Lesson 2:Building Routing Tables

Now that you have learned how TCP/IP systems use the routing table to determine the destination for a packet, the next thing to consider is how the information gets into the routing table. The sample routing table in Lesson 1 contains only the default entries created automatically by a Windows-based workstation. This is known as minimal routing. Routers can have many more entries, depending on the size of the internetwork and the method used to create the table.

After this lesson, you will be able to

• Distinguish between static and dynamic routing
• Create a static route in a routing table
• Understand the operation of routing protocols

Estimated lesson time: 30 minutes

Static and Dynamic Routing

There are two techniques for updating the routing table—static routing and dynamic routing. Static routing is the process by which a network administrator manually creates routing table entries using a program designed for this purpose. Dynamic routing is the process by which routing table entries are automatically created by specialized routing protocols that run on the router systems. Two examples of these protocols are the Routing Information Protocol (RIP) and the Open Shortest Path First (OSPF) protocol. Routers use these protocols to exchange messages containing routing information with other nearby routers. Each router is, in essence, sharing its routing table with other routers.

It should be obvious that, although static routing can be an effective routing solution on a small internetwork, it isn't a suitable solution for a large installation. If you have a network with a configuration that never changes, or one in which there is only one possible route to each destination, running a routing protocol is a waste of energy and bandwidth. The advantage of dynamic routing, in addition to reducing the network administrator's workload, is that it automatically compensates for changes in the network infrastructure. If a particular router goes down, for example, its failure to communicate with the other routers nearby means that it will eventually be deleted from their routing tables and packets will take different routes to their destinations. If and when that router comes back online, it resumes communications with the other routers and is again added to their tables. On an internetwork as large as the Internet, for which the IP routing system was designed, dynamic routing is essential, because it would be all but impossible for administrators to keep up with the constant changes occurring on the network.

Creating a Static Route

Creating static routes is a matter of using a utility supplied with the TCP/IP protocol to create (or delete) entries in the routing table. In most cases, the utility runs from the command line. UNIX systems use a program called route, and the Windows operating systems use a similar program called ROUTE.EXE. Both of these utilities use roughly the same syntax. The samples that follow are for the ROUTE.EXE program of Windows 2000. Stand-alone routers run their own proprietary software that uses a command set created by the manufacturer.

The syntax for ROUTE.EXE is as follows:

 ROUTE [-f] [-p] [command [destination] [MASK netmask] [gateway] [METRIC metric] [IF interface]] 

• -f  This parameter deletes all of the entries from the routing table. When used with the ADD command, it deletes the entire table before adding the new entry.
• -p  When used with the ADD command, this parameter creates a persistent route entry in the table. A persistent route is one that remains in the table permanently, even after the system is restarted. When –p is used with the PRINT command, the system displays only persistent routes.
• command  This variable contains a keyword that specifies the function of the command.
• destination  This variable specifies the network or host address of the table entry being managed.
• MASK netmask  The variable netmask specifies the subnet mask to be applied to the address specified by the destination variable.
• gateway  This variable specifies the address of the router that the system should use to reach the host or network specified by the destination variable.
• METRIC metric  The variable metric specifies a value that indicates the relative efficiency of the route in the table entry.
• IF interface  The variable interface specifies the address of the network interface adapter that the system should use to reach the router specified by the gateway variable.

ROUTE.EXE's command variable takes one of four values, which are as follows:

• PRINT.  This value displays the contents of the routing table. When used with the –p parameter, it displays only the persistent routes in the routing table.
• ADD.  This value creates a new entry in the routing table.
• DELETE.  This value deletes an existing entry from the routing table.
• CHANGE.  This value modifies the parameters of an entry in the routing table.

The ROUTE PRINT command displays the current contents of the routing table. To delete an entry, you use the ROUTE DELETE command with a destination parameter to identify the entry you want to remove. To create a new entry in the table, you use the ROUTE ADD command with parameters that specify the values for the entry. The ROUTE CHANGE command works in the same way, except that it modifies the table entry specified by the destination variable. The destination variable is the address of the network or host for which you are providing routing information. The other parameters contain the subnet mask, gateway, interface, and metric information, as described in Lesson 1 of this chapter. For example, using the network configuration shown in Figure 9.3, to create an entry that informs the Windows 2000 system labeled Router A of the existence of Router B on the same LAN, you would execute a ROUTE.EXE command like the following at the Router A system's command line:

 ROUTE ADD 192.168.5.0 MASK 255.255.255.0 192.168.2.7 IF 192.168.2.2 METRIC 1 

The functions of the ROUTE.EXE parameters in this particular command are as follows:

• ADD  Indicates that the program should create a new entry in the existing routing table
• 192.168.5.0  The address of the other network to which Router B provides access
• MASK 255.255.255.0  The subnet mask to be applied to the destination
  address, which in this case indicates that the address represents an unsubnetted Class C network
• 192.168.2.7  The address of the network interface adapter with which Router B is connected to the same network as Router A
• IF 192.168.2.2  The address of the network interface adapter in Router A that provides access to the network it shares with Router B
• METRIC 1  Indicates that the destination network is one hop away

This new routing table entry essentially tells Router A that when it has traffic to send to any computer on the network with the address 192.168.5.0, it should send the traffic to the router with the address 192.168.2.7, using the Router A network interface adapter with the address 192.168.2.2.

Figure 9.3  By adding a static route to the routing table in the Router A system,
Router A can forward packets to Router B

Routing and Remote Access

In addition to their normal routing capabilities, Windows 2000 Server and Windows NT Server 4.0 can use an additional service called the Routing and Remote Access Service (RRAS), which expands their routing capabilities. RRAS is provided with the Windows 2000 Server operating system and is available as free add-on for Windows NT Server 4.0. Among other things, Routing and Remote Access provides support for the RIP version 2 and OSPF routing protocols, ICMP router discovery, demand dialing, and the Point-to-Point Tunneling Protocol (PPTP) for virtual private network (VPN) connections, all in a single service with a graphical interface (see Figure 9.4). With Routing and Remote Access, you can view the server's routing table as well as those of other systems running the service, and you can create static routes using a standard Windows dialog box rather than the command line.

Figure 9.4  The Windows 2000 Routing and Remote Access console

Dynamic Routing

A router only has direct knowledge of the networks to which it is connected. When a network has two or more routers connected to it, dynamic routing
enables each of the routers to know about the others and creates routing table entries that specify the networks to which the other routers are connected. For example, as seen in Figure 9.5, Router A can have direct knowledge of Router B from routing protocol broadcasts, because both are connected to the same network. Router B has knowledge of Router A for the same reason, but it also has knowledge of Router C, because Router C is on another network to which Router B is connected. Router A has no direct knowledge of Router C, because they are in different broadcast domains, but by using a dynamic routing protocol, Router B can share its knowledge of Router C with Router A, enabling A to add C to its routing table. By sharing the information in their routing tables using a routing protocol, routers obtain information about distant networks and can route packets more efficiently as a result.

Figure 9.5  Dynamic routing enables routers to share their routing tables and disseminate their routing information throughout the network

There are many different routing protocols in the TCP/IP suite. On a private internet-work, a single routing protocol like RIP is usually sufficient to keep all of the routers updated with the latest network information. On the Internet, however, routers use various protocols, depending on their place in the network hierarchy. Routing protocols are generally divided into two categories: interior gateway protocols (IGPs) and exterior gateway protocols (EGPs). On the Internet, a collection of networks that fall within the same administrative domain is called an autonomous system (AS). The routers within an autonomous system all communicate using an IGP selected by the administrators, and EGPs are used for communications between autonomous systems, as shown in Figure 9.6.

Figure 9.6  Interior gateway protocols are used for communications between routers within an autonomous system, and exterior gateway protocols are used for communications between routers in different autonomous systems

The following sections examine some of the most common routing protocols.

RIP

The Routing Information Protocol (RIP) is the most commonly used IGP in the TCP/IP suite and on networks around the world. Originally designed for UNIX systems in the form of a daemon called routed (pronounced route-dee), RIP was eventually ported to many other platforms and standardized in Request for Comments (RFC) 1058 by the Internet Engineering Task Force (IETF). Some years later, RIP was updated to a version 2, which was published as RFC 2453.

Most RIP exchanges are based on two message types, requests and replies, both of which are packaged in User Datagram Protocol (UDP) packets addressed to the IANA-assigned well-known port number 520. When a RIP router starts, it generates a RIP request and transmits it as a broadcast over all of its network interfaces. On receiving the broadcast, every other router on either network that supports RIP generates a reply message that contains its routing table information. A reply message can contain up to 25 routes, each of which is 20 bytes long, as shown in Figure 9.7. If the routing table contains more than 25 entries, the router generates multiple reply messages until it has transmitted the entire table. When it receives the replies, the router integrates the information in them into its own routing table.

Figure 9.7  A RIP version 1 route

The metric value included with each table entry determines the efficiency of the route based on the number of hops required to reach the destination. When routers receive routing table entries from other routers using RIP, they increment the value of the metric for each route to reflect the additional hop required to reach the destination. The maximum value for a metric in a RIP message is 15. Rout-ing that uses metrics based on the number of hops to the destination is called distance vector routing.

After their initial exchange of RIP messages, routers transmit updates every 30 seconds to ensure that all of the other routers on the networks to which they are connected have current information. If a RIP-supplied routing table entry is not refreshed every 3 minutes, the router assumes that the entry is no longer viable, increases its metric to 16 (an illegal value), and eventually removes it from the table completely.

The frequent retransmission of routing data is the main reason that RIP is criticized. The protocol generates a large amount of redundant broadcast traffic. In addition, the message format does not support the inclusion of a subnet mask for each route. Instead, RIP applies the subnet mask of the interface over which it receives each route, which may not always be accurate. RIP version 2 is designed to address these problems.

The primary difference between RIP 1 and RIP 2 is the format of the routes included in the reply messages. The RIP 2 message is no larger than that of RIP 1, but it utilizes the unused fields from RIP 1 to include additional information about each route. The format of a RIP version 2 route is shown in Figure 9.8.

The functions of the RIP version 2 route fields are as follows:

• Address Family Identifier (2 bytes).  This field contains a code that identifies the protocol for which routing information is being provided. The code for IP is 2. (RIP supports other protocols besides IP.)
• Route Tag (2 bytes).  This field contains an autonomous system number that enables RIP to communicate with exterior gateway protocols.
• IP Address (4 bytes).  This field specifies the address of the network or host for which routing information is being provided.
• Subnet Mask (4 bytes).  This field contains the subnet mask that the router should apply to the IP Address value.
• Next Hop IP Address (4 bytes).  This field specifies the address of the gateway that the router should use to forward traffic to the network or host specified in the IP Address field.
• Metric (4 bytes).  This field contains a value that specifies the relative efficiency of the route.

Figure 9.8  A RIP version 2 route

The other main difference between RIP version 1 and RIP version 2 is that the latter supports the use of multicast transmissions. A multicast address is a single address that represents a group of computers. By using a multicast address that represents all of the routers on the network instead of broadcasts, the amount of extraneous traffic processed by the other computers is greatly reduced.

OSPF

Judging routes by the number of hops required to reach a destination is not always very efficient. A hop can refer to anything from a Gigabit Ethernet connection to a dial-up line, so it is entirely possible for traffic moving over a route with a smaller number of hops to take longer than one with more hops. There is another type of routing called link-state routing that measures the actual properties of each connection and stores the information in a database that is shared among the routers on the network. The most common IGP that uses this method is the Open Shortest Path First (OSPF) protocol, as defined in RFC 2328. OSPF has many other advantages over RIP as well, including the ability to update routing tables more quickly when changes occur on the network (called convergence), the ability to balance the network load by splitting traffic between routes with equal metrics, and authentication of routing protocol messages.

Exercise 1: Static and Dynamic Routing

Specify whether each of the following terms is associated with static routing, dynamic routing, both, or neither.

1. Routed
2. Default gateway
3. Convergence
4. ROUTE.EXE
5. Link-state routing
6. Routing and Remote Access
7. Distance vector routing
8. ROUTE ADD
9. Autonomous system
10. Metric

Lesson Review

1. Which of the following is not a dynamic routing protocol?
   1. OSPF
   2. RIP
   3. ICMP
   4. EGP
2. What is the name for the use of metrics based on the number of hops between a source and a destination?
   1. Distance vector routing
   2. Loose source routing
   3. Link-state routing
   4. OSPF routing
3. What is the primary difference between OSPF and RIP?
4. Which of the following fields is not included in a RIP version 1 route?
   1. Metric
   2. Subnet mask
   3. IP address
   4. Address Family Identifier
5. What is the primary criticism leveled at RIP?
6. What is the name of the process of updating routing tables to reflect changes in the network?
   1. Divergence
   2. Link-state routing
   3. Minimal routing
   4. Convergence
7. On a Windows system, what command do you use to display the contents of the routing table?
8. The Next Hop IP Address in a RIP version 2 route ends up in which column of a Windows routing table?
   1. Network Destination
   2. Netmask
   3. Gateway
   4. Interface

Lesson Summary

• Information gets into the routing table in two ways: using either static routing, which is the manual creation and maintenance of table entries, or dynamic routing, which uses specialized routing protocols to update the table.
• The Windows 2000 ROUTE.EXE and other such programs provide direct access to the routing table, usually from the command line. Administrators can use these tools to display, add, delete, and change routing table entries.
• Dynamic routing enables routers to share the information in their tables with the other routers on the network.
• RIP is the most common routing protocol used today; it relies predominantly on broadcast transmissions to share routing table information and uses the number of hops to the destination as its metric.
• OSPF is a more advanced routing protocol that uses link-state routing, which measures the actual efficiency of a route rather than simply counting the number of hops.