TCP/IP Learning Notes (5) – IP Routing

Static IP Routing

A Simple Routing Table

Routing is one of the most important functions at the IP layer. The previous sections have briefly discussed how routers select routes based on the IP addresses of IP packets. We will not repeat that here. First, let’s take a look at a simple system routing table.

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.11.0    *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
default         192.168.11.1    0.0.0.0         UG    0      0        0 eth0

For a given router, five different flags can be printed.

1. U indicates that the route is usable.

2. G indicates that the route is to a gateway. If this flag is absent, it means that the destination is directly connected, and the corresponding gateway should directly provide the destination’s address.

3. H indicates that the route is to a host. If this flag is absent, it means that the destination is a network, in other words, the destination should be written as a combination of a network number and a subnet number, excluding the host number (the host number is 0), for example, 192.168.11.0.

4. D indicates that the route was created for redirect messages.

5. M indicates that the route has been modified by a redirect message.

U doesn’t need much explanation, G indicates that this is a gateway; if you want to send data to the destination, the IP header should write the destination’s IP address, while the data link layer’s MAC address should be that of the gateway; conversely, if there is no G flag, then the data link layer and IP layer addresses should correspond. H describes the nature of the destination; if it is H, it indicates that the address is a complete address, having both network and host numbers, so when matching, both the network number and the host number must match; conversely, the destination represents a network, and when matching, only the network number needs to be matched.

Thus, the method of IP routing can be made more specific. As follows:

1. First, match the destination IP addresses with the H flag.

2. If 1 fails, match the network addresses.

3. If 2 fails, send to the default gateway.

By the way, the GenMask (remember the subnet mask?) specifies the subnet number of the destination address; for example, the subnet of the first entry is 11.

Other Knowledge About Routing Tables

Generally, when we configure a network interface, a route is created automatically. Of course, we can also manually add routes using the route add command.

When an IP packet arrives at a router and finds no route available, the router will send an “ICMP Host Unreachable” or “ICMP Network Unreachable” message to the source host to report the error.

Note that most operating systems do not have routing functionality by default; this needs to be configured manually. The historical reasons for this will not be elaborated here.

ICMP IP Redirect and Routing Discovery Messages

When an IP packet is redirected at a certain location, an ICMP redirect message is sent back to the source host of the IP packet, allowing the source host to use this information to update its routing table. Thus, as network communications increase, the routing table becomes more complete, and the speed of data forwarding increases. We need to note that:

1. Redirect messages can only be sent by routers.

2. Redirect messages are used by hosts, not by routers.

When a host boots, it typically sends an ICMP routing request message as a broadcast within the network, and multiple routers will respond with a routing advertisement message. Moreover, routers periodically publish routing advertisement messages in the network, allowing each host to have the opportunity to establish its routing table for network communication based on these messages. A router can advertise multiple addresses in a single advertisement message and provide a priority level for each address, which indicates the level of the IP as the default route, though we won’t delve into how this is calculated.

Routers generally publish an advertisement every 450-600 seconds, and the lifetime of a given advertisement message is 30 minutes. Meanwhile, hosts send requests every three seconds upon booting, and once they receive a valid advertisement message, they stop sending request messages.

At the time of writing TCP/IP Illustrated, only Solaris 2.x supported these two types of messages, while most systems still do not support them (we will discuss some useful routing messages later).

Dynamic Routing Protocols

The routing methods mentioned above are called static routing, which can be briefly described as generating routing table entries in a default manner when configuring interfaces. Entries can be added through route or updated via ICMP messages (usually in case of errors in the default method). If the above three methods do not meet the needs, we use dynamic routing.

Dynamic routing protocols are crucial components for dynamic routing, but they are only used for communication between routers, specifically between adjacent routers. The system (routing selection program) selects the most suitable routes to place in the core routing table, allowing the system to find the most appropriate network based on this core routing table. In other words, dynamic routing occurs outside the system’s core network; it only influences the routing table with some routing strategies without affecting the final selection of routes through the routing table. A major category of routing protocols is called Interior Gateway Protocols (IGP), with RIP being one of the most important protocols within IGP. A new IGP protocol called Open Shortest Path First (OSPF) aims to replace RIP. Another IGP protocol, HELLO, which was initially used in backbone networks, is now obsolete.

Today, any router that supports dynamic routing must support both OSPF and RIP, with the option to support other IGP protocols.

Unix Routing Programs

Unix systems typically have a routing daemon called routed. There is also one called gate. Gate supports more protocols than routed; routed only supports RIP version 1, while gate supports RIP v1, v2, BGP v1, etc.

RIP: Routing Information Protocol

Its definition can be found in RFC 1058; this protocol uses UDP as its carrier (i.e., it is the upper-layer protocol of UDP). What we are most concerned about is a segment of RIP called the metric segment, which counts hops (the number of routes traversed) as a metric (there is also a TTL in the IP protocol, isn’t there?). This metric segment ultimately affects the establishment of the routing table.

Generally speaking, routed is responsible for the following tasks:

1. Send RIP request messages to each known router, asking other routers to provide their complete routing tables. The command field of this message is 1, the address field is 0, and the metric field is 16 (equivalent to infinity).

2. Accept requests; if the previously mentioned request is received, the complete routing table will be provided to the requester. If not, the IP request table will be processed, adding the number of hops for the parts known, and adding 16 for the parts not known. Then, it will be sent to the requester.

3. Accept responses and update its routing table using the rule of fewer hops.

4. Periodically update the routing table, generally every 30 seconds (quite frequent) by notifying adjacent routers of its routing table. This can be done in a broadcast manner.

This protocol seems to work well, but there are many hidden concerns, such as RIP lacking the concept of subnets and the danger of loops. Additionally, the upper limit on hop count restricts the network size.

As a result, many alternatives to RIP v1 have emerged, such as RIP v2 and OSPF. They all influence the routing table through certain strategies, so we won’t go into detail.