This Daily Drill Down will zoom in on the principle of moving packets of data from one network to another network using a router and the IP protocol. This is called routing, and I’m going to demonstrate an IP routing example in 40 steps. Why 40? Well, I really could give it to you in 10 steps or so, but that would be more of a summarized approach. And since I really want you to thoroughly understand this process, I’m going to cover the details of how a packet is actually handled when it’s sent through an internetwork.
Because we’re taking an in-depth approach here, you’ll find it helpful to be familiar with the following:
- IP addressing and subnetting
- The difference between a router and a switch
- How collision and broadcast domains work within an internetwork
If any or all of the above is a mystery to you (even if you’re just a bit fuzzy on them), take a look at my Daily Drill Downs “Discover how routers power internetworks,” “Subnetting a Class B network address,” and “Subnetting a Class C network address.”
IP addressing, subnetting, and IP routing are very important fundamentals; once you have a good grasp on them you can move on to exploring more advanced, really exciting subjects like supernetting and Variable Length Subnet Masking (VLSM)!
Move that data!
Okay, we know routers are hardware devices that employ software to perform the task of routing packets throughout an internetwork, and we know that routing is the term used to describe the process of taking a packet of data from a device on one network and switching it through that router over to another device on a different network—packet distribution and delivery. So if your network has no routers, you’re not routing.
|Did you notice that a LAN and two WANs are connected to the 2600A router?|
Figure A highlights the routing raison d’etre: to make it possible to connect multiple networks, thereby creating an internetwork so that all hosts within that internetwork can communicate with each other by sending and receiving data.
Now take a closer look at Figure A so we can go step-by-step through the IP routing process. Let’s begin by pretending that HostA wants to send a ping request (packet internet groper) to HostB.
By looking at the IP networks and addresses in the figure, we can see that HostA is on the 192.168.10.32 network and that the /27 is a subnet block of 32. What this tells us is that our valid hosts are 33-62. Also, notice that HostA’s IP address is 192.168.10.34 with a configured default gateway of 192.168.10.33.
HostB is on the 192.168.10.96 subnet and it has an IP address of 192.168.10.98 with a configured default gateway of 192.168.10.97. It’s very important to make sure that a host’s default gateway is configured correctly because it’s used to tell the host how to send packets out of the local network.
Okay, that said, let’s type a ping request to 192.168.10.98 from HostA at the command prompt and follow it through from beginning to end. Here’s what happens, starting at HostA (these are our 40 steps to IP routing):
- The router’s FastEthernet 0/0 interface will receive the bits and build a frame. The CRC is run, and the FCS field is checked to make sure the answers match. Internet Control Message Protocol (ICMP) creates an echo request payload (which is just the alphabet forward and backwards).
- ICMP hands that payload to IP, which then creates a packet. At a minimum, this packet contains an IP source address, an IP destination address, and a protocol field with 01h. All of that tells the receiving host whom to hand the payload to—in this example, ICMP.
- Once the packet is created, IP works with the Address Resolution Protocol (ARP) to determine whether the destination IP address is on the local network or on a remote one.
- Since this is a remote request, the packet needs to be sent to the default gateway. The registry in Windows is parsed to find the configured default gateway.
- The default gateway of host 192.168.10.34 is 192.168.10.33. To be able to send this packet to the default gateway, the hardware address of the router’s interface Ethernet1 (configured with the IP address of 192.168.10.33) must be known. Why? So the packet can be handed down to the Data Link Layer, framed, and sent to the router’s interface for the 192.168.10.32 network.
- Now, the ARP cache is checked to see if the IP address of the default gateway has been already resolved to a hardware address. If it has, the packet is then free to be handed to the Data Link Layer for framing. (The hardware destination address is also handed down with that packet.)
- If the hardware address isn’t already in the ARP cache of the host, an ARP broadcast will be sent out onto the local network to search for the hardware address of 192.168.10.33. The router will respond to the request and provide the hardware address of Ethernet1, and the host will cache this address. The 2500A router will also cache the hardware address of HostA in the ARP cache.
- Once the packet and destination hardware address are handed to the Data Link Layer, the LAN driver is used to provide media access via the type of LAN being used. (In this example, it’s Ethernet.) A frame is then generated, encapsulating the packet with control information. Within that frame are the hardware destination and source address, plus an Ethernet-Type field that describes the Network Layer protocol that handed the packet to the Data Link Layer (in this case, IP). At the end of the frame is the Frame Check Sequence (FCS) field, which houses the answers to the Cyclic Redundancy Check (CRC).
- Once the frame is completed, the frame is handed down to the Physical Layer to be put on the physical medium (in this example, twisted-pair wire), one bit at a time.
- Every device in the collision domain receives these bits and builds the frame. They each run a CRC and check the answer in the FCS field. If the answers don’t match, the frame is discarded. If the CRC matches (in this example, it is the router’s interface Ethernet1), then the hardware destination address is checked to see if it matches too. If it’s a match, then the Ethernet-Type field is checked to find the protocol used at the Network Layer.
- The packet is pulled from the frame and the frame is discarded. The packet is handed to the protocol listed in the Ethernet-Type field, meaning it’s given to IP.
- IP receives the packet and checks the IP destination address. Since the packet’s destination address doesn’t match any of the addresses configured on the receiving router itself, the router will look up the destination IP network address in its routing table.
- The routing table must have an entry for the network 192.168.10.96 or the packet will be discarded immediately and an ICMP message will be sent back to the originating device with a Destination Network Unavailable message.
- If the router does find an entry for the destination network in its table, the packet will be switched to the exit interface—in this example, interface serial 0.
- Serial interfaces don’t use Ethernet framing techniques, but by default, Cisco routers use something called High-Level Data Link Control (HDLC) to frame the packet. When serial interfaces are used, though, it’s not called framing; it’s known as “encapsulating.” And because this is a point-to-point circuit, hardware addresses aren’t used or needed. Instead, HDLC encapsulation is sent out one bit at a time to the next router.
- Serial 0/0 on 2600A then extracts the packet from the HDLC encapsulation and checks the IP destination address. Since the IP addresses of the different router interfaces do not match, the router will check its routing to determine whether it knows how to get the packet over to the destination network.
- The routing table will show that to get to network 192.168.10.96, it must use exit interface FastEthernet 0/0 so the packet is switched to interface FastEthernet 0/0.
- The FastEthernet interface has the packet in the buffers and needs to send the packet to HostB, or IP address 192.168.10.98, but the hardware address must be known in order to deliver the packet to the correct host. The router checks the ARP cache, and if no match is found, an ARP broadcast is sent out interface FastEthernet 0/0.
- HostB will respond with its hardware address, and the packet and destination hardware address are both sent to the Data Link Layer for framing.
- The Data Link Layer will create a frame with the destination and source hardware address, Ethernet-Type field, and a FCS field at the end of the frame. The frame is handed to the Physical Layer to be sent out on the physical medium one bit at a time.
- HostB receives the frame and immediately runs a CRC. If the answer matches what’s in the FCS field, the hardware destination address is then checked. If it finds a match, the Ethernet-Type field is then checked to determine where the packet should be received on the Network Layer.
- At the Network Layer, IP gets the packet and checks the IP destination address. Since there’s finally a match made, the protocol field is checked to find out to whom the payload should be given.
- The payload is handed to ICMP, which understands that this is an echo request. ICMP responds to this by immediately discarding the packet and generating a new payload as an echo reply.
- A packet is then created including the source and destination address, protocol field, and payload.
- ARP then checks to see if the destination IP address is a local device on the local LAN or if it’s a device on a remote network. Since the destination device is on a remote network, the packet needs to be sent to the default gateway.
- The default gateway address is found in the registry of the Windows device, and the ARP cache is checked to see if the hardware address has already been resolved from an IP address.
- Once the hardware address of the default gateway is found, the packet and destination hardware address are handed down to the Data Link Layer for framing.
- The Data Link Layer frames the packet of information and includes the following in the header: the destination and source hardware address, Ethernet-Type field with IP in it, and the FCS field with the CRC answer in tow.
- The frame is now handed down to the Physical Layer (of the OSI model) to be sent out over the network medium one bit at a time.
- The router’s FastEthernet 0/0 interface will receive the bits and build a frame. The CRC is run and the FCS field is checked to make sure the answers match.
- Once the CRC is found to be okay, the hardware destination address is checked. Since the router’s interface is a match, the packet is pulled from the frame and the Ethernet-Type field is checked to see what protocol at the Network Layer the packet should be delivered to.
- That’s determined to be IP, so it gets the packet. IP runs a CRC check on the IP header first and then checks the destination IP address. (Note: IP does not run a complete CRC like the Data Link Layer—it only checks the header for errors.) Since the IP destination address doesn’t match any of the router’s interfaces, the routing table is checked to see if it has a route to 192.168.10.32. If it doesn’t have a route over to the 32 network, the packet will be discarded immediately. (This is the source point of confusion for a lot of administrators. When a ping fails, most people think the packet never reached the destination host. But as we see here, that’s not always the case! All it takes is for just one of the remote routers to be lacking a route back to the originating host’s network and POOF! The packet is dropped on the return trip, not en route to the host.)
- But Router 2600A does know how to get to network 192.168.10.32—the exit interface is serial 0/0—so the packet is switched to serial interface 0/0.
- The serial interface builds an HDLC encapsulation and sends the packet inside an HDLC encapsulation method out interface 0/0, one bit at a time, to the 2500A router. The 2500A router receives the HDLC encapsulation and hands over the packet to IP.
- IP checks the destination address, and since no interface on the router matches, the routing table is checked for a path to network 192.168.10.32.
- The routing table tells IP that the path to network 192.168.10.32 is out interface Ethernet1, so over it goes—the packet is switched to interface Ethernet1.
- The hardware address must first be found in order to send the packet to the destination IP address of 192.168.10.34, and the ARP cache is checked for that first. Since the address is in the ARP cache, the packet and the destination hardware address are sent to the Data Link Layer to be framed.
- The frame adds the hardware source and destination address and the Ethernet-Type field, and puts the CRC answer in the FCS field.
- The frame is then given to the Physical Layer to be sent out onto the local network, one bit at a time.
- The destination host receives the frame, runs a CRC, checks the destination hardware address, and then looks in the Ethernet-Type field to find who to hand the packet to. IP, at the Network Layer, is the designated receiver, and after the packet is handed to IP at the Network Layer, it checks the protocol field for further direction. IP finds instructions to give the payload to ICMP, and ICMP determines the packet to be an ICMP echo reply. It acknowledges that it has received the reply by sending an exclamation point (!) to the user interface. ICMP will then attempt to send four more echo requests to the destination host.
Only one ping?
Five pings are sent by default, but I don’t think we need to go there! For those individuals in the audience who want this Daily Drill Down to describe the process exactly as it actually happens in the real world, just start back at step one and read through to number 40 four more times!
The beauty of IP routing is that no matter how many more routes we might decide to put into this example, the process would never change! The packet is just sent from hop to hop until it reaches the destination network.
Remember to keep these important points in mind:
- Some things never change, and this includes packets. They never change in any way; they are only encapsulated in control information to enable them to be sent from one router to another.
- Routers are impersonal; they do not keep host addresses in their routing tables. Routers only care about networks and the best path to each one.
- Each and every one of us is unique, and so are hardware addresses. These are what devices use to find a unique host on a local network.