Linux Networking Routing

Routing

  • A router enables machines on a network to communicate with each other as well as other networks.
  • As packets move across networks, they travel in hops, a hop is how we roughly measure the distance that the packet must travel to get from the source to the destination.
  • Understanding the basic difference between Switching, Routing & Flooding?
    • Packet SWITCHING is basically receiving, processing and forwarding data to the destination device.
    • ROUTING is a process of creating the routing table, so that we can do SWITCHING better.
    • Before routing, FLOODING was used. If a router don’t know which way to send a packet than every incoming packet is sent through every outgoing link except the one it arrived on.

Routing table

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.224.2   0.0.0.0         UG    0      0        0 eth0
192.168.224.0   0.0.0.0         255.255.255.0   U
  • If I was 192.168.224.5 and wanted to get to 192.168.224.7, I would just use the network interface eth0 directly.
  • 0.0.0.0 this means that no address is specified or it’s unknown. So if for example, I wanted to send a packet to IP address 151.123.43.6, our routing table doesn’t know where that goes, so it denotes it as 0.0.0.0 and therefore routes our packet to the Gateway.
  • gateway If we are sending a packet that is not on the same network, it will be sent to this Gateway address. Which is aptly named as being a Gateway to another network.
  • genmask This is the subnet mask, used to figure out what IP addresses match what destination.
  • Flags
    • UG Network is Up and is a Gateway
    • U Network is Up
  • iface This is the interface that our packet will be going out of, eth0 usually stands for the first Ethernet device on your system.

Let’s look at how a packet travels within its local network

  • First the local machine will compare the destination IP address to see if it’s in the same subnet by looking at its subnet mask.
  • When packets are sent they need to have a source MAC address, destination MAC address, source IP address and destination IP address, at this point we do not know the destination MAC address.
  • To get to the destination host, we use ARP to broadcast a request on the local network to find the MAC address of the destination host.
  • Now the packet can be successfully sent!

Let’s see how a packet travels outside its network

  • First the local machine will compare the destination IP address, since its outside of our network, it does not see the MAC address of the destination host. And we can’t use ARP because the ARP request is a broadcast to locally connected hosts.
  • So our packet now looks at the routing table, it doesn’t know the address of the destination IP, so it sends it out to the default gateway (another router). So now our packet contains our source IP, destination IP and source MAC, however we don’t have a destination MAC. Remember MAC addresses are only reached through the same network. So what does it do? It sends an ARP request to get the MAC address of the default gateway.
  • The router looks at the packet and confirms the destination MAC address, but it’s not the final destination IP address, so it keeps looking at the routing table to forward the packet to another IP address that can help the packet move along to its destination. Everytime the packet moves, it strips the old source and destination MAC address and updates the packet with the new source and destination MAC addresses.
  • Once the packet gets forwarded to the same network, we use ARP to find the final destination MAC address
  • During this process, our packet doesn’t change the source or destination IP address.

Routing Protocols

Routing protocols are used to help our system adapt to network changes, it learns of different routes, builds them in the routing table and then routes our packets through that way.

  1. distance vector protocols
  2. link state protocols
  3. Border Gateway Protocol

Convergence

When using routing protocols, routers communicate with other routers to collect and exchange information about the network. When they agree on how a network should look, every routing table maps out the complete topology of the network, thus “converging”. When something occurs in the network topology, the convergence will temporarily break until all routers are aware of this change.

1. Distance Vector Protocols

Distance vector protocols determine the path of other networks using the hop count a packet takes across the network. If network A was 3 hops away and network B was next to network A, then we assume it must be 4 hops away. In distance vector protocols, the next route would be the one with the least amount of hops.

Distance vector protocols are great for small networks, when networks start to scale it takes longer for the routers to converge because it periodically sends the entire routing table out to every router. Another downside to distance vector protocols is efficiency, it chooses routes that are closer in hops, but it may not always choose the most efficient route.

One of the common distance vector protocols is RIP (Routing Information Protocol), it broadcasts the routing table to every router in the network every 30 seconds. For a large network, this can take some serious juice to pull off, because of that RIP limits it’s hop count to 15.

Link state protocols are great for large scale networks, they are more complex than distance vector protocols, however a large upside is their ability to converge quickly, this is because instead of periodically sending out the whole routing table, they only send updates to neighboring routes. They use a different algorithm to calculate the shortest path first and construct their network topology in the form of a graph to show which routers are connected to other routers.

One of the common link state protocols is OSPF (Open Shortest Path First), it only updates the routing tables if there was a network change. It doesn’t have a hop limit.

3. Border Gateway Protocol

  • It’s used to collect and exchange routing information among autonomous systems.
  • Think of an autonomous system as an Internet service provider, a company, university, any organization, etc.
  • Without BGP, these systems would not know how to talk to each other, they would just be siloed off. Instead of routing inside these autonomous systems, BGP routes between them.
Add a new route
$ route add -net 192.168.2.1/23 gw 10.11.12.3
$ ip route add 192.168.2.1/23 via 10.11.12.3

Delete a route

$ route del -net 192.168.2.1/23
$ ip route delete 192.168.2.1/23 via 10.11.12.3
$ ip route delete 192.168.2.1/23