ROUTING - Unit 1 (Chapter 3)

Static Routing

manually entering routes into router’s routing table; best used in small networks; need manual updates, prone to errors, not scalable

• Not persistent by default (won’t survive reboot)

To make it persistent, use -p switchEx: route -p add 192.168.2.1 mask 255.255.255.0 192.168.2.4

Static Routing syntax

route add [destination IP] mask [subnet mask] [next-hop IP]

• Ex: route add 192.168.2.1 mask 255.255.255.0 192.168.2.4

Default route

Route used by routers when no other specific route is found in the routing table; it forwards traffic to a default gateway.

Default route in CIDR notation

0.0.0.0/0

Default route IPv6

::/0

Dynamic routing

enables routers to pass info about themselves to other routers so that other routers can build routing tables

Route Redistribution

Sharing learned routes across different protocols or sources; Needed when combining multiple routing protocols in a network

Distance-Vector Routing

routers send entire routing tables to its direct neighbors (directly connected routers); updates every 30 or 60 secs; slow updates, risk of loops, more traffic

Convergence

The process of routers updating their routes when the network changes; takes time for routers to detech and accommodate the changes

Link-State Routing

each router builds a full map of network using info from all routers; routers send Link-State Advertisements (LSAs) to every other router; fast convergence, fewer updates, needs more resources

Hops

communication between distance-vector routers; each router represents 1 hop;

• “next hop” = next closest router packet can go

Border Gateway Protocol (BGP)

mix of both distance-vector and link-state features; used for routing between large networks; uses TCP; examines routing table to find best paths and uses cost metrics to determine most efficient route

Autonomous System Numbers (ASNs)

unique numbers assigned to groups of IP networks that use common routing policy; used to differentiate networks on Internet

Enhanced Interior Gateway Routing Protocol (EIGRP)

distance-vector; uses neighbor routers to exchange and store routing info; uses Diffusing Update Algorithm (DUAL) to pick best path; fast convergence and efficient route calculation

Open Shortest Path First (OSPF)

link state; uses Dijkstra’s algo; each router shares a list of its neighbors and all routers build a map of network and chooses least-cost path to each destination

tracert command

IPv4; used in Windows to see how many hops a packet takes to reach a destination

• traceroute used for macOS and Linux

• tracert -6, traceroute6, traceroute -6 is IPv6 equivalent

Routing loops

routing tables on routers are slow to update and a repeated communication cycle is created between routers

Split Horizon (way to combat routing loops)

prevents router from advertising a route back to other router from which it was learned

Poison reverse / split horizon with poison reverse (way to combat routing loops)

notes that route is advertised back on the interface from which it was learned, but has hop count of infinity which means route is unreachable

Latency

amount of time it takes for a packet to travel from one location to another

Administrative distance

numberical value assigned to route based on its quality/trustworthiness; when received routing updates, it’s used to prioritize routes; manually assigned or assigned based on algorithm; lower is better (0 is best)

Metric

quantitative value assigned to each route to measure desirability or cost of path to destination network; represents various factors like hop count, bandwidth, delay, reliability, etc; when multiple routes to same place with different metric, router picks lowest metric value

Hop counts

number of hops necessary to reach a node; count of infinity means route is unreachable

Maximum transmission unit (MTU)

largest data unit that can be passed without fragmentation

Bandwidth

maximum packet size permitted for Internet transmission

Address Translation

enable communication between devices on different networks with incompatible addressing scheme

Network Address Translation (NAT)

allows multiple devices within a private network to share a single public IP address; keeps track of which internal device made which request.

One-to-One NAT

Maps one internal IP to one public IP

Dynamic NAT (First-come-first-served)

Assigns public IPs from a pool as needed

Tunneling

encapsulates one type of network traffic inside another protocol to send it across incompatible networks; Used for carrying IPv6 over IPv4 networks during transitions

6to4 (tunneling)

Sends IPv6 packets over an IPv4 network

4to6 (tunneling)

Sends IPv4 packets over an IPv6 network

Teredo

provides IPv6 connectivity to IPv6-capable hosts behind NAT

Miredo

popular Teredo implementation for IPv4-only systems

Port Address Translation (PAT)

variation on NAT; maps each connection using port numbers, hiding internal IPs. Replies go to the router, which sends them to the correct private device

First Hop Redundancy Protocol (FHRP)

improve network reliability and resilience, ensuring continuous access to network resources and services by preventing downtime if default gateway router fails; multiple routers share 1 virtual IP & MAC address

Features:

• Virtual IP address: if one router fails, another takes over automatically

• Virtual MAC address: helps devices find gateway using same MAC

• Redundancy Protocols: 

  • Hot Standby Router Protocol (HSRP) which is Cisco specific, 

  • Virtual Router Redundancy Protocol (VRRP) which is industry standard

  • Gateway Load Balancing Protocol (GLBP) which adds load balancing across routers

• Router Election: routers vote to choose a primary (the main router that handles traffic)

Virtual IP (VIP)

single IP used by multiple apps or services; Incoming data is routed to the correct app, allowing one IP to support several services on a server

Subinterface

virtual interface created on top of a physical interface (like a router port) to handle multiple VLANs or subnets;

Used in router-on-a-stick setups for inter-VLAN routing with 802.1Q tags

Each subinterface = one VLAN, with its own IP, VLAN ID, and encapsulation

Enables VLAN communication on a single physical interface

Virtual Local-Area Networks (VLAN)

virtual group of devices on a network that can communicate like they’re on the same physical network, even if they’re not; used for network segmentation to improve performance, organization, and security

VLAN Trunking Protocol (VTP)

Cisco protocol that automatically distributes VLAN info to all switches in the same VTP domain.

IEEE 802.1Q

official standard for VLAN tagging on Ethernet networks

Tagging

adds VLAN tag to packets to id their VLAN; Improper VLAN tag config = no access to network resources

Trunk Port

Cable that carries traffic for multiple VLANs

Access Port

Carries traffic for one VLAN; Only one untagged VLAN per port (default VLAN)

Port Aggregation

Combines multiple physical cables into one faster, more reliable connection; Like using two or more charging cables at once to charge your phone faster and safer.

LACP (Link Aggregation Control Protocol)

Standard protocol for port aggregation; allows binding of up to 8 ports

Protocol-based VLANs (VLAN membership)

Devices are grouped into VLANs based on Layer 3 protocol (e.g., IP); Uses IP address to assign VLAN, not for routing

Example: A subnet (like 192.168.1.0/24) could be assigned to its own VLAN

Port based VLANs (VLAN membership)

VLAN membership assigned based on physical port number on a switch

MAC address-based VLANs (VLAN membership)

VLAN memebership assigned based on MAC address

Native VLAN

• only VLAN not tagged when sent over a trunk.

• Transmitted unchanged.

• Must be the same on both ends of the trunk link.

• Tagging is required when trunking VLANs to differentiate traffic between VLANs.

Switch Virtual interface (SVI)

virtual gateway that lets devices in different VLANs talk to each other by routing traffic inside the switch; act like default gateways (a way out) for devices in VLANs; Without it, devices in different VLANs can’t communicate

1. Each SVI is linked to one VLAN

2. It’s given an IP address and subnet mask

3. Devices in that VLAN are told: “Use this SVI as your default gateway”

4. If a device wants to talk to another VLAN, traffic is sent to the SVI

5. The switch uses its routing table to forward the traffic to the right VLAN

How It’s Set Up:

Configured using command-line (CLI) or a switch’s management interface

You can assign IP addresses, set up routing, apply ACLs (Access Control Lists)

• This makes a Layer 2 switch act like a Layer 3 router

Default VLAN

mandatory, used for communication between switches, called VLAN 1

Flow control

temporarily stops transmission of data to ensure no packet loss during network congestion

Port mirroring/port spanning

monitors network traffic and how well a switch works by copying traffic from all ports to a single port without interrupting flow of regular traffic

Port security

allows administrator to configure switch ports so only specific MAC addresses can use the port

Authentication, accounting, and authorization (AAA)

integrated security and access control

Virtual Consoles and Terminals

Console port (virtual console/VC) is a serial port for local admin access; Virtual terminal (vt or vty) allows remote access via Telnet/SSH; simplest way to protect is to configure a username and password

Voice VLAN

type of VLAN used for VoIP

Route aggregation

when specific routes are combined into one route to increase throughput

VLAN trunking

allows multiple VLANs to be carried over a single network link (usually between switches) using tagging to identify VLAN traffic

Spanning Tree Protocol (STP)

used in network bridges and switches to actively monitor the network to avoid/eliminates loops on a layer 2 bridge; Spanning Tree Algorithm is used to correct loops if they happen

• If port has problem, protocol can block or disable the port, or forward data to different port

Bridge protocol data units (BPDUs)

used in STP to identify status of ports and bridges across the network

Maximum Transmission Unit (MTU)

largest size in bytes of a data packet that can be transmitted over a network protocol without fragmentation; Standard Ethernet MTU = 1500 bytes

• Larger MTU = fewer packets, less overhead, better efficiency

• If data exceeds MTU, it is fragmented into smaller packets, which adds overhead

Jumbo Frames

Ethernet frames with payloads larger than 1500 bytes; iImprove efficiency for large data transfers (HPC, SANs, streaming, etc.); All devices along the path (switches, routers, NICs) must support it

Runts

Frames smaller than 64 bytes (below the IEEE 802.3 minimum frame size)