Chapter 16. IPv4 Routing Concepts

This chapter covers the following exam topics:

4.1. Describe and configure basic routing concepts

4.1.a. Packet forwarding

4.1.b. Router look-up process (exec mode, exec commands, configuration mode)

4.2. Describe the operation of Cisco routers

4.2.a. Router boot-up process

4.2.b. POST

4.3.c. Router components

Routers route IPv4 packets. That simple statement actually carries a lot of hidden meaning. For routers to route packets, routers follow a routing process. That routing process relies on information called IP routes. Each IP route lists a destination—an IP network, IP subnet, or some other group of IP addresses. Each route also lists instructions that tell the router where to forward packets sent to addresses in that IP network or subnet. For routers to do a good job of routing packets, they need to have a detailed, accurate list of IP routes.

Routers use three methods to add IPv4 routes to their IPv4 routing tables. Routers first learn connected routes, which are routes for subnets attached to a router interface. Routers can also use static routes, which are routes created through a configuration command (ip route) that tells the routers what route to put in the IPv4 routing table. And routers can use a routing protocol, in which routers tell each other about all their known routes, so that all routers can learn and build routes to all networks and subnets.

This chapter begins by reintroducing the IP routing process that relies on these routes. This IP routing discussion reviews the concepts from Chapter 4, “Fundamentals of IPv4 Addressing and Routing,” as well as takes the concepts deeper, including showing information needed in a single IP route. Then, the second major section in this chapter discusses connected routes, including variations of connected routes such as VLANs connected to a router’s VLAN trunk, and for connected routes on Layer 3 switches.

1. A user on a PC opens a command prompt and uses the ipconfig command to see that the PC’s IP address and mask are 192.168.4.77 and 255.255.255.224, respectively. The user then runs a test using the ping 192.168.4.117 command. Which of the following answers is the most likely to happen?

a. The PC sends packets directly to the host with address 192.168.4.117.

b. The PC sends packets to its default gateway.

c. The PC sends a DNS query for 192.168.4.117.

d. The PC sends an ARP looking for the MAC address of the DHCP server.

2. Router R1 lists a route in its routing table. Which of the following answers list a fact from a route, that the router then compares to the packet’s destination address? (Choose two answers.)

a. Mask

b. Next-hop router

c. Subnet ID

d. Outgoing interface

3. Which implementation on a Cisco Nexus switch turns off all Layer 2 protocol functions on an interface?

a. Routed interface

b. Switched virtual interface (SVI)

c. Switchport access interface

d. Switchport trunk interface

4. Which interface is preferred if you want to support both Layer 2 and Layer 3 for a VLAN on a Cisco Nexus switch?

a. Trunk

b. Access

c. Switched virtual interface (SVI)

d. Switchport

5. Which interface implementation on a Cisco Nexus switch allows for the faster interface or link down detection when router peering?

a. Switched virtual interface (SVI)

b. Routed interface

c. Trunk

d. ISL

The complete end-to-end routing process relies on network layer logic on hosts and on routers. The sending host uses Layer 3 concepts to create an IP packet, forwarding the IP packet to the host’s default gateway (default router). The process requires Layer 3 logic on the routers as well, by which the routers compare the destination address in the packet to their routing tables, to decide where to forward the IP packet next.

The routing process also relies on the data link and physical details at each link. IP routing relies on serial links, Ethernet LANs, wireless LANs, and many other networks that implement data link and physical layer standards. These lower-layer devices and protocols move the IP packets around the TCP/IP network by encapsulating and transmitting the packets inside data link layer frames.

The previous two paragraphs summarized the key concepts about IP routing as introduced back in Chapter 4. The rest of this section takes the discussion of IP routing another step or two deeper, taking advantage of the additional depth of knowledge you gained in Parts II and III of this book.

The routing process starts with the host that creates the IP packet. First, the host asks the question: Is the destination IP address of this new packet in my local subnet? The host uses its own IP address/mask to determine the range of addresses in the local subnet. Based on its own opinion of the range of addresses in the local subnet, a LAN-based host acts as follows:

Step 1. If the destination is local, send directly:

A. Find the destination host’s MAC address. Use the already known Address Resolution Protocol (ARP) table entry, or use ARP messages to learn the information.

B. Encapsulate the IP packet in a data-link frame, with the destination data-link address of the destination host.

Step 2. If the destination is not local, send to the default gateway:

A. Find the default gateway’s MAC address. Use the already known ARP table entry, or use ARP messages to learn the information.

B. Encapsulate the IP packet in a data-link frame, with the destination data-link address of the default gateway.

Figure 16-1 summarizes these same concepts. In the figure, host A sends a local packet directly to host D. However, for packets to host B, on the other side of a router and therefore in a different subnet, host A sends the packet to its default router (R1). (As a reminder, the terms default gateway and default router are synonyms.)

Routers have a little more routing work to do as compared to hosts. Whereas the host logic begins with an IP packet sitting in memory, a router has some work to do before getting to that point. In the following five-step summary of a router’s routing logic, the router takes the first two steps just to receive the frame and extract the IP packet, before even thinking about the packet’s destination address at Step 3.

1. For each received data-link frame, choose whether or not to process the frame. Process it if

A. The frame has no errors (per the data-link trailer Frame Check Sequence, or FCS, field)

B. The frame’s destination data-link address is the router’s address (or an appropriate multicast or broadcast address).

2. If choosing to process the frame at Step 1, de-encapsulate the packet from inside the data-link frame.

3. Make a routing decision. To do so, compare the packet’s destination IP address to the routing table and find the route that matches the destination address. This route identifies the outgoing interface of the router and possibly the next-hop router.

4. Encapsulate the packet into a data-link frame appropriate for the outgoing interface. When forwarding out LAN interfaces, use ARP as needed to find the next device’s MAC address.

5. Transmit the frame out the outgoing interface, as listed in the matched IP route.

This routing process summary lists many details, but sometimes you can think about the routing process in simpler terms. For example, leaving out some details, this paraphrase of the step list details the same big concepts:

The router receives a frame, removes the packet from inside the frame, decides where to forward the packet, puts the packet into another frame, and then sends the frame.

To give you a little more perspective on these steps, Figure 16-2 breaks down the same five-step routing process as a diagram. The figure shows a packet arriving from the left, entering a router Ethernet interface, with an IP destination of host C. The figure shows the packet arriving, encapsulated inside an Ethernet frame (both header and trailer).

Router R1 processes the frame and packet, as shown with the numbers in the figure matching the same five-step process described just before the figure, as follows:

1. Router R1 notes that the received Ethernet frame passes the FCS check, and that the destination Ethernet MAC address is R1’s MAC address, so R1 processes the frame.

2. R1 de-encapsulates the IP packet from inside the Ethernet frame’s header and trailer.

3. R1 compares the IP packet’s destination IP address to R1’s IP routing table.

4. R1 encapsulates the IP packet inside a new data-link frame—in this case, inside a High-Level Data Link Control (HDLC) header and trailer.

5. R1 transmits the IP packet, inside the new HDLC frame, out the serial link on the right.

Figure 16-3 shows a typical IP addressing diagram for an IPv4 network with typical address abbreviations. A diagram can get a little too messy if it lists the full IP address for every router interface. Therefore, when possible, these diagrams will list the subnet and then the last octet or two of the individual IP addresses—just enough so that you know the IP address, but with less clutter. For example, host A uses IP address 172.16.1.9, taking from subnet 172.16.1.0/24 (in which all addresses begin 172.16.1), and the “.9” beside the host A icon. As another example, R1 uses address 172.16.1.1 on its LAN interface, 172.16.4.1 on one serial interface, and 172.16.5.1 on the other serial interface.

Now on to the example, with host A (172.16.1.9) sending a packet to host B (172.16.2.9).

My IP address/mask is 172.16.1.9/24, so my local subnet contains numbers 172.16.1.0–172.16.1.255 (including the subnet ID and subnet broadcast address).

The destination address is 172.16.2.9, which is clearly not in my local subnet.

Send the packet to my default gateway, which is set to 172.16.1.1.

To send the packet, encapsulate it in an Ethernet frame. Make the destination MAC address be R1’s G0/0 MAC address (host A’s default gateway).

Figure 16-4 pulls these concepts together, showing the destination IP address and destination MAC address in the frame and packet sent by host A in this case.

Note that the figure shows the Ethernet LAN as simple lines, but the LAN can include any of the devices discussed in Part II of this book. The LAN could be a single cable between host A and R1, or it could be 100 LAN switches connected across a huge campus of buildings. Regardless, host A and R1 sit in the same VLAN, and the Ethernet LAN then delivers the Ethernet frame to R1’s G0/0 interface.

First, the router does a simple but important check (Step 1A in the process summary) so that the router ignores all frames that had bit errors during transmission. The router uses the data-link header’s Frame Check Sequence (FCS) field to check the frame, and if errors occurred in transmission, the router discards the frame. (The router makes no attempt at error recovery; that is, the router does not ask the sender to retransmit the data.)

The router also checks the destination data-link address (Step 1B in the summary) to decide whether the frame is intended for the router. For example, frames sent to the router’s unicast MAC address for that interface are clearly sent to that router. However, a router can actually receive a frame sent to some other unicast MAC address, and routers should ignore these frames.

For example, routers will receive some unicast frames sent to other devices in the VLAN just because of how LAN switches work. Think back to how LAN switches forward unknown unicast frames: frames for which the switch does not list the destination MAC address in the MAC address table. The LAN switch floods those frames. The result? Routers sometimes receive frames destined for some other device, with some other device’s MAC address listed as the destination MAC address. Routers should ignore those frames.

In this example, host A sends a frame destined for R1’s MAC address. So, after the frame is received, and after R1 confirms with the FCS that no errors occurred, R1 confirms that the frame is destined for R1’s MAC address (0200.0101.0101 in this case). All checks have been passed, so R1 will process the frame, as shown in Figure 16-5. (Note that the large rectangle in the figure represents the internals of router R1.)

First, an IP routing table lists multiple routes. Each individual route contains several facts, which in turn can be grouped as shown in Figure 16-7. Part of each route is used to match the destination address of the packet, while the rest of the route lists forwarding instructions: where to send the packet next.

Focus on the entire routing table for a moment, and notice the fact that it lists five routes. Earlier, Figure 16-3 showed the entire sample network, with five subnets, so R1 has a route for each of the five subnets.

Next, look at the part of the five routes that router R1 will use to match packets. To fully define each subnet, each route lists both the subnet ID and the subnet mask. When matching the IP packet’s destination with the routing table, the router looks at the packet’s destination IP address (172.16.2.9) and compares it to the range of addresses defined by each subnet. Specifically, the router looks at the subnet and mask information, and with a little math, the router can figure out in which of those subnets 172.16.2.9 resides (the route for subnet 172.16.2.0/24).

Finally, look to the right side of the figure, to the forwarding instructions for these five routes. After the router matches a specific route, the forwarding information in the route tells the router where to send the packet next. In this case, the router matched the route for subnet 172.16.2.0/24, so R1 will forward the packet out its own interface, S0/0/0, to router R2 next, listed with its next-hop router IP address of 172.16.4.2.

Encapsulating packets for serial links does not require a lot of thought because of the simplicity of the HDLC and PPP protocols. Because serial links have only two devices on the link—the sender and the then-obvious receiver—the data-link addressing does not matter. In this example, R1 forwards the packet out S0/0/0, after encapsulating the packet inside an HDLC frame, as shown in Figure 16-8.

Note that with some other types of data links, the router has a little more work to do at this routing step. For example, sometimes a router forwards packets out an Ethernet interface. To encapsulate the IP packet, the router would need to build an Ethernet header, and that Ethernet header’s destination MAC address would need to list the correct value.

For example, consider this different sample network, with an Ethernet WAN link between routers R1 and R2. R1 matches a route that tells R1 to forward the packet out R1’s G0/1 Ethernet interface to 172.16.6.2 (R2) next. R1 needs to put R2’s MAC address in the header, and to do that, R1 uses its IP ARP table information, as shown in Figure 16-9. If R1 did not have an ARP table entry for 172.16.6.2, it would first have to use ARP to learn the matching MAC address.

The process of matching a packet’s destination address with the IP routing table can actually take a lot of CPU time. The example in this chapter (Figure 16-7) listed only five routes, but enterprise networks routinely have thousands of IP routes, and routers in the core of the Internet have hundreds of thousands of routes. Now think about a router CPU that needs to search a list that’s 100,000 entries long, for every packet, for a router that needs to forward hundreds of thousands of packets per second! And what if the router had to do subnetting math each time, calculating the range of addresses in each subnet for each route? Those actions would take too many CPU cycles.

Over the years, Cisco has created several ways to optimize the internal process of how routers forward packets. Some methods tie to a specific model series of router. Layer 3 switches do the forwarding in application-specific integrated circuits (ASIC), which are computer chips built for the purpose of forwarding frames or packets. All these optimizations take the basic logic from the five-step list here in the book, but work differently inside the router hardware and software, in an effort to use fewer CPU cycles and reduce the overhead of forwarding IP packets.

Next, in the early 1990s, Cisco introduced alternate internal routing logic called fast switching. Fast switching made a couple of optimizations compared to the older process-switching logic. First, it kept another list in addition to the routing table, listing specific IP addresses for recently forwarded packets. This fast-switching cache also kept a copy of the new data-link headers used when forwarding packets to each destination, so rather than build a new data-link header for each packet destined for a particular IP address, the router saved a little effort by copying the old data-link header.

Cisco improved on fast switching with the introduction of Cisco Express Forwarding (CEF) later in the 1990s. Like fast switching, CEF uses additional tables for faster searches, and it saves outgoing data-link headers. However, CEF organizes its tables for all routing table destinations ahead of time, not just for some of the specific destination IP addresses. CEF also uses much more sophisticated search algorithms and binary tree structures as compared to fast switching. As a result, the CEF table lookups that replace the routing table matches take even less time than with fast switching. And CEF caches the data-link headers as well.

Today, current models of Cisco routers, and current IOS versions, use CEF by default. Table 16-2 lists a summary of the key comparison points between process switching, fast switching, and CEF.

The second major difference between multilayer and Layer 2 switches is based on how routing is implemented or configured on them. On a Layer 3 switch, you can implement a switched virtual interface (SVI) or a Layer 3 routed interface (sometimes referred to as a routed interface). Let’s explore each one a little deeper to understand the difference.

The first thing to understand is how a Cisco Nexus switch implements the logical routed interface known as an SVI and when you would want to use it in your data center. Figure 16-10 shows what an SVI looks like logically in a Nexus switch.

As you can see, the Nexus switch in Figure 16-10 creates a VLAN for both hosts to communicate and then enables an interface for VLANs 10 and 20 that has IP connectivity enabled. The top layer of this figure is representative of a logical router that is created for each VLAN (10 and 20, respectively) and assigned an IP address. This allows for many Layer 2 interfaces to be part of either of these networks and also enables the Cisco Nexus switch to route between them if communication is needed using the SVI interfaces. In the past, when there were no multilayer switches like a Cisco Nexus switch, you had to attach separate physical routers to your switched network and send packets up to them to route between different networks, as shown in Figure 16-11.

Now with Cisco Nexus switches being able to perform both routing and switching simultaneously, you can enable SVIs or logical routers on them and allow for inter-VLAN routing without having to go to another external device. The typical use case for this in the data center is at the distribution or access layer, where you need to do inter-VLAN routing and support many downstream Layer 2 networks at the same time, as shown in Figure 16-12.

In Figure 16-12, we would enable SVIs on R3 and R4 for any Layer 2 networks below them or off of SW1 and SW2. This allows for multiple devices to join these networks by being assigned to a VLAN and for inter-VLAN communication to happen at R3 and R4.

The second way to implement routing on a Cisco Nexus switch is by using a routed interface—which is implemented when you configure an interface on a Layer 3 switch to not have any switching functionality. Figure 16-12 shows these between R1, R2, R3, and R4. As mentioned previously, a routed interface does not have any Layer 2 functionality enabled on it and is typically used for Cisco Nexus-to-Nexus connections as peering points for routing or when directly connecting to a separate physical router over a strictly Layer 3 interconnect.

The question that now usually gets asked is, “When do I use an SVI versus a routed interface?” We have answered this question already, but let’s now review when it might be good to use them and look at a few considerations when using an SVI or a routed interface.

The SVI is most useful when you need to support Layer 2 and Layer 3 simultaneously for a given subnet. You’re probably wondering what that means. If you refer to Figure 16-12, you’ll see that in a typical data center design we have an aggregation layer where all the Layer 2–connected devices live, but we need to provide default gateways for them as dedicated routers normally would if connected to a switched network in the past. Using an SVI here lets us run Layer 2 protocols such as Spanning Tree Protocol (STP) and run a logical router that acts as the default gateway for a VLAN or many VLANs. (Each VLAN has its own logical router or SVI interface.) This enables us to add devices to this Layer 2 network and point them to their gateway (SVI or logical router) to talk to other networks.

So, when should you use a routed interface? A routed interface is useful when you don’t need any Layer 2 devices on a routed segment, such as when you want to peer from a routing perspective with another router or multilayer switch. In this case, you create a small subnet (usually a /30) between the devices and dedicate an interface for peering, because no other devices will live on this segment except the peering routers, which do not need to support Layer 2 because you use routed interfaces for this connection.

default gateway/router

ARP table

routing table

next-hop router

outgoing interface

subinterface

VLAN interface

multilayer switch

Cisco Express Forwarding (CEF)

connected route

static route

default route

zero subnet

switched virtual interface (SVI)

routed interface

inter-VLAN routing