Routing Decisions (1.2)
This section explains how routers use information in data packets to make forwarding decisions in a small to medium-sized business network.
Switching Packets Between Networks (1.2.1)
This topic explains the encapsulation and de-encapsulation process that routers use when switching packets between interfaces.
Router Switching Function (1.2.1.1)
A primary function of a router is to forward packets toward their destination. This is accomplished by using a switching function, which is the process used by a router to accept a packet on one interface and forward it out another interface. A key responsibility of the switching function is to encapsulate packets in the appropriate data link frame type for the outgoing data link.
After the router has determined the exit interface using the path determination function, the router must encapsulate the packet into the data link frame of the outgoing interface.
What does a router do with a packet received from one network and destined for another network? Refer to Figure 1-23.
Figure 1-23 Encapsulating and De-Encapsulating Packets
The router performs the following three major steps:
Step 1. De-encapsulates the Layer 2 frame header and trailer to expose the Layer 3 packet.
Step 2. Examines the destination IP address of the IP packet to find the best path in the routing table.
Step 3. If the router finds a path to the destination, it encapsulates the Layer 3 packet into a new Layer 2 frame and forwards the frame out the exit interface.
As shown in Figure 1-23, devices have Layer 3 IPv4 addresses, and Ethernet interfaces have Layer 2 data link addresses. For example, PC1 is configured with IPv4 address 192.168.1.10 and an example MAC address of 0A-10. As a packet travels from the source device to the final destination device, the Layer 3 IP addresses do not change. However, the Layer 2 data link addresses change at every hop as the packet is de-encapsulated and re-encapsulated in a new Layer 2 frame by each router.
It is common for packets to require encapsulation into a different type of Layer 2 frame than the one in which it was received. For example, a router might receive an Ethernet encapsulated frame on a FastEthernet interface and then process that frame to be forwarded out of a serial interface.
Notice in Figure 1-23 that the ports between R2 and R3 do not have associated MAC addresses. This is because it is a serial link. MAC addresses are only required on Ethernet multiaccess networks. A serial link is a point-to-point connection and uses a different Layer 2 frame that does not require the use of a MAC address. In this example, when Ethernet frames are received on R2 from the Fa0/0 interface, destined for PC2, they are de-encapsulated and then re-encapsulated for the serial interface, such as a PPP encapsulated frame. When R3 receives the PPP frame, it is de-encapsulated again and then re-encapsulated into an Ethernet frame with a destination MAC address of 0B-20, prior to being forwarded out the Fa0/0 interface.
Send a Packet (1.2.1.2)
In Figure 1-24, PC1 is sending a packet to PC2. PC1 must determine if the destination IPv4 address is on the same network. PC1 determines its own subnet by doing an AND operation on its own IPv4 address and subnet mask. This produces the network address that PC1 belongs to. Next, PC1 does this same AND operation using the packet destination IPv4 address and the PC1 subnet mask.
Figure 1-24 PC1 Sends a Packet to PC2
If the destination network address is the same network as PC1, then PC1 does not use the default gateway. Instead, PC1 refers to its Address Resolution Protocol (ARP) cache for the MAC address of the device with that destination IPv4 address. If the MAC address is not in the cache, then PC1 generates an ARP request to acquire the address to complete the packet and send it to the destination. If the destination network address is on a different network, then PC1 forwards the packet to its default gateway.
To determine the MAC address of the default gateway, PC1 checks its ARP table for the IPv4 address of the default gateway and its associated MAC address.
If an ARP entry does not exist in the ARP table for the default gateway, PC1 sends an ARP request. Router R1 sends back an ARP reply. PC1 can then forward the packet to the MAC address of the default gateway, the Fa0/0 interface of router R1.
A similar process is used for IPv6 packets. However, instead of the ARP process, IPv6 address resolution uses ICMPv6 Neighbor Solicitation and Neighbor Advertisement messages. IPv6-to-MAC address mappings are kept in a table similar to the ARP cache, called the neighbor cache.
Forward to the Next Hop (1.2.1.3)
Figure 1-25 shows the processes that take place when R1 receives the Ethernet frame from PC1.
Figure 1-25 R1 Looks Up Route to Destination
R1 examines the destination MAC address, which matches the MAC address of the receiving interface on R1, FastEthernet 0/0. R1, therefore, copies the frame into its buffer.
R1 identifies the Ethernet Type field as 0 × 800, which means that the Ethernet frame contains an IPv4 packet in the data portion of the frame.
R1 de-encapsulates the Ethernet frame to examine the Layer 3 information.
Because the destination IPv4 address of the packet does not match any of the directly connected networks of R1, R1 consults its routing table to route this packet. R1 searches the routing table for a network address that would include the destination IPv4 address of the packet as a host address within that network. In this example, the routing table has a route for the 192.168.4.0/24 network. The destination IPv4 address of the packet is 192.168.4.10, which is a host IPv4 address on that network.
The route that R1 finds to the 192.168.4.0/24 network has a next-hop IPv4 address of 192.168.2.2 and an exit interface of FastEthernet 0/1. This means that the IPv4 packet is encapsulated in a new Ethernet frame with the destination MAC address of the IPv4 address of the next-hop router.
Figure 1-26 show the processes that take place when R1 forwards the packet to R2.
Figure 1-26 R1 Forwards Packet to R2
Because the exit interface is on an Ethernet network, R1 must resolve the next-hop IPv4 address with a destination MAC address using ARP:
R1 looks up the next-hop IPv4 address of 192.168.2.2 in its ARP cache. If the entry is not in the ARP cache, R1 would send an ARP request out of its FastEthernet 0/1 interface and R2 would return an ARP reply. R1 would then update its ARP cache with an entry for 192.168.2.2 and the associated MAC address.
The IPv4 packet is now encapsulated into a new Ethernet frame and forwarded out the FastEthernet 0/1 interface of R1.
Packet Routing (1.2.1.4)
Figure 1-27 shows the processes that take place when R2 receives the frame on its Fa0/0 interface.
Figure 1-27 R2 Looks Up Route to Destination
R2 examines the destination MAC address, which matches the MAC address of the receiving interface, FastEthernet 0/0. R2, therefore, copies the frame into its buffer.
R2 identifies the Ethernet Type field as 0 × 800, which means that the Ethernet frame contains an IPv4 packet in the data portion of the frame.
R2 de-encapsulates the Ethernet frame.
Figure 1-28 shows the processes that take place when R2 forwards the packet to R3.
Figure 1-28 R2 Forwards Packet to R3
Because the destination IPv4 address of the packet does not match any of the interface addresses of R2, R2 consults its routing table to route this packet. R2 searches the routing table for the destination IPv4 address of the packet using the same process R1 used.
The IPv4 packet is now encapsulated into a new data link frame and sent out the Serial 0/0/0 exit interface.
The routing table of R2 has a route to the 192.168.4.0/24 network, with a next-hop IPv4 address of 192.168.3.2 and an exit interface of Serial 0/0/0. Because the exit interface is not an Ethernet network, R2 does not have to resolve the next-hop IPv4 address with a destination MAC address.
When the interface is a point-to-point (P2P) serial connection, the router encapsulates the IPv4 packet into the proper data link frame format used by the exit interface (HDLC, PPP, and so on). Because there are no MAC addresses on serial interfaces, R2 sets the data link destination address to an equivalent of a broadcast.
Reach the Destination (1.2.1.5)
The following processes take place when the frame arrives at R3:
R3 copies the data link PPP frame into its buffer.
R3 de-encapsulates the data link PPP frame.
R3 searches the routing table for the destination IPv4 address of the packet. The routing table has a route to a directly connected network on R3. This means that the packet can be sent directly to the destination device and does not need to be sent to another router.
Figure 1-29 shows the processes that take place when R3 forwards the packet to PC2.
Figure 1-29 R3 Forwards Packet to PC2
Because the exit interface is a directly connected Ethernet network, R3 must resolve the destination IPv4 address of the packet with a destination MAC address:
R3 searches for the destination IPv4 address of the packet in its ARP cache. If the entry is not in the ARP cache, R3 sends an ARP request out of its FastEthernet 0/0 interface. PC2 sends back an ARP reply with its MAC address. R3 then updates its ARP cache with an entry for 192.168.4.10 and the MAC address that is returned in the ARP reply.
The IPv4 packet is encapsulated into a new Ethernet data link frame and sent out the FastEthernet 0/0 interface of R3.
When PC2 receives the frame, it examines the destination MAC address, which matches the MAC address of the receiving interface, its Ethernet network interface card (NIC). PC2, therefore, copies the rest of the frame into its buffer.
PC2 identifies the Ethernet Type field as 0 × 800, which means that the Ethernet frame contains an IPv4 packet in the data portion of the frame.
PC2 de-encapsulates the Ethernet frame and passes the IPv4 packet to the IPv4 process of its operating system.
Path Determination (1.2.2)
A router refers to its routing table when making best path decisions. In this topic, we will examine the path determination function of a router.
Routing Decisions (1.2.2.1)
A primary function of a router is to determine the best path to use to send packets. To determine the best path, the router searches its routing table for a network address that matches the destination IP address of the packet.
The routing table search results in one of three path determinations:
Directly connected network—If the destination IP address of the packet belongs to a device on a network that is directly connected to one of the interfaces of the router, that packet is forwarded directly to the destination device. This means that the destination IP address of the packet is a host address on the same network as the interface of the router.
Remote network—If the destination IP address of the packet belongs to a remote network, then the packet is forwarded to another router. Remote networks can only be reached by forwarding packets to another router.
No route determined—If the destination IP address of the packet does not belong to either a connected or a remote network, the router determines if there is a Gateway of Last Resort available. A Gateway of Last Resort is set when a default route is configured or learned on a router. If there is a default route, the packet is forwarded to the Gateway of Last Resort. If the router does not have a default route, then the packet is discarded.
The logic flowchart in Figure 1-30 illustrates the router packet-forwarding decision process.
Figure 1-30 Packet-Forwarding Decision Process
Best Path (1.2.2.2)
Determining the best path involves the evaluation of multiple paths to the same destination network and selecting the optimum or shortest path to reach that network. Whenever multiple paths to the same network exist, each path uses a different exit interface on the router to reach that network.
The best path is selected by a routing protocol based on the value or metric it uses to determine the distance to reach a network. A metric is the quantitative value used to measure the distance to a given network. The best path to a network is the path with the lowest metric.
Dynamic routing protocols typically use their own rules and metrics to build and update routing tables. The routing algorithm generates a value, or a metric, for each path through the network. Metrics can be based on either a single characteristic or several characteristics of a path. Some routing protocols can base route selection on multiple metrics, combining them into a single metric.
The following lists some dynamic protocols and the metrics they use:
Routing Information Protocol (RIP)—Hop count
Open Shortest Path First (OSPF)—Cisco’s cost based on cumulative bandwidth from source to destination
Enhanced Interior Gateway Routing Protocol (EIGRP)—Bandwidth, delay, load, reliability
Figure 1-31 highlights how the path may be different depending on the metric being used.
Figure 1-31 Hop Count Versus Bandwidth as a Metric
Load Balancing (1.2.2.3)
What happens if a routing table has two or more paths with identical metrics to the same destination network?
When a router has two or more paths to a destination with equal cost metrics, then the router forwards the packets using both paths equally. This is called equal cost load balancing. The routing table contains the single destination network but has multiple exit interfaces, one for each equal cost path. The router forwards packets using the multiple exit interfaces listed in the routing table.
If configured correctly, load balancing can increase the effectiveness and performance of the network. Equal cost load balancing can be configured to use both dynamic routing protocols and static routes.
Figure 1-32 provides an example of equal cost load balancing.
Figure 1-32 Equal Cost Load Balancing
Administrative Distance (1.2.2.4)
It is possible for a router to be configured with multiple routing protocols and static routes. If this occurs, the routing table may have more than one route source for the same destination network. For example, if both RIP and EIGRP are configured on a router, both routing protocols may learn of the same destination network. However, each routing protocol may decide on a different path to reach the destination based on the metrics of that routing protocol. RIP chooses a path based on hop count, whereas EIGRP chooses a path based on its composite metric. How does the router know which route to use?
Cisco IOS uses what is known as the administrative distance (AD) to determine the route to install into the IP routing table. The AD represents the “trustworthiness” of the route; the lower the AD, the more trustworthy the route source. For example, a static route has an AD of 1, whereas an EIGRP-discovered route has an AD of 90. Given two separate routes to the same destination, the router chooses the route with the lowest AD. When a router has the choice of a static route and an EIGRP route, the static route takes precedence. Similarly, a directly connected route with an AD of 0 takes precedence over a static route with an AD of 1.
Table 1-4 lists various routing protocols and their associated ADs.
Table 1-4 Default Administrative Distances
Route Source |
Administrative Distance |
Connected |
0 |
Static |
1 |
EIGRP summary route |
5 |
External BGP |
20 |
Internal EIGRP |
90 |
IGRP |
100 |
OSPF |
110 |
IS-IS |
115 |
RIP |
120 |
External EIGRP |
170 |
Internal BGP |
200 |