1. 11.0 Explaining IP Routing
While Ethernet switches make intelligent frame forwarding decisions based on physical Mac addresses, our routers make intelligent packet forwarding decisions based on logical IP addresses. And these routers, they’re really the connective tissue that make up the entire Internet. So in this module, we will follow a packet step by step through a router network. We’ll discuss how our router gets so smart about where the different IP addresses live, and we’re going to compare a collection of routing protocols. Now, let’s get started with our look at routing in our next video as we follow a packet step by step through a routed network.
2. 11.1 Packet flow in a Routed Network
In this video, we want to consider how a router is going to make intelligent forwarding decisions. In other words, how it’s going to route packets through a network. In this example, we’ve got a laptop, and it has a Mac address of all A’s. We’re going to pretend that laptop wants to communicate with the server in the upper right, and we’re pretending that it has a Mac address of all B’s. Let’s go step by step by step through the process of routing a packet from the laptop to the server. Now, the laptop, we’re assuming it already has IP address information. Maybe we statically assigned it. Maybe it learned this via DHCP. But let’s say that the laptop has an IP address, and we see this on screen as well of 192 dot 168, dot one, dot two. Now, the destination IP address that it’s trying to reach, that’s the IP address of the server. That’s 192 dot 168, dot two two, dot two.
And since those are on different networks, we’ve got to go through a router to get from the laptop to the server. And if we’re going to go through a router, we need to know that laptop’s default gateway, which I’ve abbreviated as DG on screen. Some people call that either the default gateway or the next top router, and it has an IP address of 192 dot 168, dot one, dot one one. Now, the very first time the laptop is going to communicate with that router, it’s going to send it a packet that’s destined for the server. It’s destined for 192 168 two two. However, the destination Mac address that we’re going to be sending to the router is going to have the router’s Mac address as the destination. Remember that a Mac address does not flow through a router.
It gets rewritten. So as we’re going from the laptop to the server, if we’re going through Router R One, that frame at layer two that we’re sending to Router R one, it’s got to have Router R one’s gig one Mac address. We know it’s IP address 192 168 one one. But we need to know the Mac address so we can properly form a frame. The laptop may already know that information because it’s communicated with that router before. Maybe it doesn’t the very first time. The way the laptop is going to learn that Mac address is it’s going to send out an ARP broadcast. ARP? That stands for Address Resolution Protocol. It’s a broadcast that’s going to go throughout this subnet saying, hey, can somebody tell me the Mac address for 192 168 one one, my default gateway. And Router R One says, yeah, that’s me. I’ve got the all ones Mac address. So now the laptop knows how to send a frame down to R one. Now, we’re still destined for an IP address of 192 168 two two. But the first hop along the way is Router R one, and the laptop is going to make a note of that, and it’s going to store it in its ARP cache so it doesn’t have to ask in the future.
Now, eventually this is going to time out, but for now, it’s going to memorize that Mac address corresponds to our default gateway. And this packet that’s destined for the server leaves the laptop and it’s going to go down to Router R One. And Router R One says, I see you’re trying to get to the 192 168 two two IP address. Let me check my IP routing table to see if I know a way of getting there. And here’s an example of a routing table that R One might have. Does it have a network that encompasses in other words, it includes 192 168 two two? Actually, it does.
If you notice, we’ve got the 192 168, 200:24 network known to Router R One. And that address space that we define includes the IP address of 192 168 two two. And we also see from the routing table how we get there. We’ve got to go to a next top of ten one one two. That’s router. R two. Now? Probably R. One is already communicated with R. Two previously, and it already knows R. Two’s mac address. But just for completion’s sake, let’s imagine that Router R One just came online. It’s not yet learned the Mac address of Router R. Two’s gig, two interface. So it’s going to send an art broadcast as well, just like our laptop did, saying, hey, can somebody tell me the Mac address of ten one one two? And R. Two says, yes, that’s me. And here’s my Mac address.
It’s the all threes Mac address. And Router R One makes a note of that in its ARP cache. Router R One is now going to forward that packet over to Router R Two. And Router R Two is going to interrogate its IP routing. Table It says, Do I know how to get to an IP address of 192, 168 two two? And as it scours its routing table, it says, oh yeah, I’ve got a route to 192 168 200:24. It includes an IP address. And guess what? It’s directly connected. It’s connected to interface gigabit one. And we’re ready to send this packet out of gigabit One if we know the Mac address of the server. If Router R Two has not yet learned that Mac address, you guessed it, it’s going to have to ARP for it.
It’s going to have to say with the broadcast, does anybody know the Mac address of 192 168 two two? The server is going to respond and say, that’s me. I’ve got the all B’s Mac address. Now, finally, Router R Two is going to make a note of that and send the packet on its way to its eventual destination. And that’s a look at how we can route traffic through a router. It’s not enough to know source and destination IP addresses we have to know the Mac addresses of the router interfaces along the way, because a Mac address does not survive a router hop. Another question we could ask at this point is how did the router build its IP routing table? Well, there are different ways that it could have learned that routing information.
We could have gone in and administratively told a router we could have typed in to get to this network, go to this next top, or we could use a dynamic routing protocol. A dynamic routing protocol allows routers to communicate about networks they know how to reach. And there’s going to be some sort of a metric that’s a value that says essentially the cost or the distance to get to this network that we’re trying to reach. And we’re going to take the lowest metric or the lowest cost path to that destination. And if we have redundancy built in, and there’s more than one way to get from point A to point B, the dynamic writing protocols can route around some sort of a link failure. So that means that having a dynamic writing protocol is going to be far more scalable than going in and administratively configuring addresses ourselves if we do that. That’s called static addressing. But for larger enterprise networks, yeah, we want to be using some sort of a dynamic writing protocol.
3. 11.2 Static and Default Routes
In this video, we want to consider static routes and default routes. These are routes that can show up in a router’s IP routing table. And a static route is something that we administratively enter. Let’s imagine we go into Router R One and we say if you need to send traffic to the 198 dot 51 dot 100 dot zero network, go to a next hop address of 100 dot zero two, that’s router R Two. If you you want to send traffic to 2030 1130, go to an EXTOP of 100 six. That’s our three. Those are static route entries that we could make. Of course, that’s not going to scale very well if we have lots and lots of routers. And it’s not going to scale very well if we have redundant paths where there’s more than one way to get to a destination network. But a few things I want you to know about static routes.
They are routes that we administratively add compared to routing protocols. By default, it’s very believable. It has a very low administrative distance of a one, and with administrative distance, a lower value is more believable. And this is lower than any of our dynamic routing protocols. And what a static route is really doing is it’s specifying the next top address to reach a specific network. And it’s possible that a router is going to have more than one entry in its routing table that could get a packet to a destination IP address. So if we have more than one route, which one do we use? We use the one that is the most specific. Sometimes people call that the longest match. It’s the route entry that contains the fewest number of IP addresses.
However, the flip side of that is what’s called a default route. A default route is very not specific. It contains every possible IPV four address in the world. That default route is zero zero. And the reason we might want to use a default route is so that we don’t have to maintain a larger routing table. For example, let’s take a look at Branch office. One. It has a router of BR one. And maybe there are some different routes within the BR One site, but its only way to get out to the internet is to go through its HQ site. There’s no other way. So instead of maintaining all the routes on the Internet, or even all the routes at the HQ site, what we can say to a router BR One is if you don’t know how to get to that network based on this routing table that you have, go to HQ, because HQ knows how to get to everywhere else. That way BR One can dramatically reduce its routing table size.
If it’s not local to BR One, just go to HQ. It will figure out how to get you to your destination. And a couple of things I want you to know about default routes. These can be static that we administratively configure, or they can be dynamic. We could have a routing protocol like OSPF advertise a default route throughout an enterprise. And we’re only going to use this default route if a router does not have a more specific entry. In other words, a route entry that contains a fewer number of IP addresses than all possible IP addresses. Remembering the default route is actually a route to zero zero, which includes all possible IP version for addresses.
4. 11.3 Routing Protocols
Routers have different ways of learning where networks live. One way is that it’s directly attached to that network. Maybe the router has an interface that belongs to the network it’s looking for. Another way is for an administrator to go in and configure what is known as a static route to say, if you want to get to this network, here’s where you go next. But for more scalability, we often in larger networks, turn to dynamic routing protocols. That’s what we’re going to talk about in this video. A dynamic writing protocol allows routers to educate one another about the networks available. And if a route goes down, hopefully there’s a backup path and we can reroute around that failure. And the network plus exam wants us to know about these specific writing protocols rip, OSPF, EIGRP, and BGP.
We’re going to talk about those at a high level in this video, but let’s think about how we would first select a routing protocol for our environment. What are some considerations? One consideration is how scalable is this routing protocol? For example, Rip is not very scalable. If the destination network is more than 15 routers away, in other words, 15 router hops away is the terminology that’s used, then that network is considered to be unreachable. So that doesn’t scale very well, certainly would not work on the Internet. OSPF, EIGRP, they’re both very scalable. BGP is extremely scalable. That’s what’s used on the worldwide Internet. We might also want to consider vendor interoperability. Now, most of the different routing protocols that we’re talking about are vendor interoperable.
They’re standards. However, EIGRP is a bit of an exception. EIGRP was developed by Cisco, and Cisco Systems kept it as a proprietary writing protocol for many years. And then around 2010, they started to open it up and allowed different companies in the industry to start using EIGRP. It was not widely adopted by other vendors, by the way. So if you’re anything other than an all Cisco shop, you might not want to use EIGRP. You might also consider how familiar your technical staff happens to be with a particular routing protocol. For example, when I worked at Walt Disney World, EIGRP was our routing protocol that we used throughout Walt Disney World and everybody in our group.
We had great familiarity with EIGRP. So if we were about to deploy another site, yeah, we might select EIGRP in all Cisco gear because we were so familiar with it to start with. And another consideration is convergence. We said that if a route fails, if a backup path exists, a dynamic writing protocol can route us through that backup path. However, how long does that take to happen? Rip is a bit slow. It might take one or two minutes. BGP might take a few minutes. And OSPF and EIGRP, they can both be very, very quick on the order of maybe just a couple of seconds.
And in some cases, we have more than one routing protocol running in a network. And the question is, if I’m receiving routing information from more than one source, who do I believe? And that introduces the term, I want you to put in your notes administrative distance. Administrative distance is the believability of a routing protocol. For example, consider router r five. It wants to get to network ten 1124, and maybe r one is telling it, hey, I can get you to ten one 10. R two says, here’s how to reach that network. R three says, I’ll get you there. R four says, here’s your ticket to ten one 100:24. Who do we believe? Well, it can depend on the administrative distance or the believability of that route information source. Let’s do a side by side comparison.
If a network is directly connected to the router that is very believable and that has an administrative distance, or an ad of zero lower is more believable, by the way, and you don’t get more believable than being directly connected. An administrator could configure a static route, and that’s pretty believable as well. If somebody went to the trouble to type in a route, it’s probably believable. It’s not going to be quite as believable as a network that’s directly attached, but it still has a very low administrative distance of one. But I say it has an administrative distance of one by default. What we could do is use a static route as sort of a backup.
We can make it less believable than one of our other routing protocols. We could assign it an artificially high administrative distance so that static route would only be considered if the dynamic writing protocol no longer knew how to get to that network. And for the dynamic protocols that are going to be running inside our organization, EIGRP is going to be the most believable with an ad of 90. OSPF has an administrative distance of 110, and rip has an administrative distance of 120. So it’s least believable. And you might notice that BGP is not here. BGP does have an administrative distance, and if we’re alerting from a different what’s called an autonomous system, it’s going to have a very low administrative distance of a 20.
However, the reason I didn’t include it here is that BGP is probably not going to be running within our network. BGP interconnects different networks under different administrative authorities. So BGP is considered to be an exterior gateway protocol. Here’s what I mean. Imagine we have our company, Company A, and we’re connected out to a couple of Internet service providers, a couple of ISPs for Redundancy, for throughput, and we’re going to be running a couple of different types of routing protocols, one within our company and one out to our ISPs. And they’re going to use that same protocol between themselves. And when we’re talking about a protocol that we run inside our organization, we call those IGPs interior gateway protocols, and those include rip, OSPF, and EIGRP. Now, by the way, this is not a comprehensive listing. These are the protocols that listed on the network plus exam blueprint. There’s also intermediate system to intermediate system that you might encounter in the real world. By the way, it has an administrative distance of 115. But we’re not going to get into that. Protocol, which is abbreviated is Hyphen Is because it’s not listed on the Network Plus Exam Blueprint, but it’s another IGP. But when we’re talking between autonomous systems, we’re going to use an exterior gateway protocol. Now, what is an autonomous system? An autonomous system is defined as a network under a single administrative control. So maybe your company that’s one autonomous system, one of your ISPs, they’re another autonomous system. Another ISP they’re a different autonomous system. And everybody has unique autonomous system numbers assigned to them by their country’s numbering authority. Let’s say that company A has an autonomous system number of 65,000 ISP one. Its as number is 65,100 ISP 265 thousand 200. How do we talk between those autonomous systems? We’re going to use an EGP, an exterior gateway protocol. You might want to put in your notes that an EGP communicates between autonomous systems.
And currently there’s only one exterior gateway protocol out there, and it’s called BGP. That’s the Border Gateway protocol. That’s the protocol that runs the Internet. It interconnects all of these different autonomous systems worldwide. And these protocols fall into some different categories that I’d like you to know. We have three different categories distance vector, link state, and path vector. Now, a word of caution here. I use the category of path vector. The network plus exam. Blueprint uses the term hybrid. I firmly disagree with that. Hybrid implies we have characteristics of both link state and distance vector and BGP, which falls under path vector. It does not.
But for the exam, I want you to think that BGP is hybrid. Now, let’s talk about these one at a time. Rip is considered to be distance vector. Now think about from high school you learned what a vector was. A vector has magnitude and direction. That’s really what Rip does. It knows the magnitude, in other words, how far a network is, and it knows where to go next. It’s pointing to a next hop, and it says here’s how far it is. And the way it measures how far it is is through the number of routers that it has to cross to get to the network. Those are called hop counts. OSPF, however, understands the network at a much more intimate level. It has a map of the network. It has what is called a link state database. And this is like a roadmap of your network.
And it uses a protocol called the Dijkstra algorithm. That’s the very same protocol that’s used in your car’s navigation system or GPS app on your smartphone. It’s going to assign a cost to the links between different routers or your GPS. It’s going to assign a cost to different roadways between different cities, as an example. But they use the same algorithm and they determine the shortest path from any one point to any other point in the network based on cost, which is purely a function of bandwidth. Now, EI GRP, there’s a lot of debate about in the industry. Some people will say it’s a hybrid routing protocol. Others will say it’s a distance vector routing protocol. Now, I will give you that it’s an advanced distance vector routing protocol, but it is a distance vector routing protocol. EIGRP does measure magnitude and it points in a direction.
In other words, it’s going to calculate an EIGRP metric. The formula for that calculation, by the way, is much more convoluted than simply counting the number of routers you have to hop through, like Rip does. EIGRP uses a very complex formula, but at the end of the day, you come up with a metric, a value, and you know your next top, you have a distance and you have a direction that’s distance vector. Now, BGP I put in the category of path vector careful because the Network Plus Exam Blueprint says that it’s a hybrid routing protocol. So if you were asked that on the Network Plus exam, you might want to say what CompTIA says it is and that’s hybrid. But I really disagree with that.
I think it is a path vector routing protocol. Here’s what I mean by that. Unlike Rip and OSPF and EIGRP, it doesn’t have just a single metric, and we’re going to use the path with the least metric. Now, BGP considers several different things. It considers what are called a path attributes and there is a sequence that it will evaluate these path attributes in, but it will say, here’s your next top. It does not have a link state database like OSPF, so it’s not link state, but it does more than just saying here’s the distance and here’s the direction. It’s actually going to tell us the path that we transit to get to a destination network. Remember, BGP is used on the Internet.
We may be going through a few autonomous systems to get from our computer to a destination web server somewhere. Well, BGP is going to list for the autonomous system hops. It’s going to say we go through this autonomous system and this autonomous system, then we go into this other autonomous system and it’s within there that we’re going to find the destination network. So it gives us a complete path, an autonomous system path to the destination, and it tells us the next top. So it is a path vector, or if you must, a hybrid routing protocol.