Today we will take a closer look at some aspects of routing. Before I start, I want to answer a student question about my social media accounts. On the left I have placed links to the pages of our company, and on the right - to my personal pages. Note that I don't add a person to my Facebook friends if I don't know them personally, so don't send me friend requests.
You can simply subscribe to my Facebook page and be aware of all events. I reply to messages on my LinkedIn account, so feel free to message me there, and of course I'm very active on Twitter. Below this video tutorial are links to all 6 social networks, so you can use them.
As usual, today we will study three topics. The first is an explanation of the essence of routing, where I will tell you about routing tables, static routing, and so on. Then we will look at Inter-Switch routing, that is, how routing occurs between two switches. At the end of the lesson, we will get acquainted with the concept of Inter-VLAN routing, when one switch interacts with several VLANs and how communication between these networks occurs. This is a very interesting topic, and you may want to review it several times. There is another interesting topic called Router-on-a-Stick, or "router on a stick."
So what is a routing table? This is a table based on which routers make routing decisions. You can see what a typical Cisco router routing table looks like. Every Windows computer also has a routing table, but that's another topic.
The letter R at the beginning of the line means that the route to the 192.168.30.0/24 network is provided by the RIP protocol, C means that the network is directly connected to the router interface, S means static routing, and the dot after this letter means that this route is candidate default, or the default candidate for static routing. There are several types of static routes, and today we will get acquainted with them.
Consider, for example, the first network 192.168.30.0/24. In the line you see two numbers in square brackets, separated by a slash, we have already talked about them. The first number 120 is the administrative distance, which characterizes the degree of confidence in this route. Suppose there is another route in the table to this network, denoted by the letter C or S, with a smaller administrative distance value, for example, 1, as for static routing. In this table, you will not find two identical networks unless we use a mechanism such as load balancing, but let's assume that we have 2 entries for the same network. So, if you see a smaller number, this will mean that this route deserves more trust, and vice versa, the greater the value of the administrative distance, the less trust this route deserves. Next, the line indicates through which interface the traffic should be sent - in our case, this is port 192.168.20.1 FastEthernet0/1. These are the components of the routing table.
Now let's talk about how the router makes routing decisions. I mentioned the default candidate above and now I'll tell you what that means. Suppose the router received traffic for the network 30.1.1.1, the entry for which is not in the routing table. Normally, the router will just drop this traffic, but if there is an entry for the default candidate in the table, that means that anything the router doesn't know about will be routed to candidate default. In this case, the entry indicates that traffic arriving for a network unknown to the router should be forwarded through port 192.168.10.1. Thus, traffic for network 30.1.1.1 will follow the route that is the default candidate.
When a router receives a request to establish a connection with an IP address, it first of all looks to see if this address is contained in any particular route. Therefore, when it receives traffic for network 30.1.1.1, it will first check to see if its address is contained in a particular routing table entry. So, if the router receives traffic for 192.168.30.1, then after checking all the entries, it will see that this address is contained in the network address range 192.168.30.0/24, after which it will send traffic along this route. If it does not find any specific entries for the 30.1.1.1 network, the router will send traffic destined for it along the candidate default route. Here's how the decisions are made: First look up the entries for specific routes in the table, and then use the default candidate route.
Let's now look at the different types of static routes. The first type is the default route, or the default route.
As I said, if the router receives traffic that is addressed to a network unknown to it, it will send it along the default route. The entry Gateway of last resort is 192.168.10.1 to network 0.0.0.0 indicates that the default route is set, that is, "The gateway of the last resort to network 0.0.0.0 has an IP address of 192.168.10.1." This route is listed in the last line of the routing table, which is headed by the letter S followed by a dot.
You can assign this parameter from the global configuration mode. For a regular RIP route, type the ip route command, specifying the appropriate network ID, in our case 192.168.30.0, and the subnet mask 255.255.255.0, and then specifying 192.168.20.1 as the next hop. However, when you set the default route, you do not need to specify the network ID and mask, you simply type ip route 0.0.0.0 0.0.0.0, that is, instead of the subnet mask address, type four zeros again, and specify the address 192.168.20.1 at the end of the line, which will be the default route.
The next type of static route is the Network Route, or network route. To set a network route, you must specify the entire network, that is, use the ip route 192.168.30.0 255.255.255.0 command, where 0 at the end of the subnet mask means the entire range of 256 network addresses / 24, and specify the IP address of the next hop.
Now I'll draw a template on top showing the command to set the default route and the network route. It looks like this:
ip route first part of address second part of address .
For a default route, both the first and second parts of the address will be 0.0.0.0, while for a network route, the first part is the network ID and the second part is the subnet mask. Next, the IP address of the network to which the router decided to make the next hop will be located.
The host route is configured using the IP address of the specific host. In the command template, this will be the first part of the address, in our case it is 192.168.30.1, which points to a specific device. The second part is the subnet mask 255.255.255.255, which also points to the IP address of a particular host, not the whole /24 network. Then you need to specify the IP address of the next hop. This is how you can set the host route.
Summary route is a summary route. You remember that we have already discussed the issue of route summarization when we have a range of IP addresses. Let's take the first network 192.168.30.0/24 as an example and imagine that we have a router R1, to which the network 192.168.30.0/24 is connected with four IP addresses: 192.168.30.4, 192.168.30.5, 192.168.30.6 and 192.168.30.7 . The slash 24 means there are 256 valid addresses on this network, but in this case we only have 4 IP addresses.
If I say that all traffic for the 192.168.30.0/24 network should go through this route, it will be false, because an IP address like 192.168.30.1 may not be reachable through this interface. Therefore, in this case, we cannot use 192.168.30.0 as the first part of the address, but must specify which particular addresses will be available. In this case, 4 specific addresses will be available through the right interface, and the rest of the network addresses through the left interface of the router. That's why we need to set up a summary or summary route.
From the principles of summarizing routes, we remember that in one subnet the first three octets of the address remain unchanged, and we need to create a subnet that would combine all 4 addresses. To do this, we need to specify 192.168.30.4 in the first part of the address, and use 255.255.255.252 as the subnet mask in the second part, where 252 means that this subnet contains 4 IP addresses: .4, .5., .6 and .7.
If you have two entries in the routing table: the RIP route for the 192.168.30.0/24 network and the summary route 192.168.30.4/252, then according to the routing principles, the Summary route will be the priority route for specific traffic. Anything not related to this particular traffic will use the Network route.
This is what a summary route is - you sum up several specific IP addresses and create a separate route for them.
In the group of static routes, there is also the so-called "floating route", or Floating Route. This is a backup route. It is used when there is a problem with a physical connection on a static route that has an administrative distance value of 1. In our example, this is the route through the IP address 192.168.10.1. level, a backup floating route is used.
In order to use a backup route, at the end of the command line, instead of the IP address of the next hop, which by default has a value of 1, specify a different hop value, for example, 5. The floating route is not indicated in the routing table, because it is only used in when a static route is unavailable due to damage.
If you do not understand something from what I just said, watch this video again. If you still have questions, you can send me an email and I will explain everything to you.
Now let's start looking at Inter-Switch routing. On the left in the diagram, there is a switch that serves the blue network of the sales department. On the right is another switch that only works with the green network of the marketing department. In this case, two independent switches are used that serve different departments, since this topology does not use a common VLAN.
If you need to establish a connection between these two switches, that is, between two different networks 192.168.1.0/24 and 192.168.2.0/24, then you need to use a router. Then these networks will be able to exchange packets and access the Internet through the R1 router. If we used the default VLAN1 for both switches, connecting them with physical cables, they could communicate with each other. But since this is technically impossible due to the separation of networks belonging to different broadcast domains, a router is needed for their communication.
Let's assume that each of the switches has 16 ports. In our case, we do not use 14 ports, since there are only 2 computers in each of the departments. Therefore, in this case, it is optimal to use VLAN, as shown in the following diagram.
In this case, blue VLAN10 and green VLAN20 have their own broadcast domain. The VLAN10 network is connected by cable to one port of the router, and the VLAN20 network is connected to another port, while both cables come from different switch ports. It seems that thanks to this beautiful solution, we have established a connection between networks. However, since the router has a limited number of ports, we are extremely inefficient in using the capabilities of this device, occupying them in this way.
There is a more efficient solution - a "router on a stick". At the same time, we connect the switch port with a trunk to one of the ports of the router. We have already said that by default, the router does not understand encapsulation according to the .1Q standard, so you need to use a trunk to communicate with it. In this case, the following occurs.
The blue VLAN10 network sends traffic through the switch to the F0 / 0 interface of the router. This port is divided into sub-interfaces, each of which has one IP address located in the address range of either the 192.168.1.0/24 network or the 192.168.2.0/24 network. There is some uncertainty here - after all, for two different networks you need to have two different IP addresses. Therefore, although the trunk between the switch and the router is created on the same physical interface, we need to create two subinterfaces for each VLAN. Thus, one subinterface will serve the VLAN10 network, and the second - VLAN20. For the first subinterface, we need to select an IP address from the 192.168.1.0/24 address range, and for the second one, from the 192.168.2.0/24 range. When VLAN10 sends a packet, the gateway will be one IP address, and when the packet is sent by VLAN20, the second IP address will be used as the gateway. In this case, the "router on a stick" will make a decision regarding the passage of traffic from each of the 2 computers belonging to different VLANs. Simply put, we split one physical router interface into two or more logical interfaces.
Let's see how it looks in Packet Tracer.
I've simplified the diagram a bit, so we have one PC0 at 192.168.1.10 and a second PC1 at 192.168.2.10. When configuring the switch, I allocate one interface for VLAN10, the other for VLAN20. I go to the CLI console and enter the show ip interface brief command to make sure the FastEthernet0/2 and 0/3 interfaces are up. Then I look in the VLAN database and see that all the interfaces on the switch are currently part of the default VLAN. I then type the commands config t followed by int f0/2 in sequence to call the port to which the sales VLAN is connected.
Next, I use the switchport mode access command. The access mode is the default, so I just type this command. After that, I type switchport access VLAN10, and the system responds that since such a network does not exist, it will create VLAN10 itself. If you want to create a VLAN manually, for example, VLAN20, you need to type the vlan 20 command, after which the command line will switch to the virtual network settings, changing its header from Switch(config) # to Switch(config-vlan) #. Next, you need to name the created network MARKETING using the name <name> command. Then we configure the f0/3 interface. I sequentially enter the switchport mode access and switchport access vlan 20 commands, after which the network is connected to this port.
Thus, you can configure the switch in two ways: the first is using the switchport access vlan 10 command, after which the network is created automatically on a given port, the second is when you first create a network and then bind it to a specific port.
You can do the same with VLAN10. I'll go back and repeat the manual configuration process for this network: enter global configuration mode, enter the vlan 10 command, then name it name SALES, and so on. Now I will show you what happens if you do not do this, that is, let the system itself create a VLAN.
You can see that we have both networks, but the second one, which we created manually, has its own name MARKETING, while the first network, VLAN10, received the default name VLAN0010. I can fix this if I now enter the name SALES command in global configuration mode. Now you can see that after that, the first network changed its name to SALES.
Now let's go back to Packet Tracer and see if PC0 can communicate with PC1. To do this, I will open a command line terminal on the first computer and send a ping to the address of the second computer.
We see that the pinging failed. The reason is that PC0 sent an ARP request to 192.168.2.10 through gateway 192.168.1.1. At the same time, the computer actually asked the switch who this 192.168.1.1 is. However, the switch has only one interface for the VLAN10 network, and the received request cannot go anywhere - it enters this port and dies here. The computer does not receive a response, so the reason for the ping failure is given as a timeout. No response was received because there is no other device on VLAN10 other than PC0. Moreover, even if both computers were part of the same network, they would still not be able to communicate because they have a different range of IP addresses. In order to make this scheme work, you need to use a router.
However, before I show how to use the router, I will make a small digression. I will connect the Fa0/1 port of the switch and the Gig0/0 port of the router with one cable, and then I will add another cable that will be connected to the Fa0/4 port of the switch and the Gif0/1 port of the router.
I will bind the VLAN10 network to the f0/1 port of the switch, for which I will enter the int f0/1 and switchport access vlan10 commands, and the VLAN20 network to the f0/4 port using the int f0/4 and switchport access vlan 20 commands. If we now look at VLAN database, it can be seen that the SALES network is bound to the Fa0/1, Fa0/2 interfaces, and the MARKETING network is bound to the Fa0/3, Fa0/4 ports.
Let's go back to the router again and enter the g0 / 0 interface settings, enter the no shutdown command and assign an IP address to it: ip add 192.168.1.1 255.255.255.0.
Let's configure the g0/1 interface in the same way, assigning it the address ip add 192.168.2.1 255.255.255.0. Then we will ask to show us the routing table, which now has entries for networks 1.0 and 2.0.
Let's see if this scheme works. Let's wait until both ports of the switch and the router turn green, and repeat the ping of the IP address 192.168.2.10. As you can see, everything worked!
The PC0 computer sends an ARP request to the switch, the switch addresses it to the router, which sends back its MAC address to the computer. After that, the computer sends a ping packet along the same route. The router knows that the VLAN20 network is connected to its g0 / 1 port, so it sends it to the switch, which forwards the packet to the destination - PC1.
This scheme works, but it is inefficient, since it occupies 2 router interfaces, that is, we are irrationally using the technical capabilities of the router. Therefore, I will show how the same can be done using a single interface.
I will remove the two cable diagram and restore the previous connection of the switch and router with one cable. The f0 / 1 interface of the switch should become a trunk port, so I return to the switch settings and use the switchport mode trunk command for this port. Port f0/4 is no longer used. Next, we use the show int trunk command to see if the port is configured correctly.
We see that the Fa0/1 port is operating in trunk mode using the 802.1q encapsulation protocol. Let's look at the VLAN table - we see that the F0 / 2 interface is occupied by the VLAN10 sales department network, and the f0 / 3 interface is occupied by the VLAN20 marketing network.
In this case, the switch is connected to the g0 / 0 port of the router. In the router settings, I use the int g0/0 and no ip address commands to remove the IP address of this interface. But this interface still works, it is not in the shutdown state. If you remember, the router must accept traffic from both networks - 1.0 and 2.0. Since the switch is connected to the router by a trunk, it will receive traffic from both the first and the second network to the router. However, what IP address should be assigned to the router interface in this case?
G0/0 is a physical interface that does not have any IP address by default. Therefore, we use the concept of a logical subinterface. If I type int g0/0 on the line, the system will give two possible command options: a slash / or a dot. The slash is used when modularizing interfaces like 0/0/0, and the dot is used if you have a subinterface.
If I type int g0/0. ?, then the system will give me a range of possible numbers of the GigabitEthernet logical subinterface, which are indicated after the dot: <0 - 4294967295>. This range contains over 4 billion numbers, which means that you can create that many logical subinterfaces.
I will indicate the number 10 after the dot, which will indicate VLAN10. Now we have moved into the subinterface settings, as evidenced by the change in the heading of the CLI settings line to Router (config-subif) #, in this case it refers to the g0/0.10 subinterface. Now I have to give it an IP address, for which I use the command ip add 192.168.1.1 255.255.255.0. Before setting this address, we need to perform encapsulation so that the subinterface we created knows which encapsulation protocol to use - 802.1q or ISL. I type the word encapsulation in the line, and the system gives out possible options for parameters for this command.
I am using the encapsulation dot1Q command. It is not technically necessary to enter this command, but I type it in order to tell the router which protocol to use to work with the VLAN, because at the moment it works like a switch, servicing VLAN trunking. With this command, we indicate to the router that all traffic should be encapsulated using the dot1Q protocol. Next on the command line, I must specify that this encapsulation is for VLAN10. The system shows us the IP address in use, and the interface for the VLAN10 network starts working.
Similarly, I configure the g0/0.20 interface. I create a new subinterface, set the encapsulation protocol, and set the IP address with ip add 192.168.2.1 255.255.255.0.
In this case, I definitely need to remove the IP address of the physical interface, because now the physical interface and the logical subinterface have the same address for the VLAN20 network. To do this, I sequentially type the commands int g0 / 1 and no ip address. Then I disable this interface because we don't need it anymore.
Next, I return to the g0 / 0.20 interface again and assign an IP address to it with the ip add 192.168.2.1 255.255.255.0 command. Now everything will definitely work.
I now use the show ip route command to look at the routing table.
We can see that the 192.168.1.0/24 network is directly connected to the GigabitEthernet0/0.10 subinterface, and the 192.168.2.0/24 network is directly connected to the GigabitEthernet0/0.20 subinterface. I will now return to the PC0 command line terminal and ping PC1. In this case, the traffic enters the port of the router, which transfers it to the appropriate subinterface and sends it back through the switch to the PC1 computer. As you can see, the ping was successful. The first two packets were dropped because switching between router interfaces takes some time, and the devices need to learn MAC addresses, but the other two packets successfully reached the destination. This is how the "router on a stick" concept works.
Thank you for staying with us. Do you like our articles? Want to see more interesting content? Support us by placing an order or recommending to friends, 30% discount for Habr users on a unique analogue of entry-level servers, which was invented by us for you: (available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper? Only here in the Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - from $99! Read about
Source: habr.com