Routers are an increasingly common sight in any network environment, from a small home office that uses one to connect to an Internet service provider (ISP) to a corporate IT environment where racks of routers manage data communication with disparate remote sites. Routers make internetworking possible, and in view of this, they warrant detailed attention.
Routers are network devices that literally route data around the network. By examining data as it arrives, the router can determine the destination address for the data; then, by using tables of defined routes, the router determines the best way for the data to continue its journey. Unlike bridges and switches, which use the hardware-configured MAC address to determine the destination of the data, routers use the software-configured network address to make decisions. This approach makes routers more functional than bridges or switches, and it also makes them more complex because they have to work harder to determine the information. Figure 3.12 shows basically how a router functions.
Figure 3.12 The basic function of a router.
The basic requirement for a router is that it must have at least two network interfaces. If they are LAN interfaces, the router can manage and route the information between two LAN segments. More commonly, a router is used to provide connectivity across wide area network (WAN) links. Figure 3.13 shows a router with two LAN ports (marked AUI 0 and AUI 1) and two WAN ports (marked Serial 0 and Serial 1). This router is capable of routing data between two LAN segments and two WAN segments.
Figure 3.13 A router with two LAN ports and two WAN ports.
Routable Protocols and Routing Protocols
Routers rely on two types of network protocols to make the routing magic happen: routable protocols and routing protocols. We’ll examine them separately in the next sections.
Large internetworks need protocols that allow systems to be identified by the address of the network to which they are attached and by an address that uniquely identifies them on that network. Network protocols that provide both of these features are said to be routable. Three routable LAN network protocols are used today:
Transmission Control Protocol/Internet Protocol (TCP/IP)—TCP/IP was developed in the 1970s by the Department of Defense, which needed a protocol to use on its WAN. TCP/IP’s flexibility, durability, and functionality meant that it soon became the WAN protocol of choice and also became the standard for LANs. Today, most networks use TCP/IP in some fashion, even if the main LAN protocol is something other than TCP/IP. TCP/IP is a huge topic, and anyone in networking must understand it. The Network+ exam dedicates an entire exam objective to it. Chapter 6, "Working with TCP/IP," provides complete coverage of TCP/IP.
Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)—Created by Novell for use on NetWare networks, IPX/SPX is a routable protocol that was popular for many years. Today, even Novell acknowledges that TCP/IP is the network protocol of choice and so has moved away from IPX/SPX and toward a pure TCP/IP environment. In fact, the last few versions of Novell NetWare have used TCP/IP as the default protocol and allowed IPX/SPX to be enabled if needed.
AppleTalk—AppleTalk is a full-featured protocol designed to be used with the Macintosh computer systems. AppleTalk has been around since the early 1980s and widely deployed in Apple networks. Like TCP/IP and IPX/SPX, AppleTalk is a protocol suite. Within the suite, the Routing Table Maintenance Protocol (RTMP) provides routing functionality. RTMP is a distance-vector routing protocol similar to the RIP, which is used by IPX/SPX and TCP/IP.
TCP/IP is a protocol suite comprised of numerous individual protocols. Within TCP/IP, the two routing protocols used are the Routing Information Protocol (RIP) and Open Shortest Path First (OSPF). RIP is a distance-vector routing protocol, and OSPF is a link-state routing protocol.
Like TCP/IP, IPX/SPX is also a protocol suite. Within IPX/SPX, the NetWare Link State Protocol (NLSP) and the Routing Information Protocol (RIP) manage routing. RIP uses a distance-vector route-discovery method, which calculates routes based on the number of hops. NLSP uses a link-state route discovery method to build routing tables.
Some routers are capable of routing more than one protocol at a time, a feature known as multiprotocol routing. Multiprotocol routing brings with it a number of considerations, not the least of which is the fact that a multiprotocol router may have to work considerably harder than a router working with only a single protocol. This is the case not only because there is more than one protocol but because there may also be multiple routing protocols.
Routing protocols are the means by which routers communicate with each other. This communication is necessary so that routers can learn the network topology and changes that occur in it.
The two types of routing protocols are distance-vector and link-state protocols. Each has a different strategy for dealing with router-to-router communication.
With distance-vector routing protocols, each router communicates all the routes it knows about to all other routers to which it is directly attached (that is, its neighbors). Because each router in the network knows only about the routers to which it is attached, it doesn’t know how to complete the entire journey; instead, it only knows how to make the next hop. Hops are the means by which distance-vector routing protocols determine the shortest way to reach a given destination. Each router constitutes one hop; so if a router is four hops away from another router, there are three routers, or hops, between itself and the destination. Distance-vector protocols can also use a time value known as a tick, which enables the router to make a decision about which path is quickest if given the choice of more than one (a common situation on networks with redundant links).
The frequency with which routers send route updates depends on the routing protocol being used, but it is usually between 10 and 60 seconds. At each update, the entire routing table of the sender is sent to the other connected routers. When the other routers receive the information, they check it against the existing information; if there are any changes, they alter their routing tables accordingly.
This constant update cycle is one of the problems of distance-vector routing protocols because it can lead to large amounts of network traffic. Furthermore, after the initial learning period, the updates should (hopefully) be irrelevant—the chances of the network topology changing every 30 seconds or so are slim, and if you do have such a network, some troubleshooting may be in order.
When a change does occur on the network, it may take some time for all the routers to learn of the change. The process of each router learning about the change and updating its routing tables is known as convergence. In a small network, convergence might not take long; but in larger networks, those with, say, more than 20 routers, it might take some time to complete. Rather than cause the routers to wait for the updates, you can configure triggered updates, which are sent when a topology change is detected. Using triggered updates can significantly improve the convergence speed of distance-vector–based networks.
You can also use hold-down timers to improve convergence. A hold-down timer prevents a router from trying to make too many changes too quickly. When a router receives a change about a route, it makes the change and then applies a hold-down timer to the change. The hold-down timer prevents further changes from being made to that route within the defined time period. Hold-down timers are particularly useful when an unreliable router keeps going on and off the network. If hold-down timers are not applied, updates to the routing tables on routers would continually be changing, and the network might never converge.
In some configurations, distance-vector routing protocols can lead to routing loops. Routing loops occur when a router tells another router about a route that it heard about from the same router. For example, consider the router layout in Figure 3.14. If Router C becomes unable to access Router D through Network 1, it removes the route from its table and sends the update to Router B; Router B removes the route. But if Router B receives an update from Router A before it sends an update to Router A, the route is reinstated because according to Router A, it can still access Network 1. Now Router B begins to send anything destined for Network 1 back to Router A, which duly sends it back to Router B, and so on, thus creating a routing loop. Each time the route is added to the table, the hop count for the route increases—a problem known as the count to infinity.
Figure 3.14 How routing loops occur.
You can use two strategies to prevent routing loops when using distance-vector routing protocols:
Split horizon—The split horizon algorithm addresses the problem of routing loops by not advertising routes back on the interface from which they are learned. In other words, using Figure 3.14 as an example, Router C would not advertise back to Router B any route that it learned from Router B. Basically, Router C figures that, because it learned about the route from Router B, Router B must be nearer to the destination than it is.
Split horizon with poison reverse—With this strategy, also known simply as poison reverse, routers do advertise routes back on the interfaces from which they were learned, but they do so with a hop count of infinity. The value used for infinity (which seems like an impossible situation) depends on the routing protocol being used. Again using the example from Figure 3.14, Router C would advertise to Router B the routes it learned from Router B, but it would also add the infinite hop count. In other words, Router C would say, "I know about Router A, but I can’t reach it myself." This way, Router B would never try to add the route to Router A through Router C, because according to Router C, it can’t reach Router A.
The most popular distance-vector routing protocols are both called Routing Information Protocol (RIP). The distance-vector routing protocol for TCP/IP is called RIP, as is the one for IPX/SPX. To set the two apart, the IPX version is often called IPX RIP.
A router that uses a link-state protocol differs from a router that uses a distance-vector protocol because it builds a map of the entire network and then holds that map in memory. On a network that uses a link-state protocol, routers send out link-state advertisements (LSAs) that contain information about what networks they are connected to. The LSAs are sent to every router on the network, thus enabling the routers to build their network maps.
When the network maps on each router are complete, the routers update each other at a given time, just like with a distance-vector protocol, but the updates occur much less frequently with link-state protocols than with distance-vector protocols. The only other circumstance under which updates are sent is if a change in the topology is detected, at which point the routers use LSAs to detect the change and update their routing tables. This mechanism, combined with the fact that routers hold maps of the entire network, makes convergence on a link-state–based network occur very quickly.
Although it might seem like link-state protocols are an obvious choice over distance-vector protocols, routers on a link-state–based network require more powerful hardware and more RAM than those on a distance-vector–based network. Not only do the routing tables have to be calculated, but they must also be stored. A router that uses distance-vector protocols need only maintain a small database of the routes accessible by the routers to which it is directly connected. A router that uses link-state protocols must maintain a database of the routers in the entire network.
Two of the most popular link-state routing protocols are Open Shortest Path First (OSPF) and NetWare Link State Protocol (A.K.A NetWare Link Services Protocol) (NLSP). The former is used on TCP/IP networks, and the latter is used on networks that use IPX/SPX.
Dedicated Hardware Versus Server-Based Routers
A router can be either a dedicated hardware device or a server system that has at least two network interfaces installed in it. All common network operating systems offer the capability to act as routers as part of their functionality.
Dedicated hardware routers offer greater performance levels than server-based solutions, but they have the disadvantage of offering a limited range of features for their cost. However, the attraction of a dedicated hardware device often outweighs this factor.
The following are some of the advantages of dedicated hardware routers:
Typically faster than server-based routers
Generally more reliable than server-based routers
Easier to harden against attacks than server-based routing solutions
The following are some of the disadvantages of dedicated hardware routers:
More expensive than server-based router solutions; extra functionality may have to be purchased
Often require specialized skills and knowledge to manage them
Limited to a small range of possible uses
The capabilities of a router depend on the features it has. A basic router may route only one protocol between two network interfaces of the same type. A more advanced router may act as a gateway between two networks and two protocols. In addition, it may offer firewall services, security and authentication, or remote access functionality such as virtual private networking.
The topic of routing is complex, and the routing information provided in this chapter is the most basic of tutorials. Although we’ve told you what you need to know for the exam, if you’re working with routers on a daily basis, you will want to seek out further sources of information—and there is no shortage of such sources (including the Cisco Press and Exam Cram titles you’ll find at http://www.informit.com).