Viewed times.





Home

Inside MCSE
   For MCPs Only
   For MCSEs Only
   An Evaluation
   Skills Assessment
   NT Faq
 MCSE Guide
    NT 4 Integration
   Storage Strategy
   TCP/IP
   Unix to NT
 News
   Free News
 Cricket
   The World Cup '99
   Ceat Cricket Rating
 Have A Laugh
   Laugh Page
 Free World
   Free Software
   Free Emails
   Free Web Pages
   Miscellaneous
The X World
   The Zodiac
   Today's Horoscope
   The X Files
   The UFO
 Lets Talk
    My ICQ Status
   Email me
   Guest Book


The author is  
a member of
The HTML Writers Guild
Get Microsoft Internet Explorer

CLICK HERE TO SEARCH THE WEB!

Introduction | Protocol Architecture | Core Protocols |
Application Interfaces | IP Addressing | Address Classes |
Subnets & subnet Masks | Subnetting | Var Length Subnetting |
Supernetting | Host Name Resolution | NetBIOS Name Resolution |
IP Routing | Physical Add Resolution | Multicasting-White Paper | RFC

Previous | Next

IP Routing

Once the host name or NetBIOS name is resolved to an IP address, the IP packet must be sent by the sending host to the resolved IP address. Routing is the process of forwarding a packet based on the destination IP address. Routing occurs at a sending TCP/IP host and at an IP router. A router is a device which forwards the packets from one network to another. Routers are also commonly referred to as gateways. In both cases, sending host and router, a decision has to be made about where the packet is forwarded.

To make these decisions, the IP layer consults a routing table that is stored in memory. Routing table entries are created by default when TCP/IP initializes and additional entries are added either manually by a system administrator, or automatically through communication with routers.

Direct and Indirect Delivery

Forwarded IP packets use at least one of two types of delivery based on whether the IP packet is forwarded to the final destination or whether it is forwarded to an IP router. These two types of delivery are known as direct and indirect delivery.

Direct delivery occurs when the IP node (either the sending node or an IP router) forwards a packet to the final destination on a directly attached network. The IP node encapsulates the IP datagram in a frame format for the Network Interface Layer (such as Ethernet or Token Ring) addressed to the destination's physical address.

Indirect delivery occurs when the IP node (either the sending node or an IP router) forwards a packet to an intermediate node (an IP router) because the final destination is not on a directly attached network. The IP node encapsulates the IP datagram in a frame format, addressed to the IP router's physical address, for the Network Interface Layer (such as Ethernet or Token Ring).

IP routing is a combination of direct and indirect deliveries.

In the example in Figure 14, when sending packets to node B, node A will perform a direct delivery. When sending packets to node C, node A will perform an indirect delivery to Router 1. Router 1 will perform an indirect delivery to Router 2. Router 2 will perform a direct delivery to node C.

Figure 14 Direct and indirect deliveries

The IP Routing Table

A routing table is present on all IP nodes. The routing table stores information about IP networks and how they can be reached (either directly or indirectly). Since all IP nodes perform some form of IP routing, routing tables are not exclusive to IP routers. Any node loading the TCP/IP protocol will have a routing table. There are a series of default entries according to the configuration of the node and additional entries can be entered either manually through TCP/IP utilities or dynamically through interaction with routers.

When an IP packet is to be forwarded, the routing table is used to determine:

1. The forwarding IP address:

For a direct delivery, the forwarding IP address is the destination IP address in the IP packet. For an indirect delivery, the forwarding IP address is the IP address of a router.

2. The interface to be used for the forwarding:

The interface identifies the physical or logical interface such as a network interface card that will be used to forward the packet to either its destination or the next router.

IP Routing Table Entry Types

An entry in the IP routing table contains the following information:

[Network ID, Subnet Mask, Next Hop, Interface, Metric]

  • Network ID. The network ID corresponding to the route. The Network ID can be class-based, a subnet, a supernet, or an IP address for a host route. In the Windows NT IP routing table, this is the Network Address column.
  • Subnet Mask. The subnet mask is used to match a destination IP address to the Network ID. In the Windows NT IP routing table, this is the Netmask column.
  • Next Hop. The IP address of the next hop. In the Windows NT IP routing table, this is the Gateway Address column.
  • interface. An indication of which network interface will be used to forward the IP packet.
  • Metric. A number used to indicate the cost of the route so the best route among possible multiple routes to the same destination can be selected. A common use of the metric is to indicate the number of hops (routers crossed) to the Network ID. The route with the lowest metric is the best route.

Routing table entries can be used to store the following types of routes:

  • Directly Attached Network IDs. Routes for network IDs that are directly attached. For directly attached networks, the Next Hop field may be blank or contain the IP address of the interface on that network.
  • Remote Network IDs. Routes for network IDs that are not directly attached but are available across other routers. For remote networks, the Next Hop field is the IP address of a local router in between the forwarding node and the remote network.
  • Host Routes. A route to a specific IP address. Host routes allow routing to occur on a per-IP address basis. For host routes, the Network ID is the IP address of the specified host and the subnet mask is 255.255.255.255.
  • Default Route. The default route is designed to be used when a more specific Network ID or host route is not found. The default route network ID is 0.0.0.0 with the subnet mask of 0.0.0.0.

The Route Determination Process

To determine which the routing table entry will be used for the forwarding decision, the following process is used:

  1. For each entry in routing table, perform a bit-wise logical AND between the Destination IP address and the Subnet Mask. Compare the result with the Network ID of the entry for a match.
  2. The list of matching routes is compiled. The route that has the longest match (the route that matched the most amount of bits with the destination IP address) is chosen. The longest matching route is the most specific route to the destination IP address. If multiple entries with the longest match are found (multiple routes to the same network ID, for example), the router uses the lowest metric to select the best route. If multiple entries exist that are the longest match and the lowest metric, the router is free to choose which routing table entry to use.

The result of the route determination process is the choice of a single route in the routing table. The route chosen yields a forwarding IP address (the next hop IP address) and an interface (the port). If the route determination process fails to find a route, IP declares a routing error. For the sending host, an IP routing error is internally indicated to the upper layer protocol such as TCP or UDP. For a router, an ICMP Destination Unreachable-Network Unreachable message is sent to the source host.

Example Routing Table for Windows NT

Table 28 shows the default routing table for a Windows NT 4.0 host (not a router). The host has a single network interface card and has the IP address 157.55.27.90, subnet mask 255.255.240.0 (/20), and default gateway of 157.55.16.1.

Table 28 The Windows NT routing table

  

Network Address

Netmask

Gateway Address

Interface

Metric

Purpose

0.0.0.0

0.0.0.0

157.55.16.1

157.55.27.90

1

Default Route

127.0.0.0

255.0.0.0

127.0.0.1

127.0.0.1

1

Loopback Network

157.55.16.0

255.255.240.0

157.55.27.90

157.55.27.90

1

Directly Attached Network

157.55.27.90

255.255.255.255

127.0.0.1

127.0.0.1

1

Local Host

157.55.255.255

255.255.255.255

157.55.27.90

157.55.27.90

1

Network Broadcast

224.0.0.0

224.0.0.0

157.55.27.90

157.55.27.90

1

Multicast Address

255.255.255.255

255.255.255.255

157.55.27.90

157.55.27.90

1

Limited Broadcast

  • Default Route. The entry corresponding to the default gateway configuration is a Network Address of 0.0.0.0 with a subnet mask of 0.0.0.0. Any destination IP address ANDed with 0.0.0.0 will result in 0.0.0.0. Therefore, for any IP address, the default route will produce a match. If the default route is chosen because no better routes were found, the IP packet will be forwarded to the IP address in the Gateway column using the interface corresponding to the IP address in the Interface column.
  • Loopback Network. The loopback network entry is designed to take any IP address of the form 127.x.y.z and forward it to the special loopback address of 127.0.0.1.
  • Directly Attached Network. The local network entry corresponds to the directly attached network. IP packets destined for the directly attached network are not forwarded to a router but sent directly to the destination. Note that the Gateway Address and Interface column are the IP address of the node. This indicates that the packet will be sent out the network interface card corresponding to the node's IP address.
  • Local Host. The local host entry is a host route (subnet mask of 255.255.255.255) corresponding to the IP address of the host. All IP datagrams to the IP address of the host are forwarded to the loopback address.
  • Network Broadcast. The network broadcast entry is a host route (subnet mask of 255.255.255.255) corresponding to the all-subnets directed broadcast address (all subnets of class B network ID 157.55.0.0). Packets addressed to the all-subnets directed broadcast will be sent out the network interface card corresponding to the node's IP address.
  • Multicast Address. The multicast address, with its class D subnet mask, is used to route any multicast IP packets out the network interface card corresponding to the node's IP address.
  • Limited Broadcast. The limited broadcast address is a host route (subnet mask of 255.255.255.255). Packets addressed to the limited broadcast are sent out the network interface card corresponding to the node's IP address.

To view the IP routing table on a Windows NT-based computer - type route print at a Windows NT command prompt.

When determining the forwarding IP address from a route in the routing table:

  • If the Gateway address is the same as the interface address, the forwarding IP address is set to the destination IP address of the IP packet.
  • If the Gateway address is not the same as the interface address, the forwarding IP address is set to the gateway address.

For example, when traffic is sent to 157.55.16.48, the most specific route is the route for the directly attached network (157.55.16.0/20). The forwarding IP address is set to destination IP address (157.55.16.48) and the interface is the network interface card which has been assigned the IP address 157.55.27.90.

When sending traffic to 157.20.0.79, the most specific route is the default route (0.0.0.0/0). The forwarding IP address is set to the gateway address (157.20.16.1) and the interface is the network interface card which has been assigned the IP address 157.55.27.90.

Routing Processes

In this section, we examine the details of the IP routing processes on all nodes involved in the delivery of an IP packet: the sending host, the intermediate routers, and the destination host.

IP on the Sending Host

When a packet is sent by a sending host, the packet is handed from an upper layer protocol (TCP, UDP, or ICMP) to IP. IP on the sending host does the following:

1. Sets the Time-to-Live (TTL) value to either a default or application-specified value.

2. IP checks its routing table for the best route to the destination IP address.
  • If no route is found, IP indicates a routing error to the upper layer protocol (TCP, UDP, or ICMP).

3. Based on the most specific route, IP determines the forwarding IP address and the interface to be used for forwarding the packet.

4. IP hands the packet, the forwarding IP address, and the interface to ARP, and ARP resolves the forwarding IP address to its MAC address and forwards the packet.

IP on the Router

When a packet is received at a router, the packet is passed up to IP. IP on the router does the following:

1. IP verifies the IP header checksum.

  • If the IP header checksum fails, the IP packet is discarded without notification to the user. This is known as a silent discard.

2. IP verifies whether the destination IP address in the IP datagram corresponds to an IP address assigned to a router interface.

  • If so, the router processes the IP datagram as the destination host (see Step3 in the "IP on the Destination Host" section).

3. If the destination IP address is not the router, IP decreases the TTL by 1.

  • If the TTL is 0, the router discards the packet and sends an ICMP Time Expired-TTL Expired message to the sender.

4. If the TTL is 1 or greater, IP updates the TTL field and calculates a new IP header checksum.

5. IP checks its routing table for the best route to the destination IP address in the IP datagram.
  • If no route is found, the router discards the packet and sends an ICMP Destination Unreachable-Network Unreachable message to the sender.

6. Based on the best route found, IP determines the forwarding IP address and the interface to be used for the forwarding.

7. IP hands the packet, the forwarding IP address, and the interface to ARP, and ARP forwards the packet to the appropriate MAC address.

This entire process is repeated at each router in the path between the source and destination host.

IP on the Destination Host

When a packet is received at the destination host, it is passed up to IP. IP on the destination host does the following:

1. IP verifies the IP header checksum.

  • If the IP header checksum fails, the IP packet is silently discarded.

2. IP verifies that the destination IP address in the IP datagram corresponds to an IP address assigned to the host.

  • If the destination IP address is not the host, the IP packet is silently discarded.

3. Based on the IP protocol field, IP passes the IP datagram without the IP header to the appropriate upper-level protocol.

  • If the protocol does not exist, ICMP sends a Destination Unreachable-Protocol Unreachable message back to the sender.

4. For TCP and UDP packets, the destination port is checked and TCP segment or UDP header is processed.
  • If no application exists for the UDP port number, ICMP sends a Destination Unreachable-Port Unreachable message back to the sender. If no application exists for the TCP port number, TCP sends a Connection Reset segment back to the sender.

Static and Dynamic IP Routers

In order for IP routing between routers to occur efficiently in the IP internetwork, routers must have explicit knowledge of remote network IDs or be properly configured with a default route. On large IP internetworks, one of the challenges faced by network administrators is how to maintain the routing tables on their IP routers so that IP traffic flow is traveling the best path and is fault-tolerant.

There are two ways of maintaining routing table entries on IP routers:

  • Manually—Static IP routers have routing tables that do not change unless manually changed by a network administrator.

Static routing relies on the manual administration of the routing table. Remote network IDs are not discovered by static routers and must be manually configured. Static routers are not fault tolerant. If a static router goes down, neighboring routers do not sense the fault and inform other routers.
  • Automatically—Dynamic IP routers have routing tables that change automatically based on the communication of routing information with other routers. Dynamic routing employs the use of routing protocols, such as Routing Information Protocol (RIP) and Open Shortest Path First (OSPF), to dynamically update the routing table through the exchange of routing information between routers. Remote network IDs are discovered by dynamic routers and automatically entered into the routing table. Dynamic routers are fault-tolerant. If a dynamic router goes down, the fault is sensed by neighboring routers who propagate the changed routing information to the other routers in the internetwork.

Go to Top of Page

The MCP Logo is displayed on this web site in accordance with Microsoft Certified Professional Program and Logo Agreement. © Paramvir Likhari 1997 - 1999

Nedstat Counter