from Node B is mirrored to the management node. Since the chat is between Node A and B, a port connected to either i of them will suffice.

Figure 1-5. Port mirroring

Routing: Finding Paths

When building networks, we typically dissever routing into two components: host and router. Routers handle traffic flowing betwixt networks just hosts brand many decisions long before the packets hit the network. About routing protocols used to observe pathways to destinations are router based, however.

Hosts are typically configured 1 of two ways: statically with an IP address, default gateway, and domain name server, or with values learned via the Dynamic Host Configuration Protocol (DHCP). Hosts send all traffic going off the local network to the default gateway, with the promise that the gateway can route the packets to the destination. One of my favorite questions to ask is "What is the offset thing that a host does earlier sending a packet?" Before doing anything else, a host must process its routing tabular array. Affiliate 2 of this volume is devoted to host-based routing. Historically, there have been some network technologies in which the hosts were more active. For example, IBM's Token Ring utilized discovery frames to find destination nodes on different network segments or rings. However, this is primarily a Layer two role, and is not part of contemporary Ethernet- and IP-based networks. Contempo years have seen a render to utilizing the host of handling the routing function in the area of ad hoc networking.

Ad hoc routing typically does not run on the traditional network infrastructure. Applications include sensor networks, battleground communications, and disaster scenarios in which the infrastructure is gone. In these situations, nodes will handle forwarding of traffic to other nodes. Related ideas are the ad hoc applications and 802.11 ad hoc networks. It is of import to realize that with the 802.xi standard, nodes tin can connect in an ad hoc network only do non forward traffic for other nodes. If a wireless node is not within range of the source host, it will miss the manual.

Ad hoc routing protocols are designed to solve this particular trouble by empowering the nodes to handle the routing/forwarding function. Interesting problems crop up when the "router" may not be wired into the network: things such equally motion of the wireless nodes, power saving, processing capability, and retention may be affected. In addition, the awarding is important. Are the nodes really sensors which have very little in the way of resources? Are they moving quickly? These challenges have resulted in several ad hoc routing protocols beingness developed, such every bit Advertising hoc On Demand Distance Vector (AODV), Fisheye State Routing (FSR), and Optimized Link State Routing (OLSR).

Just these ideas are all a little beyond the scope of this book. The point being fabricated hither is that hosts and the host routing tabular array are very agile in the processing of packets. Historically, nodes on some networks were even more involved, and if advertisement hoc routing protocols are any indication, those days are non gone for good.

Routing Devices

Routers operate at the internetwork layer of the TCP/IP model and process IP addresses based on their routing table. A router'south principal function is to forward traffic to destination networks via the destination address in an IP bundle. Routers as well resolve MAC addresses (specially their own) by using the Accost Resolution Protocol (ARP). It is of import to recollect that Layer ii (link layer) frames and MAC addresses do non live beyond the router. This means that an Ethernet frame is destroyed when it hits a router. When operating in a network, a router tin human action equally the default gateway for hosts, every bit in nearly dwelling house networks. A router may be installed as an intermediate hop between other routers without whatsoever direct connectivity to hosts. In addition to routing, routers can be asked to perform a number of other tasks, such equally network address translation, managing access control lists, terminating virtual private network or quality of service.

Bones router functionality is comprised of three major components:

• Routing procedure

• Routing protocols

• Routing table

The routing process is the actual move of IP packets from 1 port to some other and the routing table holds the information used by the routing procedure. Routing protocols such as the Routing Data Protocol (RIP) or Open up Shortest Path First (OSPF) are used to communicate with other routers and may end upwards "installing" routes in the routing table for use by the routing procedure. When a router is configured, the routing table is synthetic past bringing interfaces up and providing the interfaces with IP addresses. A simple Cisco routing table is shown in Figure 1-6.

Figure 1-vi. Router routing tabular array

When processing packets, routers "traverse" the routing table looking for the best possible pathway lucifer. The routing table shown in Effigy 1-half-dozen indicates that the router knows of two networks: 192.168.15.0 and 192.168.twenty.0. Note that this router does not accept a default gateway or "gateway of terminal resort." This means that if the destination IP address is anywhere beyond the two networks listed, the router has no idea how to become in that location. If you said to yourself, "Ahh, ICMP destination unreachable message," give yourself a gold star.

Routing tables tin can be comprised of several unlike road types: directly connected, static, and dynamic. Two directly connected routes are seen in Effigy 1-six. These are the networks on which the router has an interface and are accompanied by the letter "C" and the particular interface, such as FastEthernet0/1. Direct connected routes take preference over and above any other route.

Notation

The 0/1 from the interface is a designator for the bract and port in the router chassis.

Static Routes

Static entries are those that are manually installed on a router past the network ambassador. For specific destinations, and in small or stable network environments, manually configured static routes can be used very successfully. By using static routes, the network administrator has determined the pathway to be used to a item destination network. The static route volition supersede any pathway learned via a routing protocol because of the administrative altitude, discussed after in this chapter.

Another important idea that is key to routing is the next hop. The next hop is a router that is one footstep closer to the destination from the perspective of a detail router. The adjacent hop is the router to send packets to next. In many networks, a series of next hops are used. A medium-sized routed topology is shown in Figure i-7. So, from the perspective of R1, R2 would be the next hop used to get to both the 192.168.3.0 and 192.168.4.0 networks.

Figure 1-7. Small routed topology

This topology has three routers, which are cabled to each other via the switches shown. There are several ways to emulate a topology such equally this, but this configuration was chosen for clarity. Initially, nothing has been configured except that the interfaces accept been "brought up" and given IP addresses. To bring up an interface, it has to accept been given the no shutdown command and take a link pulse. The routing tables of the routers will merely contain the directly continued routes. Each router is only aware of the two networks for which is has interfaces. Table 1-three depicts the routing tables at this point.

Tabular array 1-iii. Starting routing tables

R1	R2	R3
C 192.168.1.0 F0/0	C 192.168.ii.0 F0/0	C 192.168.iii.0 F0/0
C 192.168.2.0 F0/1	C 192.168.three.0 F0/i	C 192.168.4.0 F0/1

What is clear from these tables is that the routers do non have a complete picture show of the whole network. For example, Node A is connected to Switch i and is trying to contact Node B on Switch 4. Later on processing its host routing tabular array (see Chapter two), it will forrad the traffic to its default gateway (192.168.1.254) on R1. R1 will at present consult its routing table and discover that it only has entries for networks on the left side of the topology. Without noesis of the destination network, R1 will issue the ICMP destination unreachable bulletin.

Note

Merely for fun: The 192.168.one.0 and 192.168.four.0 networks are chosen stub networks considering they have merely one pathway in or out.

How is this problem solved? In pocket-size networks such as this, the network ambassador tin can issue routing commands to the routers providing them with additional forwarding data. These would exist the static routes. For Cisco routers, the control ip route is used. It has three fields that have to exist filled in by the network administrator:

ip road destination-network destination-network-mask  side by side-hop-IP-address (forwarding router interface)

For example, R1 could be told how to get to the 192.168.three.0 and the 192.168.iv.0 networks with the following commands:

ip road 192.168.3.0 255.255.255.0 192.168.2.254 ip route 192.168.4.0 255.255.255.0 192.168.2.254

The commands are virtually identical except for the destination network. A couple important points: the final field specifying the forwarding router interface (192.168.2.254) is a neighboring router that tin be reached by R1. With these two commands, the beliefs is that from R1 the traffic is destined for the two networks specified should be sent to R2. The mask is also the mask of the destination network and non the mask used locally. It is possible that these masks are different. This correct form is called a recursive route.

After issuing the commands on R1, the routing tables would be updated equally listed in Table 1-iv:

Tabular array ane-4. Updated R1 routing table

R1	R2	R3
C 192.168.1.0 F0/0	C 192.168.2.0 F0/0	C 192.168.iii.0 F0/0
C 192.168.2.0 F0/i	C 192.168.3.0 F0/1	C 192.168.4.0 F0/1
Due south 192.168.3.0 via 192.168.2.254
S 192.168.4.0 via 192.168.2.254

While this is an improvement, information technology only solves office of the trouble. Now R1 understands that traffic bound for these networks has to go to R2, merely what does R2 practise next? In the case of the 192.168.three.0 network, everything is fine since this is directly connected to R2. R2 tin can ARP for hosts since they will exist on the same network. Just since traffic is going to 192.168.four.0, R2 requires some assist from the administrator in the course of the following command:

ip road 192.168.iv.0 255.255.255.0 192.168.three.254

The routing table is updated appropriately and we can breathe a sigh of relief every bit the packets finally fabricated it to the 192.168.iv.0 network.

Table 1-v. Updated R2 routing tabular array

R1	R2	R3
C 192.168.1.0 F0/0	C 192.168.2.0 F0/0	C 192.168.three.0 F0/0
C 192.168.2.0 F0/1	C 192.168.3.0 F0/one	C 192.168.4.0 F0/ane
S 192.168.3.0 via 192.168.2.254	S 192.168.four.0 via 192.168.iii.254
Southward 192.168.four.0 via 192.168.ii.254

Getting to the destination network is only one-half the battle—packets notwithstanding have to get dorsum. Examining the routing table on R3, it can be seen that the router does not understand where the 192.168.one.0 network tin be found. The parcel from Node A would take gotten there, but when Node B tries to respond, information technology will receive an ICMP destination unreachable message from R3. From the perspective of Node A, it will appear every bit though the transmission was never answered. To be consummate, ip route commands for all of the unknown networks would have to be issued on each router and the routing tables updated. After all of the ip route commands have been issued, the routing table would look like the entries seen in Table 1-half-dozen.

Tabular array one-6. Completed routing tables

R1	R2	R3
C 192.168.one.0 F0/0	C 192.168.2.0 F0/0	C 192.168.iii.0 F0/0
C 192.168.ii.0 F0/1	C 192.168.three.0 F0/1	C 192.168.iv.0 F0/i
Due south 192.168.3.0 via 192.168.2.254	S 192.168.one.0 via 192.168.2.253	Due south 192.168.1.0 via 192.168.iii.253
S 192.168.iv.0 via 192.168.ii.254	S 192.168.iv.0 via 192.168.3.254	Southward 192.168.2.0 via 192.168.three.253

The actual routing table for R2 and the ip route commands issued on R2 are both shown in Figure 1-8.

Figure 1-8. R2 routing table with static road commands

In the last few routing tables, all of the destination networks tin can be reached either because they are directly connected or have a static route which points to a neighbor router that might be able to help. I have used the term "might" because when using static routes, in that location is actually an assumption that the forwarding router chosen knows something about the pathway to the destination. This is not ever the case, as was described earlier the routing tables were fully populated.

Note

In that location are several options regarding the arguments for the ip route command and there are times when the usage seen in this chapter should be modified. Serial links provide an case in which the last field should be an interface rather than a side by side hop ip address.

Digging a Little Deeper—Common Mistakes

Reviewing the changes outlined in Figure 1-8, there are two mutual mistakes made when trying to configure static routing. These will be reviewed from the perspective of R2. The following is a error:

              ip road 192.168.1.0 255.255.255.0 192.168.ii.254            

This command asks the router to frontwards traffic to itself. In effect this says, "R2 doesn't know where the 192.168.one.0 network is, then let'due south send it to R2." This besides makes niggling sense to the router and and then it usually responds with the bulletin shown in Figure 1-ix. The network administrator and the router stare at each other for a bit, and then the admin is likely to try the 2d common mistake. This as well occurs when addresses are entered incorrectly. The proper grade is shown in Figure 1-8.

Figure one-9. Mistake bulletin for circular routing

The second fault does not actually specify a forwarding router IP address, but rather a concrete interface. This results in college processing load on the router, and is unremarkably reserved for employ with interior routing protocols. The command and the resulting routing table are shown in Figure 1-ten. Though they are static routes, the routing tabular array indicates that the 192.168.one.0 and 192.168.4.0 networks are directly continued. The topology shows that this is clearly non the example.

Effigy 1-ten. Mistake 2

The reason for the higher processing is that the command is not specific plenty and the router actually has no idea where to send the traffic. It is similar to a person who, wishing to mail service a letter of the alphabet, addresses the letter simply so merely opens the front door and throws the letter outside, hoping that it volition get to the destination. What is really interesting is the effect on network traffic. The Accost Resolution Protocol (ARP) traffic is limited to the local area network or subnet. This means that ARP letters are non generally forwarded past routers and hosts do not ARP for nodes non on their own network. An exception can be found in Proxy ARP, but information technology is rarely used. Lastly, MAC addresses typically do not have any meaning beyond their own network. But look what happens when the commands shown in Figure 1-ten are used. Figure i-11 shows that R3 (192.168.3.254) is sending an ARP request for 192.168.1.i, a node on a distant network. This breaks all of the basic behaviors and is but plain incorrect. It makes me uncomfortable simply looking at information technology.

Figure one-eleven. Nonlocal ARP traffic

Default Routes

It is often the example that several destinations tin exist reached via the same pathway. In cases like this, the routing table can continue to grow even though many of the routes share mutual fields. This was truthful in the routing tables for both R1 and R3. Routing table entries sharing the same pathway can exist replaced with a smaller set of routes. The all-time examples are default routes and aggregation. Aggregation or route summarization is a technique for reducing the number of entries in a routing table by shortening the prefix length. The outcome is to collect a serial of destinations into a unmarried entry.

The default road is a special case of a static route. Unremarkably nosotros think of default gateways or routers for hosts. Routers tin can too accept default gateways. Like a host, when the routing tabular array is exhausted and no matches are found for the destination, the default road is used. In Cisco-speak, this is called the gateway of last resort. Again, but like static routes, the network ambassador is assuming that the next hop router knows something that the electric current router does non: how to get to either the destination or the adjacent hop. Figure 1-12 shows the topology with the candidate default routes based on the information from Table i-half dozen.

Figure 1-12. Default routes

For R1, all destinations not directly connected must be reached by forwarding traffic to 192.168.ii.254. For R3, all destinations non directly connected must be reached by forwarding traffic to 192.168.iii.253. Therefore, some of the routing table entries could be replaced with a default road. For a router, a default route or gateway of last resort is installed with a special set of arguments in the ip route command. Instead of specifying the destination network and the destination network mask, default routes apply all 0's. Yous may recall that in processing a routing table with masks, ANDing whatsoever IP accost with a mask of 0.0.0.0 results in 0.0.0.0. This ways that any destination volition result in all zeroes (0.0.0.0) and the ANDing process for this ip route line will also exist all zeroes, matching every destination:

ip route 0.0.0.0 0.0.0.0 forwarding router interface

For R1:

ip route 0.0.0.0 0.0.0.0 192.168.2.254

and for R4:

ip route 0.0.0.0 0.0.0.0 192.168.3.253

The routing tables would be updated as in Table 1-7.

Table one-7. Updated routing tables with default routes

R1	R2	R3
C 192.168.1.0 F0/0	C 192.168.2.0 F0/0	C 192.168.three.0 F0/0
C 192.168.ii.0 F0/one	C 192.168.three.0 F0/i	C 192.168.4.0 F0/1
S 0.0.0.0/0 via 192.168.2.254	S 192.168.1.0 via 192.168.two.253	S 0.0.0.0/0 via 192.168.3.253
	S 192.168.4.0 via 192.168.3.254

Again, there are a couple of important points to annotation. While the routing tables for R1 and R3 have been improved, R2 notwithstanding has the same number of routes. In this case, a default route pointing to R1 or R3 would not assistance much because R2 would yet need some other route for the network in the contrary direction. Additionally, nosotros would exist risking a routing loop. Lastly, going from iv routes down to three may not seem like much of an improvement for R1 and R3, but this is a modest network. Production networks can be much larger and have hundreds of routes.

Dynamic Routes

Dynamic routes are those learned via routing protocols, such every bit Routing Information Protocol (RIP) or Open Shortest Path First (OSPF). When edifice a network, the approach used to handle routing is an of import decision. Static routes require less processing, just changes to network topology cannot be addressed quickly. If the pathway to a destination changes, or if a router is offline, pathways or routes will be lost. Static routes too offering no protection from operator error. Typically, static routes are used when the topology is stable and the network architecture is fairly straightforward. In other words, when the network conditions are well understood. Nosotros oft assume that if the network admin installs the route, if must be correct. Dynamic routing protocols can protect us from these topology changes and errors between the keyboard and the chair. Most routing protocols besides provide protection from routing loops and old, incorrect data. Many as well handle load balancing and multiple pathways to destinations.

Routing Protocols

Before nosotros discuss private routing protocols in the later chapters, it is necessary to talk over types or characteristics of protocols. The idea is to pick the correct protocol for the job and to do this nosotros take to examine the algorithm and operational details. There are several means to expect at or define different protocols.

Single versus multipath

Routing protocols use an algorithm to determine the best path to the destination. If there is only one path, the conclusion is quite unproblematic. In the event that several pathways exist, the routing protocol has a selection: it may take only the all-time possible path, leaving others to languish until needed, or it could install multiple pathways to the destination. The old is called a single path protocol. Information technology may be that two pathways are equal in all respects and the router cannot make a choice every bit to which is better. The protocol can choose to send some portion of the data via each pathway. In this instance, the protocol may be performing some form of load balancing to ameliorate network throughput, in which case information technology would be considered multipath. Lastly, some consideration must be given to backup paths and the protocols' ability to failover should the preferred path be unavailable.

Interior versus exterior

Most routing protocols have established limitations. A clear example is the Routing Information Protocol (RIP), which cannot handle networks with more than 15 hops. Protocols are too designed to include in their calculations certain network parameters, such equally cost or utilization. Thus, it may be that a detail protocol is completely inappropriate for a given network topology. Those designed for a group of networks under single authoritative control (an democratic system) are called interior routing protocols. Nosotros will see in later chapters that some interior routing protocols should stick to minor groups of networks. Those designed for much larger scale topologies such equally WAN connectivity and those deployed by ISPs are called outside. Exterior protocols tend to link democratic systems together. The Border Gateway Protocol (BGP) is an exterior routing protocol.

Flat versus hierarchical

When implementing a routing protocol, routers have a specific fix of tasks to perform, such every bit advertizing routing information, handling topology changes, and determining best path. If all of the routers are performing the same set of tasks, the protocol is said to be apartment. This is the case with RIP. However, if at that place are other functions assigned to a subset of the routers, the protocol may be operating in a hierarchical manner. For example, some protocols define backbone and nonbackbone sections of the network. Traffic tends to flow from nonbackbone to courage sections. Protocols often create boundaries effectually these sections chosen domains or areas. Peer routers communicate within a domain and backbone routers communicate between domains. OSPF is considered to be hierarchical because of its surface area-based arrangement. All OSPF routers understand forwarding within an surface area. Some of the routers understand inter-surface area forwarding and have additional noesis of the overall topology.

Link state versus distance vector

These 2 terms refer to the algorithm used by the protocol to make up one's mind routes to use. Distance vector protocols are also called Bellman-Ford (for the original designers). You may recollect from physics form that a vector is an object that describes magnitude and management. An case might exist that a runner was traveling 6 MPH and heading north. Distance vector routing protocols apply the same idea in that they describe distance to the destination, commonly in terms of hop count (number of routers), and a direction in the class of the side by side hop IP accost or interface to use. And so, the destination network is X number of hops away and sends packets to a particular router. Neighboring routers send a portion of their routing table to each other so send periodic updates. Only there isn't much information other than hop count and management. It is therefore difficult to brand a decision based on the quality of the path. RIP is a distance vector protocol. Distance vector protocols are generally slow to "converge the topology" when compared to link land protocols. Convergence refers to the process of establishing a steady state topology later on changes have occurred.

Link state protocols utilize greater detail about the links or connections betwixt routers in gild to brand more than informed decisions. For example, while two pathways might encompass the same distance in order to become to the destination, if 1 path is based on 1Gbps Ethernet and the other is based on slower Frame Relay, the former path is chosen—even if the hop count is the same. This routing data is as well flooded to the entire topology to speed up convergence. Afterwards the data has been flooded, routers go along in regular contact with each other via "hullo" messages indicating that nil has inverse. For these reasons, link state protocols tend to converge more than rapidly. The protocols are based on Dijkstra's algorithm for finding the best path between points on a graph. OSPF is an example of a link state routing protocol.

A protocol like RIP can at present be characterized as dynamic, router based, unmarried path, interior, flat, and distance vector. Why RIP has these characteristics will exist covered in Affiliate five. OSPF would be dynamic, router based, multipath, interior, hierarchical, and link country. We'll accept an in-depth look at OSPF in Chapter 6.

Choosing or Installing a Road

Equally the routing table is built via dynamically learned routes, the router has to decide whether a route should exist installed in the tabular array. With static routes, the router doesn't take much choice. Additionally, as packets are received past the router, it must make up one's mind which route is the best for the given destination. For both of these decisions, three values are compared: prefix length, administrative altitude, and metric values, in order of importance. These three are typically discussed in the context of Cisco routers. Even so, other vendors use similar processes and values in their routing table construction and decisions.

Prefix length

Prefix length is based on the number of bits in the mask because the mask determines the network address. The greater the number of 1's in the mask, the longer the prefix length. For case, an IP address of 192.168.1.5 with a mask of 255.255.255.0 has a network address of 192.168.1.0. Thus, the prefix length is 24. The aforementioned IP address with a mask of 255.255.0.0 has a prefix length of 16 and a network accost of 192.168.0.0. When building a routing table or forwarding packets, longer prefixes are preferred because they get a package closer to the destination. For example, if you were trying to mail a alphabetic character to someone living in the due east, simply all you knew was that they lived in Boston, the postal service plane would drib the letter over the city in hopes that it would reach the destination. Providing the street gets the letter a little closer, and adding the house number finally gets information technology to the destination. So the accost got longer and longer.

Similarly, to send a package to me here at RIT (no deprival-of-service attacks, please), routing table entries using a network address of 129.21.0.0 become information technology to this general area, just RIT is a large place. Routers eventually list the correct subnet by using a longer prefix, and get the packet much closer. Prefix length is the number one consideration in this process.

Administrative distance

The 2d consideration is the authoritative distance. There are times when a router volition receive information from dissimilar protocols. If the prefix lengths are the aforementioned, how does the router determine which information is the best? You might hear nearly two new restaurants from unlike friends. Feel tells you which of your friends has the improve communication regarding nutrient. Similarly, some routing protocols are better than others. Authoritative distance is a number that can describe the value of data learned via a routing protocol or of the routing tabular array entries already installed.

Every routing protocol has an administrative distance, and this is included in the routing table entries. Lower values are preferred and so, given two routes with an equal prefix length, the lower administrative altitude will be chosen. Some mutual examples include those shown in Tabular array 1-8.

Table i-8. Protocol administrative distances

Route type	Administrative altitude
Static	1
EIGRP	90
OSPF	110
RIP	120

Based on these values, OSPF information is considered superior to that of RIP. Given the same prefix length, you would take the OSPF data over that of RIP. However, if RIP advertises a route with a prefix length of 24 compared to an OSPF prefix length of 22, the RIP data volition be installed or used. In a routing table, bracketed numbers include the authoritative distance:

• RIP - 192.168.ane.0 255.255.255.0 [120]
• OSPF - 192.168.1.0 255.255.252.0 [110]

Annotation that based on the administrative distance, static routes are considered superior to whatever learned road and directly connected routes are superior to static.

Metric

Metric is the last comparison value for route information. Metric is used to compare routes that are learned via the same routing protocol when they have the same prefix length. The metric values are dependent upon the routing protocol—RIP uses hop count while OSPF uses a formula to derive its dimensionless metric. It is inappropriate to utilize the metric to directly compare information from different protocols. For instance, two pathways to the same destination are received by a router via RIP packets and so have the same authoritative distance. Assuming the masks used have the same prefix length, the deciding cistron will be the metric. One path utilizes 4 hops to go to the destination while the other merely requires 3. Conspicuously one path is shorter and then will be installed in the routing table. The routing table would include entries such as:

• 192.168.1.0 255.255.255.0 [120/3] via 192.168.ane.254

Within the subclass, the hop count is appended to the administrative distance.

Routing Loops

There are several topologies that create problems for both Ethernet and IP. A looped architecture is i of the most challenging. Layer 2 protocols like Ethernet do non have a machinery to handle loops, so Radia Perlman rode to the rescue with the Spanning Tree Protocol. At Layer 3, we are afforded some measure of protection considering IP includes a time to live field. Every bit packets continue around a looped topology, each router will decrement this field by one until it reaches zero. At this point, the IP package is no longer sent along. A simple looped topology is shown in Figure 1-13.

Figure 1-13. Routing loop

In this topology, nodes continued to the switches would use R1 and R2 every bit their default gateways. R1 and R2 would in turn utilize R3 equally their gateway of last resort in order to become to external destinations. Routing between R1 and R2 might be handled via static or dynamic routes. As we discussed previously, the problem with static routes is that they practice not respond to changing network weather condition or handle loops. Any mistakes in configuration or with certain kinds of failure and packets could continuously circulate or exist lost.

Just routing loops are not ever bad. For instance, if connectivity for the nodes attached to the switches is considered critical, a routing loop might be installed to ensure that the network is very reliable. The links betwixt R1/R3 and R2/R3 might span long distances, such every bit the connections to a service provider. Routing/failover protocols might exist used to maintain this ready of redundant links, especially if the topology is more complex than the 1 in Figure 1-13. Routing loops can also be installed in order to provide load balancing between links. Protocols like Hot Standby Routing Protocol (HSRP), Virtual Router Back-up Protocol (VRRP), and the Gateway Load Balancing Protocol (GLBP) are all designed to assistance prevent single signal of failure instances and potentially remainder traffic over the links.

Figure 1-13 is a very straightforward sort of loop, but it is by no means the only mode to wind upwards with a looped topology. Misconfiguration or lost connectivity can easily result in a loop, even where physical loops are not present. Networks actually take two topologies, physical and logical. The physical topology can exist traced by following cables, or at least a skillful gear up of labels. The logical topology tin merely exist understood by examining configurations and the flow of traffic. An instance in which the concrete and logical topologies practice non friction match can be seen in Figure ane-xiv.

Effigy one-fourteen. Physically linear, logical loop

When discussing static and default routes earlier in this chapter, the routing tables were simplified through the use of the default route on R1 and R3. But providing a default on R2 doesn't simplify the routing table. We will at present see why placing a default road on R2 might not exist a very good idea for a completely different reason. Presume that the routing tables are built and the default routes accept been assigned every bit depicted in Figure i-14. R2 is now using R1 for a default route.

Table 1-9. Default routing into routing loop

R1	R2	R3
C 192.168.1.0 F0/0	C 192.168.2.0 F0/0	C 192.168.3.0 F0/0
C 192.168.2.0 F0/1	C 192.168.3.0 F0/1	C 192.168.4.0 F0/ane
S 0.0.0.0/0 via 192.168.ii.254	South 0.0.0.0/0 via 192.168.two.253	S 0.0.0.0/0 via 192.168.3.253

What happens if Node A pings a device non on this detail fix of networks, such equally 192.168.5.ane? The ICMP echo request would be sent to the default gateway of Node A (192.168.1.254) and R1 would discover that it did not know where the destination was. R1 would ship the packet to its gateway of final resort: 192.168.2.254. R2 would process its routing table and detect that information technology did not know where the destination (192.168.5.1) was either. R2 also has a gateway of terminal resort but the problem is that it is R1. Thus, the bundle is sent right back to R1. Presto—logical loop. R1 receives the packets, processes its routing table, and the whole affair starts again until the time to alive field in the packet expires. Whether the configuration was washed on purpose or past error, the results are the same. Figure ane-15 depicts an Net Control Message Protocol (ICMP) packet that results from a time to live (TTL) field beingness reduced to 0, though for a dissimilar conversation. ICMP has the responsibility of informing network hosts when problems such as this occur. Within the ICMP packet, the time to live field is set to 255. But this is not true of all IP packets. Each router decrements this field as the packet is forwarded.

The topology seen in Figure 1-14 is an isolated topology, and in practice would exist connected to the outside globe or to some other series of routers that somewhen sent traffic offsite. And then, the default gateway and the routing tables would be configured appropriately. Merely never underestimate our ability to set things up improperly.

Figure 1-xv. ICMP Time Exceeded

There are times when link failures can create loops. For example, if in Figure 1-14, the R3 interface continued to the 192.168.4.0 were to be shutdown, the road would be removed from the routing tabular array of R3. However, the other routers in the topology would yet believe that the 192.168.4.0 network is however bachelor via R3. The question is: What does R3 practise when traffic for the 192.168.iv.0 network arrives?

Table 1-10. Correct routing tables—over again

R1	R2	R3
C 192.168.1.0 F0/0	C 192.168.2.0 F0/0	C 192.168.3.0 F0/0
C 192.168.2.0 F0/1	C 192.168.three.0 F0/one	C 192.168.4.0 F0/1
S 0.0.0.0/0 via 192.168.ii.254	S 192.168.1.0 via 192.168.2.253	Due south 0.0.0.0/0 via 192.168.three.253
	S 192.168.four.0 via 192.168.3.254

As nosotros can see, R3 receives the parcel and, non knowing where the destination is, would sends information technology to the gateway of last resort (R2). This is because when the interface is shutdown, R3 removes the 192.168.4.0 network from its routing table, resulting in another routing loop. For these reasons, whenever at that place is a uncertainty about the stability of the network or when complexity starts to grow, rely on dynamic routing.

Discard or Null Routing

Sometimes the best designs simply practise not fit the topology at mitt. When this happens, attempts to simplify or optimize the network can create real headaches. For instance, assemblage is often used to shrink or simplify routing tables. To aggregate a serial of routes, the number of downstream routes to exist aggregated should be based on powers of 2. When network masks used to aggregate routes are modified, the changes are based on powers of 2. At present allow's consider an example: imagine that the network ambassador wishes to clean up the routing tables of the small, aggregated topology shown in Figure ane-sixteen.

Figure 1-16. Aggregated topology

The routing tables for R1 and R2 are shown in Table 1-xi. In this example, nosotros are not concerned with the outside connectivity for R1.

Table 1-11. Routing tables, aggregated topology

R1	R2
C 172.xvi.0.0/xvi F0/one	C 172.16.0.0/16 F0/0
S 192.168.4.0/24 via 172.xvi.0.two	C 192.168.4.0/24 F0/i
S 192.168.v.0/24 via 172.sixteen.0.2	C 192.168.v.0/24 F0/2
S 192.168.half-dozen.0/24 via 172.sixteen.0.2	C 192.168.six.0/24 F0/3
	Southward 0.0.0.0/0 via 172.xvi.0.1

The routing tables show that R2 is using R1 as a default gateway and that R1 is accessing several networks via R2. The network administrator looks at these and decides to aggregate them together in order to make the routing table of R1 simpler. This is accomplished by manipulating the mask associated with the downstream routes on R1.

Table ane-12. Routing tables, aggregated topology with network administrator "fix"

R1	R2
C 172.sixteen.0.0/sixteen F0/1	C 172.16.0.0/16 F0/0
South 192.168.4.0/22 via 172.sixteen.0.ii	C 192.168.four.0/24 F0/ane
	C 192.168.v.0/24 F0/two
	C 192.168.vi.0/24 F0/3
	South 0.0.0.0/0 via 172.16.0.1

The resulting entry in R1 at present encompasses the following addresses: 192.168.4.0–192.168.7.255. Merely what happens when an address such as 192.168.7.1 is pinged from outside of R1? The traffic would be forwarded to R2, only since the road is not part of the tabular array on R2, it would use its default route to ship the traffic right back to R1. And again we take a routing loop. 1 solution for this problem would be to install null routes on R2 in order to forestall information technology from sending traffic back to R1. This can be for the aggregated address or the smaller address space, and then variations of this command tin can be used on either router.

ip road 192.168.4.0 255.255.252.0 null0

In order to preclude this route from stopping all traffic, a college administrative altitude can be assigned to the route.

IPv6

Though IPv6 is not the focus of this book, it doesn't injure to take a peek. The hard part about IPv6 is learning all of the addressing and terms. Later on that, you accept to prepare your mind for values that look quite a fleck different. Simply, from a routing perspective, many of the techniques are the same. Figure i-17 depicts the same topology used earlier, merely it is at present an IPv6 topology. The /64 is the CIDR note for the masks used.

Figure 1-17. IPv6 topology

In order to build a topology, there are a couple of necessary changes to the configuration of each router. As can be seen, each router interface has an IPv6 address. For R1, the IPv4 and IPv6 commands are quite similar:

ip address 192.168.one.254  255.255.255.0    ipv6 accost    1001::254/64

Again, the major divergence is in the structure of the accost. The colons in the IPv6 address suppress long strings of zeroes. The /64 is a classless interdomain routing (CIDR) shortcut for the mask. Routing is set upwardly with two commands: ipv6 unicast-routing and ipv6 route. The 2d control is for the static routes. For R1, routes for the 1003::/64 and 1004::/64 networks are required.

ipv6 road 1003::/64 1002::254 ipv6 route 1004::/64 1002::254

The routing table for IPv6-based routers tin can be a little disruptive at kickoff, but after breaking it downwardly, the similarities begin to emerge. Effigy one-18 displays the routing table for R1. Note the use of directly connected and static routes. 1 add-on is the local (L) or link local entry. This refers to the interface of the router. The mask for these entries is /128 or all ones. This is the same as the IPv4 host entry. FF00 is the multicast entry. The brackets associated with each entry notwithstanding testify the administrative distance and metric.

Figure 1-18. R1 IPv6 routing tabular array

Reading

The ideas discussed in this chapter are outlined in a drove of RFC and standards, or touched on when reading about a detail protocol. For example, the RFCs for RIP and OSPF refer to several routing issues and so are listed here. When configuring network equipment, I take always found information technology useful to accept two documents at hand: command references and configuration guides. The control references are a must, since they contain the bodily commands and the arguments used with the commands. However, these are not very useful when trying to understand "all-time practices." This is where configuration guides come in. These documents, along with vendor whitepapers, provide an explanation of where information technology is appropriate to use a particular command or how to begin building your network. In the stop, trial and error will guide you lot as you attempt to get things working and gain experience.

• IEEE 802.1D: Standard for Local and Metropolitan Area Networks: Media Access Control (MAC) Bridges
• RFC 1102: Policy Routing in Internet Protocols
• RFC 2328: OSPF version 2
• RFC 2453: RIP version 2
• RFC 3768: Virtual Router Redundancy Protocol

Summary

In this chapter, nosotros discussed some of the larger issues associated with routing and switching. When building networks, it is important to understand full general concepts such as static, default, and dynamic routing. Equally networks grow in size and complexity, skills that become important include the power to develop sound topology decisions and evaluate routing protocols. VLANs, trunks, installation of routes, and looped architectures were also covered. The best network administrators not only understand the commands to use, just the reasons for the commands and how network decisions are fabricated.

Review Questions

1. When continued together and running VLANs, torso lines are often used.

   1. Truthful

   2. Simulated

2. Static routes are manually installed and have a lower administrative distance than dynamic routes.

   1. TRUE

   2. FALSE

3. Dynamic routes are used whenever the network topology changes.

   1. True

   2. Imitation

4. Which of the following is the proper order of importance for route pick?

   1. Admin distance, prefix length, metric

   2. Prefix length, admin distance, metric

   3. Metric, prefix length, admin distance

5. The next hop router should exist an interface on a router connected to your network.

   1. TRUE

   2. FALSE

6. Directly connected routes will be installed as soon equally an interface is "up".

   1. Truthful

   2. Simulated

7. Match the following terms to their definitions.

   Metric Admin Distance Prefix Length

   Number of bits in the mask Value comparing information from the same routing protocol Quality comparison between routing protocols

8. RIP and OSPF are both what type of routing protocol?

   1. Altitude vector

   2. Host based

   3. Hierarchical

   4. Interior

9. What addresses are encompassed past the post-obit routing tabular array entry: 172.31.32.0/19?

10. Routing loops merely occur on physically looped networks.

    1. Truthful

    2. False

Review Answers

1. Truthful

2. TRUE

3. Simulated

4. B

5. True

6. True

7. a) 2 b) 3 c) 1

8. D

9. 172.31.32.0–172.31.63.255

10. FALSE

Lab Activities

Activity one—Interconnected Switches and SATs

Materials: Two switches, two computers

1. Connect 2 switches via a crossover cable or uplink.

2. Connect the 2 computers, 1 on each switch.

3. Explore the SAT on each switch. Pay attention to the VLAN, port and MAC address listings. Handy Cisco command: show mac-accost-tabular array.

4. Experiment with either moving the computers or adding more nodes.

5. Before reviewing the table after each experiment, predict what the Saturday content will be and why.

Activity 2—Static Routing Topology

Materials: Three routers, 2 computers

1. Wire the topology shown in Figure 1-7. Note: The topology can be reduced to 2 routers with the same requirements, though not equally many.

2. Give each of the router interfaces and the computers IP addresses.

3. Examine the routing tables of each of the routers once the interfaces are upwardly. Handy Cisco command: prove ip road.

4. Experiment using PING. Which destinations are reachable and which are non?

5. Working from left to correct, begin calculation static routes in order to solve connectivity problems. Handy Cisco command: ip road destination network destination mask forwarding router interface.

6. In one case all destinations can be PINGed from all interfaces, y'all are washed.

Activity 3—Convert to Default Routes

Materials: Iii routers, two computers, Wireshark

1. Using the topology from the previous activity, catechumen the static routes on R1 and R3 to default routes. Note: This activity can be confusing if only ii routers are used, since there will non be a clear reason to choose the default route.

2. Examine the routing tables from each router. Select a couple destinations and process the routing tables manually, checking to meet if the procedure tin be followed footstep by footstep.

3. Now experiment with the captures themselves. Starting from a computer or interface, and bold that the ARP tables are articulate, try to explicate every packet that will exist generated as a upshot of a PING to an IP accost at least i hop away.

4. Consummate the PING and examine the captures in social club to determine the correct respond. Were you correct? If not, why not?

Activeness iv—Routing Loop

Materials: Three routers, two computers, Wireshark

1. Using the same topology, catechumen the routing table on R2 to default routes.

2. What addresses tin can be PINGed and what addresses cannot?

3. What happens in the control trounce when you PING an address not on the topology?

4. Start up Wireshark and examine the traffic on the network as a result of your PING offsite.

5. What happens to the IP TTL field?

6. Where was the loop and what acquired it?

7. What was the ICMP traffic generated as a result?

Activity v—Null Route

Materials: Three routers, two computers, Wireshark

1. In the topology to a higher place, install null routes to fix the routing loop. Recall the goose egg argument to the ip road control.

2. Does this solve the connectivity problem or but hide the difficulty?

valenciaweressid1969.blogspot.com

Source: https://www.oreilly.com/library/view/packet-guide-to/9781449311315/ch01.html

Share this post