(Fuente: How to master CCNA All contents copyright C 2002-2013 by René Molenaar.)
IP Routing
First of all…what is a router or what is routing exactly? A switch «switches» and a router «routes» but what does this exactly mean?
We have seen switches and you have learned that they «switch» based on MAC address information. The only concern for our switch is to know when an Ethernet frame enters one of its interfaces where it should send this Ethernet frame by looking at the destination MAC address. Switches make decisions based on Data Link layer information (layer 2).
Routers have a similar task but this time we are going to look at IP packets and as you might recall IP is on the Network layer (layer 3). Routers look at the destination IP
address in an IP packet and send it out the correct interface.
Maybe you are thinking…what is the big difference here? Why don‟t we use MAC addresses everywhere and switch? Why do we need to look at IP addresses and route? Both MAC addresses and IP addresses are unique per network device. Good question and I‟m going to show you a picture to answer this:
We have two switches and to each switch are 200 computers connected. Now if all 400 computers want to communicate with each switch has to learn 400 MAC addresses. The need to know the MAC addresses of the computers on the left and right side.
Now think about a really large network…for example the Internet. There are millions of devices! Would it be possible to have millions of entries in your MAC-address table? For each device on the Internet? No way!
The problem with switching is that it‟s not scalable; we don‟t have any hierarchy just flat 48-bit MAC addresses. Let‟s look at the same example but now we are using routers.
What we have here is our 200 computers on the left are connected to router A and in the
192.168.1.0 /24 network. Router B has 200 computers behind it and the network we use over there is 192.168.2.0 /24.
Routers «route» based on IP information, in our example Router A only has to know that network 192.168.2.0 /24 is behind Router B. Router B only needs to know that the 192.168.1.0 /24 network is behind Router A.
Are you following me here? Instead of having a MAC-address-table with 400 MAC addresses we now only need a single entry on each router for each other‟s networks.
Switches use mac address tables to forward Ethernet frames and routers use a routing
table to learn where to forward IP packets to.
As soon as you take a brand new router out of the box It will build a routing table but the only information you‟ll find are the directly connected interfaces.
Let‟s start with a simple example:
Above we have one router and two computers:
-
ComputerA has IP address 192.168.1.1 and has configured IP address
192.168.1.254 as its default gateway.
-
ComputerB has IP address 192.168.2.2 and has configured IP address
192.168.2.254 as its default gateway.
-
On our router we have configured IP address 192.168.1.254 on interface
FastEthernet 0/0 and IP address 192.168.2.254 on interface FastEthernet 1/0.
-
Since we also configured a subnet mask with the IP addresses our router knows the network addresses and will store these in its routing table.
Whenever ComputerA wants to send something to ComputerB this will happen:
-
ComputerA sends an IP packet with destination IP address 192.168.2.2.
-
ComputerA checks its own IP address and subnet mask and concludes that 192.168.2.2 is in another subnet. As a result it will forward the IP packet to its default gateway.
-
The router receives the IP packet, checks the destination IP address and scans the routing table. IP address 192.168.2.2 matches the 192.168.2.0 /24 entry and the router will forward the IP packet out if its FastEthernet 1/0 interface.
-
ComputerB receives the IP packet and life is good!
Are you following me so far? Let‟s configure this scenario on a real router to see what it looks like.
First I‟ll show you the configuration of the computers:
| C:\Documents and Settings\ComputerA>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 192.168.1.1 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 |
| C:\Documents and Settings\ComputerB>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 192.168.2.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.2.254 |
Above you see the IP addresses and the default gateways. Let‟s configure our router:
Router(config)#interface fastEthernet 0/0
Router(config-if)#no shutdown
Router(config-if)#ip address 192.168.1.254 255.255.255.0
Router(config-if)#exit
Router(config)#interface FastEthernet 1/0
Router(config-if)#no shutdown
Router(config-if)#ip address 192.168.2.254 255.255.255.0
I will configure the IP addresses on the interfaces, that‟s it. Now we can check the routing table:
| R1#show ip route Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2 E1 – OSPF external type 1, E2 – OSPF external type 2 i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level ia – IS-IS inter area, * – candidate default, U – per-user static o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
C 192.168.1.0/24 is directly connected, FastEthernet0/0 C 192.168.2.0/24 is directly connected, FastEthernet1/0 |
As you can see the router knows about both directly connected networks.
Let‟s see if we can ping from ComputerA to ComputerB:
| C:\Users\ComputerA>ping 192.168.2.2 Pinging 192.168.2.2 with 32 bytes of data: Reply from 192.168.2.2: bytes=32 time<1ms TTL=128 Reply from 192.168.2.2: bytes=32 time<1ms TTL=128 Reply from 192.168.2.2: bytes=32 time<1ms TTL=128 Reply from 192.168.2.2: bytes=32 time<1ms TTL=128
Ping statistics for 192.168.2.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms |
Excellent the ping is working! We just successfully routed our first IP packet
Be aware that when you try to ping from one Windows computer to another that
your firewall might be blocking ICMP traffic…
If you are reaching some server on the Internet you are going through a lot of routers to reach your destination. If you want you can see through which routers your IP packets are traveling in order to reach the destination. You can do this with traceroute. This is what it looks like if I want to reach
www.cisco.com
from my computer:
| C:\Users\Computer>tracert www.cisco.com Tracing route to e144.dscb.akamaiedge.net [95.100.128.170] over a maximum of 30 hops:
Trace complete. |
Above you can see that I travel through 10 routers in order to reach
www.cisco.com. You‟ll see the IP addresses of the routers and my computer also did a hostname lookup so you‟ll see the router names. Traceroute uses the ICMP protocol.
Traceroute can also be used on Cisco routers. Just type the traceroute command
and the IP address you want to reach.
Many pages ago when we talked about VLANs I explained to you how computers in different VLANs are able to communicate with each other. We can do this with a router on a stick but back then I didn‟t show you the configuration because we didn‟t talk about routers yet.
Now you know how a router works, let‟s take a look at the configuration. Here‟s the picture:
On the switch we have VLAN 10 and VLAN 20 and there‟s only a single cable between the router and switch. The router needs access to both VLANs so the link between the router and switch will be a trunk!
You can pick any number that you like but I decided to use the VLAN numbers, one sub- interface for VLAN 10 and another for VLAN 20.
Here‟s what the configuration looks like on the router:
| R1(config)#interface fastEthernet 0/0 |
R1(config-if)#no shutdown R1(config-if)#exit
R1(config)#interface fastEthernet 0/0.10
R1(config-subif)#encapsulation dot1Q 10
R1(config-subif)#ip address 192.168.10.254 255.255.255.0
R1(config-subif)#exit
R1(config)#interface fastEthernet 0/0.20
R1(config-subif)#encapsulation dot1Q 20
R1(config-subif)#ip address 192.168.20.254 255.255.255.0
Above you can see my two sub-interfaces and the IP addresses that I assigned to them. IP address 192.168.10.254 will be the default gateway for computers in VLAN 10 and 192.168.20.254 for computers in VLAN 20.
One important command is the encapsulation dot1Q. There is no way for our router to know which VLAN belongs to which sub-interface so we have to use this command. Fa0/0.10 will belong to VLAN 10 and Fa0/0.20 to VLAN 20. Let‟s check the routing table:
| R1#show ip route |
| Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP |
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2 E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level ia – IS-IS inter area, * – candidate default, U – per-user static o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
C 192.168.10.0/24 is directly connected, FastEthernet0/0.10
C 192.168.20.0/24 is directly connected, FastEthernet0/0.20
You can see both sub-interfaces in the routing table. This allows the router to route between the two VLANs.
Now let‟s move on to another routing scenario. This time we have two routers:
We have two routers called router Spade and router Hearts. If we look at their routing table this is what you will find:
Router Spade has two interfaces, FastEthernet 0/0 and FastEthernet 1/0 . Network 1.1.1.0 /24 has been configured on FastEthernet 0/0 and 192.168.12.0 /24 is configured on FastEthernet 1/0.
Router Hearts also has two interfaces, FastEthernet 0/0 and FastEthernet 1/0. Network 2.2.2.0 /24 has been configured on FastEthernet 0/0 and 192.168.12.0 /24 has been configured on FastEthernet 1/0.
One of the differences between routers and switches is that we configure an unique IP address on each interface that the router has.
Both routers have this routing table with only their directly connected interfaces. You can see that they stored this information in their routing table.
Now the trick is that router Spade wants to know about the 2.2.2.0 /24 network behind router Hearts. Router Hearts wants to know about the 1.1.1.0 /24 network behind router Spade. This information has to make it into the routing table somehow.
Now the big question is…how do router Spade and router Hearts know that there is a network behind each other? There are 2 ways how they can learn this information:
- Static Routing
- Dynamic Routing
If you use static routing you will have to do everything by yourself. YOU tell the router where to send IP packets for a certain network, this might be entertaining but it‟s a lot of work. Dynamic routing means we use a routing protocol that will exchange network information between routers. Let‟s start with a configuration example of static routes on some real routers:
Look at the network in the picture above. We have a network with two sites, headquarters and a branch office.
The headquarters is connected to the Branch office. Behind the branch office is a network with the 2.2.2.0 /24 network. We want to make sure that the headquarters can reach the
2.2.2.0 /24 network.
Let me show you how we configure this network using a static route:
Headquarters>enable
Headquarters#configure terminal
First I‟ll go to enable mode and enter configuration mode.
Headquarters(config)#interface FastEthernet 0/0
Headquarters(config-if)#no shutdown
Headquarters(config-if)#ip address 192.168.12.1 255.255.255.0
Branch>enable Branch#configure terminal
Branch(config)#interface fastEthernet0/0
Branch(config-if)#no shutdown
Branch(config-if)#ip address 192.168.12.2 255.255.255.0
Branch(config-if)#exit
Branch(config)#interface fastEthernet 1/0
Branch(config-if)#no shutdown
Branch(config-if)#ip address 2.2.2.2 255.255.255.0
Then I‟ll configure the IP addresses on the interfaces; don‟t forget to do a «no shutdown» on the interfaces.
Let‟s take a look at the routing tables of both routers:
| Headquarters#show ip route |
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2 i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, ia – IS-IS inter area, * – candidate default, o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, FastEthernet0/0
Branch#show ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2 i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, FastEthernet0/0
2.0.0.0/24 is subnetted, 1 subnets
C 2.2.2.0 is directly connected, FastEthernet1/0
Use the show ip route command to view the routing table. This is what a router uses to make decisions where to forward IP packets to. By default a router only knows its directly connected networks. We configured an IP address with a subnet mask on the interface so the router also knows the network address.
-
Router Headquarters knows about network 192.168.12.0/24.
-
Router Branch knows about network 192.168.12.0/24 and 2.2.2.0/24.
At this moment our Headquarters router has no idea how to reach network 2.2.2.0/24 because there is no entry in the routing table. What will happen when we try to reach it?
Let‟s check:
| Headquarters#ping 2.2.2.2 |
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds: ….. Success rate is 0 percent (0/5)
The ping will fail. This router checks its routing table, discovers that it doesn‟t know how to reach network 2.2.2.0 /24 and will drop the traffic.
Let‟s use a static route to tell router Headquarters how to reach this network!
Headquarters(config)#ip route 2.2.2.0 255.255.255.0 192.168.12.2
We use the ip route command to create a static route. Let me break it down for you:
-
2.2.2.0 is the network we want to reach.
-
255.255.255.0 is the subnet mask of the network.
-
192.168.12.2 is called the next hop IP address. It‟s the IP address where we want to send traffic to. In this example that‟s the branch router.
I‟m telling router Headquarters that it can reach network 2.2.2.0 /24 by sending traffic to IP address 192.168.12.2 (the Branch router).
Let‟s take another look at the routing table to see if anything has changed:
| Headquarters#show ip route |
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2 E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 -IS-IS inter area, * – candidate default, U – per-user static route o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, FastEthernet1/0
1.0.0.0/24 is subnetted, 1 subnets
C 1.2.3.0 is directly connected, FastEthernet0/0
2.0.0.0/24 is subnetted, 1 subnets
S 2.2.2.0 [1/0] via 192.168.12.2
We can now see an entry for network 2.2.2.0/24 in our routing table. Whenever router Headquarters has traffic for network 2.2.2.0 /24 it will send it to IP address 192.168.12.2 (router Branch). Let‟s see if our ping is now working:
Headquarters#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/12 ms
Bingo now it‟s working. Router Headquarters knows how to reach network 2.2.2.0 /24 because of our static route.
Are you following me so far? Whenever an IP packet arrives at a router it will check its routing table to see if it knows about the destination network. If it does it will forward the IP packet and if it has no idea where to send traffic it will drop the IP packet.
There is another situation where a static route might be useful, let me demonstrate another network:
In the picture above our Headquarters router is connected to an ISP (Internet Service Provider). There are many networks on the Internet so do we require all of those networks on the Internet in our routing table? The answer is no because we can use a default route, let me show you what it is:
Headquarters(config)#interface fastEthernet 1/0
Headquarters(config-if)#ip address 1.2.3.2 255.255.255.0
Headquarters(config-if)#no shutdown Headquarters(config-if)#exit
First we‟ll configure an IP address on the Fastethernet 1/0 of the headquarters router.
Headquarters#ping 1.2.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.2.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/12 ms
It‟s always a good idea to check connectivity. A quick ping to the ISP router proves that we can reach the ISP.
| Headquarters#show ip route |
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2 E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 -IS-IS inter area, * – candidate default, U – per-user static route o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
C 1.2.3.0 is directly connected, FastEthernet1/0
Right now the Headquarters router only knows how to reach network 1.2.3.0/24 because it‟s directly connected.
Let‟s configure a default route so that we can reach the Internet:
Headquarters(config)#ip route 0.0.0.0 0.0.0.0 1.2.3.1
Let me explain this one:
-
The first 0.0.0.0 is the network address; in this case it means all networks.
-
The second 0.0.0.0 is the subnet mask; all 0s means all subnet masks.
-
1.2.3.1 is the next hop IP address. In this case the IP address of the ISP router.
In other words, this static route will match all networks and that‟s why we call it a default route. When our router doesn‟t know where to deliver IP packets to, we‟ll throw it over the fence towards the ISP and it will be their job to deliver it…sounds good right?
Something important to know about routers is that they always will use the most specific
match in their routing table. Let me give you an example:
| Router#show ip route static |
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
S 192.168.1.0/24 [1/0] via 10.2.2.2
S 192.168.1.128/25 [1/0] via 10.3.3.2
S 192.168.0.0/16 [1/0] via 10.1.1.2
Imagine the router above receives an IP packet with destination IP address 192.168.1.140. Will it send the IP packet towards 10.2.2.2, 10.3.3.2 or 10.1.1.2?
All 3 entries in the routing table match this destination IP address but in this case 192.168.1.128 /25 is the most specific entry. The IP packets will be forwarded to 10.3.3.2.
Cisco Paso a Paso 