We have delved into many configurations of our routers that cover the administrative aspects of managing the device and providing basic connectivity. Don’t forget, however, that the routers were originally designed and created to do one main function. To give you a hint, the function is in its name.
Recall that Layer 3 is responsible for determining the best path to a network, using logical addressing such as IP addresses. This article discusses the fundamentals of how Layer 3 devices such as routers and Layer 3 switches develop the routing logic to determine where to forward IP packets to reach a destination network.
The Default Gateway
To fully comprehend the routing of data, it helps to start where much of the data in a network originates: the computer. As application data is sent down the protocol stack, the source and destination IP addresses are added to the IP header. If the destination IP address is located on the same IP subnet as that on which the computer is, the computer adds the destination MAC address of that device at Layer 2 and sends it on the wire.
In instances where the destination IP address is on a remote network, it must send that traffic to a router on its segment that can forward the packet toward the destination network. Although you will forward traffic to this default gateway, the destination IP address remains unchanged. However, at Layer 2, the destination MAC address of the Ethernet frame reflects the default gateway’s MAC address because this is the forwarding device on the local data-link segment.
In the example illustrated in the following figure, the PC sends traffic to the server on the remote 10.1.34.0 network. The source IP address and MAC address are those matching the PC. On the other hand, the Layer 3 destination IP address of the IP packet reflects the IP address of the server (10.1.34.101).
Because the destination IP address does not exist on the PC’s local subnet of 192.168.1.0, the PC encapsulates the router’s Fast Ethernet 0/0 MAC at Layer 2 because that is the configured default gateway for this segment. The switch in this scenario is operating as only a Layer 2 switch. Thus, despite having an IP address for management, this is not the default gateway for this segment because it is only forwarding frames at Layer 2.
When the router receives the frame addresses to its interface MAC, it possesses the Layer 3 information and consults its routing logic to determine whether it knows where to route the packet. Because the destination network is attached to the router, it knows to send the packet out its Fast Ethernet 0/1 interface. A new Ethernet frame using its Fast Ethernet 0/1 MAC address (1234 523F A26C) for the source MAC address and the server’s MAC address (A345 764C F234) as the destination MAC is added to the original IP data as it is sent out to the destination segment.
Verifying and Troubleshooting the Default gateway
Suppose that in the above figure, the traffic was a ping packet to test connectivity to the remote computer. If for some reason that ping failed, you would need to determine where the problem occurred. One method of testing the failure would be to make sure that you have connectivity to and from the originating PC and the default gateway.
The default gateway on a computer can be assigned manually in the operating system or dynamically from a DHCP server. To ensure that the local computer has its IP default gateway configured correctly, you need to look at the local PC’s configuration.
This step differs depending on the operating system installed on the originating computer. Let’s assume for this example that the computer is using Windows as its operating system. You would need to go to a command prompt and enter ip config to see how the computer’s interface(s) are configured for IP.
In the following figure, you can see from the output on the computer that the computer has been dynamically assigned an IP address of 192.168.1.2 and a subnet mask of 255.255.255.0. notice also that the default gateway is also configured correctly, pointing to the local router’s Fast Ethernet 0/0 IP address of 192.168.1.1.
To seal the troubleshooting deal, notice that we went so far as to verify that the computer has a correct IP-to-MAC address binding for the default gateway by issuing the arp-a command from the command prompt to display the computer’s ARP table. You can see from the output that the default gateway’s IP address of 192.168.1.1 does correspond to its Fast Ethernet 0/0 MAC address.
This ARP entry will continue to remain in the computer’s volatile memory as long as it keeps getting used. If no packets are sent to this address for five minutes (default), the ARP entry is removed. If you want to manually clear your ARP table on your computer (useful in cases where you recently changed your default gateway), the command is arp-d followed by the IP address or a wildcard asterisk (*) to delete all the ARP entries.
Seeing that the configuration of the originating PC is correct, next we should see if we have IP connectivity to the router’s Fast Ethernet interfaces. Because this is a small network, we can simply ping those IP addresses. In larger networks with many routers in between, it might be administratively easier to do a traceroute (the tracert command in Windows) to discover at what point along the routed path the ICMP packet fails.
So what happens if we can ping the two interfaces? At this point, we know that a packet can traverse our network, reach the default gateway, and exit the router’s remote network interface. The only culprit left is the remote PC. It is a pretty sure bet that the remote computer must have an interface problem or configuration error. Keep in mind that it too must return that packet to our network.
Therefore, the remote computer must also have a default gateway configured so that it can return that packet to its remote network. Using the same steps as we used for the originating computer, we should be able to determine exactly what is causing this computer to not successfully return packets to our computer.
Routers are methodical, tactless devices in that they do not necessarily care about the individual IP addresses that exit on a subnet. Their sole obsession is to maintain their routing logic by keeping track of the networks that exist and which interfaces to use to send the traffic if an IP packet is destined for that network. By using routing devices to relay packets out their interfaces to other forwarding devices or the destination network, the IP packet eventually reaches the destination.
At the heart of the routing logic for Layer 3 devices is the routing table. This table, located in volatile RAM, contains a mapping of all the best routes to networks that the router is aware of and the interfaces to exit to reach those networks. So how is the router aware of these networks? Generally, three routing sources can feed the routing table with this information:
- Connected Interfaces: As soon as you assign an IP address to w working (up/line protocol up) interface, the router associates the entire subnet of the interface’s IP address in the routing table.
- Static routes: these are manual entries that an administrator enters into the configuration to specify the destination network and the next hop (router along the destination path).
- Static routes: These are manual entries that an administrator enters into the configuration to specify the destination network and the next hop (router along the destination path).
- Routing protocols: Protocols exchanged between routing devices to dynamically advertise networks.
Connected interfaces remain in the routing tables as long as the interface is active and has a valid IP address assigned to it. Static routes remain in the table as long as you do not remove the static route configuration and the next hop is valid (the interface to the next hop is up). Networks learned from dynamic routing protocols remain in the routing table as long as the next hop is valid and the routing devices do not stop hearing the network(s) being advertised from the neighbor routers.
Now that you are aware of the multiple sources of routing information, you must consider a feasible anomaly that could occur with your routing sources. Namely, if you have several sources of information such as connected interfaces, static routes, and multiple routing protocols, which one are you to trust when more than one source advertises the same network? For example, if a router learns about the 192.168.1.0/24 network from a routing protocol and a static route, how does the router decide which entry to place into its routing table?
The answer lies within a program logic in the IOS called the administrative distance. The administrative distances are values between 1 and 255 that are assigned to routing information sources. These values represent a level of trustworthiness of the information source, in which lower administrative distances are preferred over higher ones.
The following table lists the Cisco IOS default administrative distances for some of the routing sources.
|Routed Source||Default Distance|
|EIGRP (internal) OSPF||90 110|
|RIPv1 and v2||120|
It should come as no shock that connected interfaces are the most trustworthy sources because they are connected directly to the local router. Static routes have a low administrative distance of 1 because the Cisco IOS assumes that you are competent administrators and any manual entry of a routable network is trusted over any dynamic routing protocols such as EIGRP, OSPF, & RIP.
When you interconnect routers, as shown in the picture below, they are aware of only their directly connected networks. Unless you configure a static route or use routing protocols, the routers will never know about their neighbors’ other networks, because they are not connected. In other words, Router A is unaware of Router B’s 172.17.0.0 network, and Router B is unaware of Router A’s 172.16.0.0.
So when do you use static routes as opposed to routing protocols? As mentioned before, static routes are manual configuration entries in which you tell the router how to get destination networks that are not locally attached. This is useful in simple networks such as the one shown in the following figure, in which there is a single link in our out of the networks, known as a stub network. Because there is only one link to get to the neighbor network, you don’t need to worry about reacting dynamically if the path fails because there are no alternative paths to that network.
Additionally, if you want to have complete control of you routing path decisions or you want to conserve bandwidth on your links (routing protocols consume bandwidth), static routes can provide you authoritative control without requiring any link bandwidth or resources because they require only a local configuration.
Configuring static routes
the general idea behind the static route is to tell the router how to get to a destination network that is not attached to it by going through another router’s interface. it is similar to telling someone, “To go outside, go through that door”. the syntax to configure a static route in global configuration mode is ip route followed by the destination network, destination subnet mask, and the next-hop IP address of the neighbor’s interface. for example, to configure a route to the 10.0.0.0/8 network through the neighbor’s serial interface of 192.168.2.5, the command would look like this:
router(config)# ip route 10.0.0.0 255.0.0.0 192.168.2.5
in the stub network example shown in the figure below, a static route to Router A and one to Router B were added, telling them about their neighbor’s Ethernet networks. these entries are placed in their routing tables, specifying any packets that are destined for those respective networks must go to the IP of the neighbor’s serial 0/0 interface. from that point, the packets are routed out Router A and Router B’s Ethernet interface because those destination networks are directly connected to the router. this entry remains in the routing table as long as the next-hop address remains valid (the serial network does not go down) or the configuration is not removed.
for several reasons such as security, processor resources, and routing path control, you can force the static route to remain in the routing table even if the next-hop interface goes down. this is easily achieved by adding the keyword permanent at the end of the if route command.
Floating static routes
at the end of an ip route-static route command, it is possible to add a parameter to assign this particular static route a higher administrative distance than the default administrative distance of 1. These entries, known as floating static routes, are not placed in the routing table if the subnet is being advertised by a routing source with a lower administrative distance. Floating static routes are useful when you have a standby redundant link to another network that will activate in the event of a primary link failure.
For example, consider the example configured in the following picture. Because you have redundant point-to-point links, you can configure the primary static route as usual and include a floating static route to be used if the primary link fails. The 2 at the end of the second static route identifies that route as the floating static route.
This entry does not show up in the routing table because the primary route advertises the same subnet with a lower administrative distance (if not specified, the default is 1). If one of the serial 0/0 interfaces on the primary link goes down, the next hop is no longer valid and is removed from the routing table. Because the floating static route has the next lowest administrative distance, that entry is put in the routing table and that link is used until the primary link returns.
Static routes have proved their usefulness in situations where you want to add a network entry in a routing table when the network is reachable via a single path. This can turn into a daunting administrative task when there are a larger number of networks in which you must configure static routes. This is especially true when you are connecting to your ISP because you do not want to configure a static route for every network on the internet.
In these situations, you might be better served using something called a default route, as illustrated in the following figure. This entry is a gateway of last resort for routers in that if a destination IP address does not have a network entry in the routing table, this route is used. The syntax for a default route is similar to a static route except that the destination and subnet mask are both 0.0.0.0:Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.10.
Configuring static and default routes with SDM
Using the security device manager web-based configuration interface, you can easily configure static and default routes with just a few clicks of the mouse. Specifically, from the configure screen, select the Routing task to display routing configuration options. At the top of the screen shown in the following figure is a section dedicated to static routing. Here, when you click the Add button, a pop-up window displays the parameters that you configure for static or default routes.
In the pop-up window, you specify the destination network and subnet mask, as you did for the IOS CLI command. The next-hop defaults to a drop-down box that lists the interfaces but you can select the IP address option and specify the next-hop address. Also notice that there is a checkbox to make this route a default route, as well as as a checkbox to make this a permanent static route entry. If you wanted to make this route a floating route, you could also put the distance metric for this route to an administrative distance value other than 1. After you click the OK button, the route is added to the running configuration of the IOS.
Verifying static and default routes
The best way to verify a static or default route configuration is by checking that the route is evident in the routing table. The command to view the IP routing table is show ip route. If you want to see the routing entry for a specific network, you can append that subnet to show ip route command (for example, show ip route 192.168.23.0). the following example displays the output of the show ip route command: Router>show ip route
Codes: C – connected, S – static, I-IGRP, R-RIP, M-Mobile, B-BGP D-EIGRP, EX-EIGRP external, O-OSPF, IA-OSPF inter area N1-OSPF NSSA external type 1, N2-OSPF NSSA external type 2 E1-OSPF external type 1, E2- OSPF external type 2, E- EGP i-IS-IS, L1-IS-IS level-1, L2-IS-IS level-2, *- candidate default U-per-user static route, O-ODR, P- periodic downloaded static route T- traffic engineered route Gateway of last resort is not set S 172.17.0.0/16 [1/0] via 192.168.1.10 C 172.16.0.0/16 is directly connected, FastEthernet0/0 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.8 is directly connected, serial 0/0/0 S* 0.0.0.0/0 [1/0] via 192.168.1.10
Notice that the beginning of the output has a legend identifying the possible codes that can be listed in the routing table. In the table itself, you can see the two directly connected networks signified by the letter C. in addition, you can also see the static route to 172.17.0.0 and the static default route entries (indicated by the letter S), using 192.168.1.10 as the next hop. Also, notice that the routing table identifies that the gateway of last resort (192.168.1.10) is set on this router because a default route was configured with the next hop to that address.
Read the full CCNA course here.