Hello, my network worker friend
As long as there is a network, it is difficult for you not to see routers. There are various types of low, medium and high-end routers, and the functions they have are not exactly the same as the internal implementation.
You must know that the router is constantly throughput communication data, just like a fish spitting bubbles, the communication data is like the "food" of the router.
So, where does the data "eaten" by the router go?
Some of the "food" eaten by the "fish" will be absorbed, enter the blood, and finally be converted into energy or become a part of the body; what is not absorbed will be excreted out of the body through the intestinal tract.
Most of what the "fish" swallowed was water, and the water was basically spit out without being absorbed.
Similarly, most of the data entering the router enters through one interface and exits through another interface. They are just "passing" business packets, and some people call them "passing" packets.
A small part of the data is "absorbed", sent to the CPU for processing, or discarded midway for various reasons.
Today, I will share with you an article about the whole process of packet processing in the router, to help you better understand the internal principles of the router.
Today's article reading benefits: "Cisco + Huawei Router Learning Guide"
If you just want to learn router technology, this material combines the technical content of the two manufacturers, which is very suitable for you.
Private message me , send the password "good things" , the first 30 friends who private message can get the download link for free.
01 In the router, what kind of life does the message spend?
This figure shows the processing flow of service packets and protocol packets received by the router at the forwarding level.
This figure shows the processing flow at the forwarding level of the protocol packets sent by the router CPU.
Do you think the picture above is too complicated and has too many concepts to understand?
The above picture is just to give a general concept for a better understanding below.
Let's start with "exchange":
data. It is received and sent through the interface board, and the communication cable must be plugged into the interface of the interface board.
Then, to send data packets from one interface to another interface, the two interfaces need to be connected.
But in fact, data packets may come in from any interface and go out from any interface. If they are connected point-to-point in this way, N*(N-1)/2 wires are needed for interconnection, which is too many.
In order to solve the problem of a large number of connections, interface boards need to be connected through a switch fabric board. As long as the interface board is connected to the switch fabric board through several connections, the intercommunication of any interface can be completed.
The switching network belongs to the "three noes" component, that is, it has nothing to do with device configuration, protocol, and packet type. The switching network focuses on establishing a connection between the incoming interface and the outgoing interface to complete the exchange of data.
01 uplink and downlink
With the switching network as the center, the journey of the message in the router can be divided into two, the first half is called "uplink", and the second half is called "downlink".
02 Addressing forwarding
Some people may ask, the message comes in from one interface, after "switching", and then goes out from another interface, the switch will do it too, why use a router?
Yes, switches also have switching capabilities. However, in the Internet, there are many, many paths from one node to another.
The router can choose the smoothest and shortest path, thereby increasing the communication speed, reducing the network load, and saving network resources, which is the capability that the switch does not have.
Select an appropriate (usually the shortest) transmission path for the data packet, and then send it from the corresponding interface. This process is called "addressing and forwarding".
The network where the router is located almost always follows the TCP/IP system, and the router works on the third layer of the system, that is, the network layer.
Therefore, the "address" of the "addressing" mentioned just now refers to the network layer address based on the data packet-the IP address. In order to address, the router needs a "map", the "map" indexed by the destination IP address, that is, the routing table. Each router has a routing table.
03 What does the routing table look like?
This picture is an actual subway exit map.
The actual routing table is somewhat similar to the picture above.
The index of the routing table is the destination IP address/mask, and each entry has the corresponding next-hop IP address and outgoing interface information, as shown in the figure below.
With this table, the router can know exactly when it receives the data packet.
For example, when a packet with a destination address of 10.0.0.1 is received, the router can check the table and know that the packet needs to be sent to GE1/0/0.
04 How is this routing table obtained?
One way is to make it manually, and manually set a fixed route on the router. However, this kind of routing cannot respond to changes in the network. If the network topology changes, it is necessary to manually modify the settings.
Another way is to run a dynamic routing protocol to allow routers to pass routing information to each other, use the collected routing information to calculate and generate a routing table, so that the routing table can track changes in the network topology in real time.
In practical applications, both methods are used. When a dynamic route conflicts with a static route, the static route shall prevail.
Of course, there is another type of route in the routing table, which is not manually configured or learned by the routing protocol, but discovered by the link layer protocol, which is called the direct route.
05Where is the routing table placed?
With the routing table, the next thing to consider is, where is the routing table suitable?
As mentioned earlier, data packets come in from a certain interface, pass through the switching network, and then go out from another interface.
Can the routing table be placed on the switching network? The answer is definitely not, because the switching network needs to complete the exchange of all packets of the entire device. In order for the switching network to complete high-speed switching without becoming a bottleneck, the switching network cannot be used to run routing protocols, maintain routing tables, and perform addressing and forwarding.
Can the line interface board be placed in the routing table?
The answer is no. When the switching network performs switching, it needs to know which destination board to send to, so addressing and forwarding need to be completed in the uplink. However, if the routing table is placed on the upstream interface board, since packets may come from any interface board, all interface boards need to have a routing table. In fact, there is a better way, which is to put the routing table in a public place, such as the main control board, and the CPU of the main control board runs the routing protocol, calculates the route, generates and maintains the routing table.
06 Forwarding table and routing table
If the router adopts "hard forwarding", the service packets are not processed by the CPU of the main control board, and the routing table on the main control board cannot be directly used. The interface board also needs to have information for addressing and forwarding.
Therefore, after the CPU of the main control board generates the routing table, it also sends relevant information to each interface board.
The related information is the forwarding information, which is stored in the forwarding information table FIB (Forwarding Information Base) of each interface board.
The forwarding information on each interface board is the same, because they have the same source, they all come from the main control board.
In fact, modern high-performance routers are architecturally separated from forwarding and control:
The forwarding plane and the control plane are allocated to different components. The control plane runs the routing protocol, maintains the routing table, and sends the forwarding table FIB to the forwarding plane, and the forwarding plane is responsible for data packet forwarding.
The most basic advantage of doing this is that they will not affect each other.
If the traffic is very high, it will cause a high load on the forwarding layer, but it will not affect the normal routing learning of the control layer; on the contrary, if the control layer is busy processing routing information, it will not affect the high-speed data packet forwarding of the forwarding layer .
Careful readers will find that the routing table and the forwarding table look similar, with three pieces of information: destination IP address/mask, next hop, and outgoing interface.
In fact, the forwarding table is generated based on the routing table. The routing table may contain multiple routes to the destination address, but the forwarding table only takes the optimal route among them.
Moreover, the next hop in the routing table is the original next hop, not necessarily directly reachable. The FIB is used to guide forwarding, and its next hop must be directly reachable. The process of finding the "direct next hop" based on the "original next hop" is called "routing iteration".
After the router is powered on, it will run the routing protocol to learn the network topology and generate a routing table. If the interface board is successfully registered, the main control board can generate forwarding entries based on the routing table and send them to the interface board. Post forwarding packets again.
The component that performs data packet forwarding is a component called Packet Forwarding Engine (PFE) located on the interface board, which is usually an NP or ASIC chip.
07 What should I do if I can't find the way?
The above-mentioned method of preparing forwarding tables in advance before forwarding messages, and checking the tables for forwarding after receiving messages is called "pre-routing", "pave the road first, and then open to traffic". All routers now use this method for IP unicast forwarding.
In this way, when looking up the table and forwarding, if there is no match (if there is a default route, it will eventually match the default route, and there is no "mismatch" in the default route), it means that this router has not reached the destination address The route (or this route has not been learned), that is, I can't find the way and get lost.
What should I do if the data packet is lost? Return to the original route?
Imagine that if you get lost, you will be returned to the source by the original route, and the source will resend the same destination address, then the message will still get lost in the same place, and then return to the original route, an endless loop.
Therefore, packets that get lost can only be discarded. For maintainability considerations, the packet forwarding engine PFE will record the reason for discarding and count the number of discarded packets.
08 Pre-routing and flow triggering
As mentioned earlier, the routers all adopt the pre-routing method of "pave the road first and open to traffic later". In contrast, the method of "open to traffic first, then pave the road" is called "flow triggering".
In the flow trigger mode, the device receives a packet and checks the forwarding table. If there is no corresponding entry in the forwarding table, a forwarding entry is generated based on the packet.
In this way, the next packet of the user flow can hit the forwarding table for forwarding.
At present, the MAC table used by routers and switches for Layer 2 forwarding uses the MAC address learning method, which is similar to the "flow trigger" method.
From a security point of view, flow triggering is obviously easy to cause traffic attacks, which provides a reasonable and legitimate attack path for attackers.
Attackers can use various packets with unknown destinations to perform traversal and scanning attacks on the system, forming a traffic attack on the router.
Therefore, on high-end routers, in addition to the MAC learning mechanism, in order to prevent traffic attacks, it also provides the function of restricting MAC address learning, that is, limiting the maximum number of MAC addresses allowed to be learned, and limiting the time interval of each learning;
It also allows disabling MAC address learning, allowing people to manually configure MAC entries like configuring static routes.
Finishing: Lao Yang 丨 10-year senior network engineer, more network workers to improve dry goods, please pay attention to the official account: Network Engineer Club