CCNA6-1

Routing Basics
329
Routing Basics
Once you create an internetwork by connecting your WANs and LANs to a router, you’ll need
to configure logical network addresses, such as IP addresses, to all hosts on the internetwork
so that they can communicate across that internetwork.
The term
routing
is used for taking a packet from one device and sending it through the
network to another device on a different network. Routers don’t really care about hosts—
they only care about networks and the best path to each network. The logical network
address of the destination host is used to get packets to a network through a routed network,
and then the hardware address of the host is used to deliver the packet from a router
to the correct destination host.
If your network has no routers, then it should be apparent that you are not routing. Routers
route traffic to all the networks in your internetwork. To be able to route packets, a router
must know, at a minimum, the following:

Destination address

Neighbor routers from which it can learn about remote networks

Possible routes to all remote networks

The best route to each remote network

How to maintain and verify routing information
The router learns about remote networks from neighbor routers or from an administrator.
The router then builds a routing table (a map of the internetwork) that describes how to find
the remote networks. If a network is directly connected, then the router already knows how
to get to it.
If a network isn’t directly connected to the router, the router must use one of two ways to
learn how to get to the remote network: static routing, meaning that someone must hand-type
all network locations into the routing table, or something called dynamic routing.
In
dynamic routing
, a protocol on one router communicates with the same protocol
running on neighbor routers. The routers then update each other about all the networks
they know about and place this information into the routing table. If a change occurs in
the network, the dynamic routing protocols automatically inform all routers about the
event. If
static routing
is used, the administrator is responsible for updating all changes by
hand into all routers. Typically, in a large network, a combination of both dynamic and
static routing is used.
Before we jump into the IP routing process, let’s take a look at a simple example that demonstrates
how a router uses the routing table to route packets out of an interface. We’ll be
going into a more detailed study of the process in the next section.
Figure 6.1 shows a simple two-router network. Lab_A has one serial interface and three
LAN interfaces.
Looking at Figure 6.1, can you see which interface Lab_A will use to forward an IP datagram
to a host with an IP address of 10.10.10.10?
330
Chapter 6 
IP Routing
FIGURE 6 . 1
A simple routing example
By using the command
show ip route
, we can see the routing table (map of the internetwork)
that Lab_A uses to make forwarding decisions:
Lab_A#
sh ip route
[output cut]
Gateway of last resort is not set
C 10.10.10.0/24 is directly connected, FastEthernet0/0
C 10.10.20.0/24 is directly connected, FastEthernet0/1
C 10.10.30.0/24 is directly connected, FastEthernet0/2
C 10.10.40.0/24 is directly connected, Serial 0/0
The
C
in the routing table output means that the networks listed are “directly connected,” and
until we add a routing protocol—something like RIP, EIGRP, etc.—to the routers in our internetwork
(or use static routes), we’ll have only directly connected networks in our routing table.
So let’s get back to the original question: By looking at the figure and the output of the routing
table, can you tell what IP will do with a received packet that has a destination IP address of
10.10.10.10? The router will packet-switch the packet to interface FastEthernet 0/0, and this
interface will frame the packet and then send it out on the network segment.
Because we can, let’s do another example: Based on the output of the next routing table,
which interface will a packet with a destination address of 10.10.10.14 be forwarded from?
Lab_A#
sh ip route
[output cut]
Gateway of last resort is not set
C 10.10.10.16/28 is directly connected, FastEthernet0/0
S0/0
10.10.40.1/24
Fa0/1
10.10.20.1/24
Fa0/0
10.10.10.1/24
Fa0/2
10.10.30.1/24
Lab_A
The IP Routing Process
331
C 10.10.10.8/29 is directly connected, FastEthernet0/1
C 10.10.10.4/30 is directly connected, FastEthernet0/2
C 10.10.10.0/30 is directly connected, Serial 0/0
First, you can see that the network is subnetted and each interface has a different mask. And
I have to tell you—you just can’t answer this question if you can’t subnet! 10.10.10.14 would
be a host in the 10.10.10.8/29 subnet connected to the FastEthernet0/1 interface. Don’t freak
out if you don’t get it. Just go back and reread Chapter 3 if you’re struggling, and this should
make perfect sense to you afterward.
For everyone who’s ready to move on, let’s get into this process in more detail.
The IP Routing Process
The IP routing process is fairly simple and doesn’t change, regardless of the size of your network.
For an example, we’ll use Figure 6.2 to describe step-by-step what happens when Host_
A wants to communicate with Host_B on a different network.
FIGURE 6 . 2
IP routing example using two hosts and one router
In this example, a user on Host_A pings Host_B’s IP address. Routing doesn’t get simpler
than this, but it still involves a lot of steps. Let’s work through them:
1.
Internet Control Message Protocol (ICMP) creates an echo request payload (which is just
the alphabet in the data field).
2.
ICMP hands that payload to Internet Protocol (IP), which then creates a packet. At a minimum,
this packet contains an IP source address, an IP destination address, and a Protocol
field with 01h. (Remember that Cisco likes to use
0x
in front of hex characters, so this
could look like 0x01.) All of that tells the receiving host whom it should hand the payload
to when the destination is reached—in this example, ICMP.
3.
Once the packet is created, IP determines whether the destination IP address is on the local
network or a remote one.
4.
Since IP determines that this is a remote request, the packet needs to be sent to the default
gateway so the packet can be routed to the remote network. The Registry in Windows is
parsed to find the configured default gateway.
5.
The default gateway of host 172.16.10.2 (Host_A) is configured to 172.16.10.1. For this
packet to be sent to the default gateway, the hardware address of the router’s interface
Lab_A
Host_A
172.16.10.2
Host_B
172.16.20.2
E0
172.16.10.1
E1
172.16.20.1
332
Chapter 6 
IP Routing
Ethernet 0 (configured with the IP address of 172.16.10.1) must be known. Why? So the
packet can be handed down to the Data Link layer, framed, and sent to the router’s interface
that’s connected to the 172.16.10.0 network. Because hosts only communicate via
hardware addresses on the local LAN, it’s important to recognize that for Host_A to communicate
to Host_B, it has to send packets to the Media Access Control (MAC) address
of the default gateway on the local network.
MAC addresses are always local on the LAN and never go through and past
a router.
6.
Next, the Address Resolution Protocol (ARP) cache of the host is checked to see if the
IP address of the default gateway has already been resolved to a hardware address:

If it has, the packet is then free to be handed to the Data Link layer for framing. (The
hardware destination address is also handed down with that packet.) To view the ARP
cache on your host, use the following command:
C:\>
arp -a
Interface: 172.16.10.2 --- 0x3
Internet Address Physical Address Type
172.16.10.1 00-15-05-06-31-b0 dynamic

If the hardware address isn’t already in the ARP cache of the host, an ARP broadcast
is sent out onto the local network to search for the hardware address of 172.16.10.1.
The router responds to the request and provides the hardware address of Ethernet 0,
and the host caches this address.
7.
Once the packet and destination hardware address are handed to the Data Link layer, the
LAN driver is used to provide media access via the type of LAN being used (in this example,
Ethernet). A frame is then generated, encapsulating the packet with control information.
Within that frame are the hardware destination and source addresses plus, in this case, an
Ether-Type field that describes the Network layer protocol that handed the packet to the
Data Link layer—in this instance, IP. At the end of the frame is something called a Frame
Check Sequence (FCS) field that houses the result of the cyclic redundancy check (CRC).
The frame would look something like what I’ve detailed in Figure 6.3. It contains Host_A’s
hardware (MAC) address and the destination hardware address of the default gateway. It
does not include the remote host’s MAC address—remember that!
FIGURE 6 . 3
Frame used from Host_A to the Lab_A router when Host_B is pinged
Destination MAC
(routers E0 MAC address)
Source MAC
(Host_A MAC address)
Ether-Type
field
FCS
Packet (CRC)
The IP Routing Process
333
8.
Once the frame is completed, it’s handed down to the Physical layer to be put on the
physical medium (in this example, twisted-pair wire) one bit at a time.
9.
Every device in the collision domain receives these bits and builds the frame. They each
run a CRC and check the answer in the FCS field. If the answers don’t match, the frame
is discarded.

If the CRC matches, then the hardware destination address is checked to see if it
matches too (which, in this example, is the router’s interface Ethernet 0).

If it’s a match, then the Ether-Type field is checked to find the protocol used at the
Network layer.
10.
The packet is pulled from the frame, and what is left of the frame is discarded. The packet
is handed to the protocol listed in the Ether-Type field—it’s given to IP.
11.
IP receives the packet and checks the IP destination address. Since the packet’s destination
address doesn’t match any of the addresses configured on the receiving router itself, the
router will look up the destination IP network address in its routing table.
12.
The routing table must have an entry for the network 172.16.20.0 or the packet will be
discarded immediately and an ICMP message will be sent back to the originating device
with a destination network unreachable message.
13.
If the router does find an entry for the destination network in its table, the packet is switched
to the exit interface—in this example, interface Ethernet 1. The output below displays the
Lab_A router’s routing table. The
C
means “directly connected.” No routing protocols are
needed in this network since all networks (all two of them) are directly connected.
Lab_A>
sh ip route
Codes:C - connected,S - static,I - IGRP,R - RIP,M - mobile,B –
BGP, D - EIGRP,EX - EIGRP external,O - OSPF,IA - OSPF inter
area, N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external
type 2, E1 - OSPF external type 1, E2 - OSPF external type 2,
E – EGP,i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS intearea * - candidate default, U - per-user static
route, o – ODR P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
C 172.16.10.0 is directly connected, Ethernet0
C 172.16.20.0 is directly connected, Ethernet1
14.
The router packet-switches the packet to the Ethernet 1 buffer.
334
Chapter 6 
IP Routing
15. The Ethernet 1 buffer needs to know the hardware address of the destination host and
first checks the ARP cache.
 If the hardware address of Host_B has already been resolved and is in the router’s ARP
cache, then the packet and the hardware address are handed down to the Data Link
layer to be framed. Let’s take a look at the ARP cache on the Lab_A router by using
the show ip arp command:
Lab_A#sh ip arp
Protocol Address Age(min) Hardware Addr Type Interface
Internet 172.16.20.1 - 00d0.58ad.05f4 ARPA Ethernet0
Internet 172.16.20.2 3 0030.9492.a5dd ARPA Ethernet0
Internet 172.16.10.1 - 00d0.58ad.06aa ARPA Ethernet0
Internet 172.16.10.2 12 0030.9492.a4ac ARPA Ethernet0
The dash (-) means that this is the physical interface on the router. From the output above,
we can see that the router knows the 172.16.10.2 (Host_A) and 172.16.20.2 (Host_B)
hardware addresses. Cisco routers will keep an entry in the ARP table for 4 hours.
 If the hardware address has not already been resolved, the router sends an ARP request
out E1 looking for the hardware address of 172.16.20.2. Host_B responds with its
hardware address, and the packet and destination hardware address are both sent to
the Data Link layer for framing.
16. The Data Link layer creates a frame with the destination and source hardware address,
Ether-Type field, and FCS field at the end. The frame is handed to the Physical layer to be
sent out on the physical medium one bit at a time.
17. Host_B receives the frame and immediately runs a CRC. If the result matches what’s
in the FCS field, the hardware destination address is then checked. If the host finds a
match, the Ether-Type field is then checked to determine the protocol that the packet
should be handed to at the Network layer—IP in this example.
18. At the Network layer, IP receives the packet and checks the IP destination address. Since
there’s finally a match made, the Protocol field is checked to find out whom the payload
should be given to.
19. The payload is handed to ICMP, which understands that this is an echo request. ICMP
responds to this by immediately discarding the packet and generating a new payload as an
echo reply.
20. A packet is then created including the source and destination addresses, Protocol field,
and payload. The destination device is now Host_A.
21. IP then checks to see whether the destination IP address is a device on the local LAN or
on a remote network. Since the destination device is on a remote network, the packet
needs to be sent to the default gateway.
22. The default gateway IP address is found in the Registry of the Windows device, and the ARP
cache is checked to see if the hardware address has already been resolved from an IP address.
23. Once the hardware address of the default gateway is found, the packet and destination
hardware addresses are handed down to the Data Link layer for framing.
The IP Routing Process 335
24. The Data Link layer frames the packet of information and includes the following in
the header:
 The destination and source hardware addresses
 The Ether-Type field with 0x0800 (IP) in it
 The FCS field with the CRC result in tow
25. The frame is now handed down to the Physical layer to be sent out over the network
medium one bit at a time.
26. The router’s Ethernet 1 interface receives the bits and builds a frame. The CRC is run, and
the FCS field is checked to make sure the answers match.
27. Once the CRC is found to be okay, the hardware destination address is checked. Since the
router’s interface is a match, the packet is pulled from the frame and the Ether-Type field
is checked to see what protocol at the Network layer the packet should be delivered to.
28. The protocol is determined to be IP, so it gets the packet. IP runs a CRC check on the
IP header first and then checks the destination IP address.
IP does not run a complete CRC as the Data Link layer does—it only checks the
header for errors.
Since the IP destination address doesn’t match any of the router’s interfaces, the routing
table is checked to see whether it has a route to 172.16.10.0. If it doesn’t have a route over
to the destination network, the packet will be discarded immediately. (This is the source
point of confusion for a lot of administrators—when a ping fails, most people think the
packet never reached the destination host. But as we see here, that’s not always the case.
All it takes is for just one of the remote routers to be lacking a route back to the originating
host’s network and—poof!—the packet is dropped on the return trip, not on its way to
the host.)
Just a quick note to mention that when (if) the packet is lost on the way back
to the originating host, you will typically see a “request timed out” message
because it is an unknown error. If the error occurs because of a known issue,
such as if a route is not in the routing table on the way to the destination
device, you will see a destination unreachable message. This should help
you determine if the problem occurred on the way to the destination or on
the way back.
29. In this case, the router does know how to get to network 172.16.10.0—the exit interface
is Ethernet 0—so the packet is switched to interface Ethernet 0.
30. The router checks the ARP cache to determine whether the hardware address for 172.16.10.2
has already been resolved.
336 Chapter 6  IP Routing
31. Since the hardware address to 172.16.10.2 is already cached from the originating trip to
Host_B, the hardware address and packet are handed to the Data Link layer.
32. The Data Link layer builds a frame with the destination hardware address and source
hardware address and then puts IP in the Ether-Type field. A CRC is run on the frame and
the result is placed in the FCS field.
33. The frame is then handed to the Physical layer to be sent out onto the local network one
bit at a time.
34. The destination host receives the frame, runs a CRC, checks the destination hardware
address, and looks in the Ether-Type field to find out whom to hand the packet to.
35. IP is the designated receiver, and after the packet is handed to IP at the Network layer, it
checks the protocol field for further direction. IP finds instructions to give the payload to
ICMP, and ICMP determines the packet to be an ICMP echo reply.
36. ICMP acknowledges that it has received the reply by sending an exclamation point (!) to the
user interface. ICMP then attempts to send four more echo requests to the destination host.
You’ve just experienced Todd’s 36 easy steps to understanding IP routing. The key point
to understand here is that if you had a much larger network, the process would be the same.
In a really big internetwork, the packet just goes through more hops before it finds the destination
host.
It’s super-important to remember that when Host_A sends a packet to Host_B, the destination
hardware address used is the default gateway’s Ethernet interface. Why? Because
frames can’t be placed on remote networks—only local networks. So packets destined for
remote networks must go through the default gateway.
Let’s take a look at Host_A’s ARP cache now:
C:\ >arp -a
Interface: 172.16.10.2 --- 0x3
Internet Address Physical Address Type
172.16.10.1 00-15-05-06-31-b0 dynamic
172.16.20.1 00-15-05-06-31-b0 dynamic
Did you notice that the hardware (MAC) address that Host_A uses to get to Host_B is the
Lab_A E0 interface? Hardware addresses are always local, and they never pass a router’s interface.
Understanding this process is as important as air to you, so carve this into your memory!
Testing Your IP Routing Understanding
I really want to make sure you understand IP routing because it’s super-important. So I’m
going to use this section to test your understanding of the IP routing process by having you
look at a couple of figures and answer some very basic IP routing questions.
Figure 6.4 shows a LAN connected to RouterA, which is, in turn, connected via a WAN
link to RouterB. RouterB has a LAN connected with an HTTP server attached.