Static routing includes generating routing table entries by default (for directly connected interfaces) when configuring interfaces, and adding entries through the route command (usually from system bootloader files), or generating routing entries through ICMP redirection (Usually when the default method is wrong).
When the network is relatively small, and there is only a single connection point with other networks and no redundant routes (if the main route fails, a backup route can be used), the above static routing method is feasible, if the above three conditions cannot be met, dynamic routing is usually used .
Dynamic routing is the communication between neighboring routers to inform each other of the network that each router is currently connected to. Routers must use routing protocols for communication. The routing daemon on the routers runs routing protocols, and its neighbors Some routers communicate.
Dynamic routing only changes the information placed in the routing table, rather than changing the kernel's routing method at the IP layer.
The routing daemon adds the selection strategy to the system. It selects a route and adds it to the kernel routing table. If the daemon finds that there are multiple routes to the same destination, it will select the best route in some way and add it to the kernel routing table. If the routing daemon finds that a link has been broken, it can delete the affected route or add another route to bypass the problem.
The Internet is organized as a set of self-consistent systems (AS, Autonomous System). Each self-consistent system is usually managed by a single entity. The Internet backbone network of NSFNET (National Science Foundation) forms a self-consistent system. System, because all routers in the backbone network are under a single management control, each self-consistent system can choose the routing protocol between the various routers in the self-consistent system. This protocol is called the interior gateway protocol IGP ( Interior Gateway Protocol) or intra-domain routing protocol. The most commonly used IGP is the routing information protocol RIP. Another new IGP is the Open Shortest Path First (OSPF) protocol, which is intended to replace RIP. In 1986 The earlier IGP used on the NSFNET backbone network is HELLO, which is no longer used.
The new RFC [Almquist 1993] stipulates that routers that implement any dynamic routing protocol must support both OSPF and RIP, as well as other IGP protocols.
The following two protocols are used for dynamic routing of routers between different autonomous systems: EGP (Exterier Gateway Protocol) and the separation routing protocol of the intra-domain routing protocol. Historically, EGP contained a protocol of the same name, EGP, and the Border Gateway Protocol BGP was intended to replace the EGP protocol.
Unix systems often run a routing daemon called routed, which is provided in almost all TCP/IP implementations, and this program only uses RIP for communication.
Another routing daemon is gated, which is supported by both IGP and EGP.
The RIP message is contained in the UDP datagram:
RIP message format, the first four bytes are the RIP message header:
Command field value:
1: Request, which means that other systems are required to send all or part of its routing table.
2: Answer.
3, 4: Discard it.
5: Informal command, polling.
6: Informal commands, polling entries.
The version field is usually 1, and the second version of RIP sets this field to 2.
After the version is the 20-byte address family (the address family of the IP address is 2), the IP address and the corresponding metric.
RIP messages in this 20-byte format can advertise up to 25 routes. The upper limit of 25 is to ensure that the total length of RIP messages is 20*25+4=504, which is less than 512 bytes. Therefore, in order to send the entire routing table, Often multiple messages are required.
The UDP port number commonly used by RIP is 520. The following is the result of running the routed program using RIP protocol:
1. Initialization: When starting a routing daemon, it will first determine which interfaces are on the host, and then send one on each interface The request message requires other routers to send a complete routing table. In a point-to-point link, the request is sent to the other end; if the network supports broadcast, this request is sent in the form of broadcast, and the destination port number is 520 (other routers’ The port number of the routing daemon). The command field of this request message is 1, but the address family field is 0, and the metric field is set to 16. The meaning of this special format of the RIP request message is to require a complete routing table at the other end.
2. Request received: If it is a request for all routing tables, the router will send the complete routing table to the sender, otherwise it will process each entry in the request: if the address specified by the entry is in the routing table , Set the metric to our value, otherwise, set the metric to 16 (a special value representing infinity, meaning that there is no route to the destination. Then send back the response.
3. Received response: make the response effective, may be updated Routing table, new entries may be added, existing entries may be modified, or existing entries may be deleted.
4. Periodic routing updates: every 30 seconds, all or some routers will send their complete routing tables to Adjacent routers can send the routing table in the form of broadcast (such as on the Ethernet), or send it to the other end of the point-to-point link.
5. Trigger an update: whenever the metric of a route changes, it can be sent to it Update.
Each route has a timer associated with it. If the system running RIP finds that a route does not receive an update from it within 3 minutes, the metric of the route is set to infinity (16) and marked as deleted. After another 60 seconds, delete the route from the local routing table to ensure that the invalidity of the route has been propagated.
The metric used by RIP is calculated by hop. The hop count of all directly connected interfaces is 1, as shown in the figure below. The dotted line represents the broadcast RIP message:
Router R1 announces that the hop count between it and N2 is 1 by sending a broadcast to N1. The rest is the same. If the neighboring router advertises that its hop count with a certain network is n, then our metric with that network is n+1.
If there are multiple routes from a router to a network in an AS, the router will choose the route with the smallest number of hops.
The maximum hop count is 15. RIP can only be used in an AS with a maximum hop count of 15 between hosts.
RIP defects:
1. There is no concept of a subnet address. For example, if the 16-bit host number in a standard Class B address is not 0, then RIP cannot distinguish whether the non-zero part is a subnet number or a host address.
2. After a router or link fails, it takes a long time (usually a few minutes) to stabilize. During this establishment period, routing loops may occur. When implementing RIP, many subtle measures must be taken to prevent routing loops. The emergence of the road and make it established as soon as possible.
3. The use of hop count as the routing metric ignores other factors that should be considered. The maximum metric of 15 limits the size of the network that can use RIP.
Use the ripquery program obtained from the gated program to query the routing tables in other routers. The ripquery program sends an informal request (the command field in the RIP message is 5) to a router, asking for its complete routing table, if If no response is received within 5 seconds, a standard RIP request is sent (the command field in the RIP message is 1, the address family field is 0, and the message with the metric field of 16 requires other routers to send its complete routing table).
Query the routing table of netb on the sun host. The network structure is as follows:
execute ripquery to query (-n parameter means to print the IP address directly without converting it to a domain name): In the
above example, netb is configured to be all located at 140.252. The hosts of the 13 subnet are all directly connected to it. Netb does not know that those hosts are actually connected to the 140.252.13 subnet. Since there is only one connection point with the subnet, it is not meaningful to advertise the metrics of each host.
The following is the result of the tcpdump of the above example, the -i sl0 option specifies the SLIP interface sl0, and -s600 means to read 600 bytes from the network: the
first line issued a rip polling command, this request timed out after 5 seconds, and then the second The bank issued a regular RIP request. The last 24 in the first two lines indicates the length of the request message: 4-byte RIP header (including command and version), 20-byte address and measurement.
The third line is a response message. The 25 at the end of the line change indicates that it contains 25 address and metric pairs, and the number of bytes is 504. The fourth line is the second response message, which contains 12 address and metric pairs, and the message length is 12*20+4=244.
It can be seen from the above that the metric of the Ethernet and gateway where sun is located is 2. Verify it:
Observe the information that RIP periodically sends to its neighbors on the following Ethernet structure:
Rn represents the router in the above figure, and n is the subnet number, with a dotted line Represents a point-to-point link and gives the IP address of the opposite end of the link.
In the above figure, there are 13 routes to the gateway through kpno (all the links in the upper half are).
Run the snoop program of Solaris 2.x on the host solaris. It is similar to the tcpdump program. We can run the program without root permission, but it can only capture broadcast messages, multicast messages and send to the program. The host's message, the following is the message it captured within 60 seconds, the -P option of the snoop command captures the message in non-promiscuous mode, the -tr option prints out the corresponding timestamp, and udp port 520 means that only the message is captured The UDP datagram with the source or sink port number of 520:
As shown in the figure above, the first 6 messages from R6, R4, R2, R7, R8, R3, each message only advertises one route, and the gateway router advertises 15 For routing, we can use the -v option of the snoop command to view the entire contents of the RIP message (including the Ethernet header, IP header, UDP header, and RIP message). The following is the gateway’s message and only keep it after deleting other information RIP information:
One problem is that R10 advertises that it has four networks, but it has only three networks in the network topology. Checking the RIP message, it is found that
there is an invalid route, and this invalid route should not be advertised.
In the output of the snoop command, R10 has the symbol "BROADCAST", indicating that the destination IP address is a limited broadcast address (255.255.255.255, broadcast to this subnet, without knowing its own network number), and other routers are used to point to the subnet Broadcast address (140.252.1.255, pointing to this subnet).
After the definition of RIP is expanded, it is called RIP2. These expansions do not change the protocol itself, but use the fields that must be 0 in RIP to transmit some additional information. If an implementation of RIP ignores these fields that must be 0, Then RIP and RIP2 can interoperate.
The version field value of RIP2 is 2.
The routing domain field is the identifier of the routing daemon. It indicates the owner of the datagram. In Unix implementations, it can be the process number of the routing daemon. This domain allows the administrator to run multiple RIP instances on a single route. , Each instance is carried out in a routing domain.
The route tag field exists to support the exterior gateway protocol, and it carries an autonomous system number of EGP (Exterior Gateway Protocol) or BGP (Border Gateway Protocol).
In addition to broadcasting, RIP2 also supports multicast, which can reduce the load of hosts that do not listen to RIP2 messages.
The subnet mask is applied to the destination IP address.
The IP address of the next station indicates where the router that sent the RIP packet should go to the destination IP. If this field is 0, the packet sent to the destination IP should be sent to the system that sent the RIP packet. .
RIP2 provides an authentication mechanism that specifies a clear text password. You can specify the address class (address family) value to be 0xffff, the routing tag value to 2, and the next 16 bytes contain a clear text password.
OSPF (Open Shortest Path First) is another internal gateway protocol besides RIP. It uses a link state protocol instead of the distance vector of RIP (the message sent by RIP contains a distance vector (number of hops), and each router Update its routing table according to the distance vectors it receives from neighboring stations).
In the link state protocol, the router does not exchange distance information with its neighbors. The method it uses is to make the router actively test the state of the link connected to its neighbors and send this information to its other neighbors. And the neighboring station spreads this information in the AS, and each router receives the link state information and establishes a complete routing table.
The link state protocol always converges faster than the distance vector protocol. Convergence means that after the route changes (such as the router is shut down or the link fails), the status of other routers is updated.
The difference between OSPF and other routing protocols is that it directly uses IP instead of TCP or UDP. OSPF has its own value for the protocol field of the IP header.
The advantages of OSPF over RIP:
1. OSPF can calculate its own routing set for each IP service type, which means that for one purpose, there can be multiple routing table entries, and each entry corresponds to an IP service type.
2. Each interface can be assigned a non-dimensional cost, which can be assigned through throughput, round-trip time, reliability or other performance, and a separate cost can be assigned to each IP service type.
3. When there are multiple routes with the same cost for the same destination address, OSPF distributes traffic evenly on these routes, which is called flow balance.
4. OSPF supports subnets, each route advertised has a subnet mask, the route to a host is advertised through the all 1 subnet mask, and the default route is advertised by the IP address and subnet mask all 0 of.
5. There is no need to have an IP address at both ends of the point-to-point link between routers. We call it an unnumbered network, which saves IP addresses.
6. A simple authentication mechanism is used, similar to RIP2 to specify a clear text password.
7. OSPF uses multicast instead of broadcast to reduce the system load that does not participate in OSPF.
As most vendors support OSPF, OSPF will gradually replace RIP.
BGP is an exterior gateway protocol for communication between routers in different autonomous systems. BGP is a replacement used by ARPANET to replace the old EGP.
The BGP system exchanges network reachable information with other BGP systems. This information constructs an autonomous system connection diagram, and then the routing loop can be deleted according to the connection diagram, and routing strategies can be formulated.
First, we divide the IP datagram in an autonomous system into local traffic and through traffic. Local traffic refers to traffic that starts or ends in the autonomous system, and other traffic is called through traffic. One purpose of using BGP in the Internet is to reduce passing traffic.
Autonomous systems can be divided into the following types:
1. Stub AS: It has only a single connection with other autonomous systems, and it has only local traffic.
2. Multihomed AS: It has multiple connections with other autonomous systems, but refuses to pass traffic.
3. Transit Autonomous System (transit AS): It has multiple connections with other autonomous systems. Under some policy guidelines, it can transmit local traffic and pass-through traffic.
The overall topology of the Internet can be regarded as the arbitrary interconnection of the above three autonomous systems. The stub autonomous system and the multi-interface autonomous system do not need to use BGP. They exchange reachable information between autonomous systems by running EGP.
BGP allows the use of policy-based routing. The system administrator formulates policies. The formulation of policies is not part of the protocol. However, the formulation of policies allows BGP to select paths when there are multiple alternative paths and control the retransmission of information. The routing strategy is related to political, security or economic factors.
BGP uses TCP as its transport layer protocol. A TCP connection is established between two systems running BGP, and then the entire BGP routing table is exchanged. From this point on, an update signal is sent when the routing table changes.
BGP checks whether the TCP connection link and the peer host fail by periodically sending keepalive packets to neighboring stations. The recommended time interval between the two packets is 30 seconds. The keepalive packet of the application layer and the keepalive option of TCP are independent.
Class B addresses are scarce, so many network sites can only use multiple Class C network numbers instead of a single Class B network number, but it brings another problem: each Class C network requires a routing table entry. Typeless Inter-Domain Routing (CIDR) is a method to prevent the expansion of Internet routing tables, and it is also known as supernetting.
The basic idea of CIDR is to use a method of assigning multiple IP addresses to combine many entries in the routing table into a smaller number. If a site has 16 Class C addresses, write them into the routing table in a combined manner, so that all 16 addresses can refer to a single routing table entry on the Internet. At the same time, if there are 8 different sites connected to the Internet through the same connection point of the same Internet service provider, and the 8 different IP addresses allocated by these 8 sites can be summed, then for these 8 sites, on the Internet Only a single routing table entry is required.
Combining multiple IP addresses must meet:
1. These IP addresses must have the same high-order address bits.
2. The routing table and routing algorithm must be expanded to make routing decisions based on 32bit IP addresses and 32bit masks.
3. The routing protocol must be extended to have a 32-bit mask in addition to the 32-bit address. Both OSPF and RIP2 can carry a 32-bit mask.
CIDR makes the best match always the match with the longer mask.
The untyped meaning of the untyped inter-domain routing is that the routing decision is based on the mask operation of the entire 32-bit IP address, regardless of whether the IP address is of type A or other types.
There is no checksum field in the RIP message format, but OSPF does. The reason is that RIP runs on UDP, and UDP provides an optional checksum field for the UDP data part, but OSPF runs on the IP protocol. The checksum field only covers the IP header.
Since the router running RIP advertises its own routing table every 30 seconds, a loss means that the neighboring router receives the router’s 25 routing information after 60 seconds, that is, every 25 routing information, and only in the routing RIP will declare it invalid until the entry is not updated for 3 minutes.
The OSPF load balancing method in question is OSPF maintenance cost value. When there are multiple routes with the same cost to the same destination, traffic will be randomly distributed on these routes. This will increase the probability of out-of-sequence delivery of packets, and it is likely to cause The loopback time calculated by the transport layer is incorrect.
When a broadcast message sent by RIP is received by the host, the host will check port 520 and discard the message if RIP is not running.