Understanding network routing

To understand something in the networking world, you have to understand the problem it's trying to solve. Memorizing the configuration options for a certain routing protocol won't help you until you understand what it's really doing. This article is designed to be a gentle introduction into the world of routing issues and concepts, arguably the most interesting and important part of networking, explaining the problems routing protocols address so you can understand why they do what they do.

Before we get into the details, a clarification. When you hear people refer to "non-routable addresses," they are talking about RFC 1918 IP addresses (i.e. private addresses). Despite the misleading label, they certainly are routable. You can and should have some 10.x.x.x networks for local access and management. They can even be co-mingled with your real routers. They are called "non-routable" because the Internet routers will drop them. You should drop these packets at your border. This is a point of confusion for a lot of people.

On to the topic at hand...
Routing, in essence, is the act of finding a path from one place to another on which a packet can travel. To find this path, we need algorithms. They will generally be distributed among many routers, allowing them to jointly share information. Routing is said to contain three elements:

1. Routing protocols, the things that allow information to be gathered and distributed.

2. Routing algorithms, to determine paths.

3. Routing databases to store information that the algorithm has discovered. The routing database sometimes corresponds directly to routing table entries, sometimes not.

My installment on layers actually introduces a bit of routing by talking about the paths an IP packet takes through operating systems and routers. What may not have been clear, though, is how the routing table lookup step works.

Remember subnetting? Most routers will simply find the shortest prefix in the routing table when it looks for a path for your packet. If there's a "host route," or /32 entry, that is always preferred. Any more specific routes, like the one that says what subnet you're on, will also be preferred before the default route is chosen.

We also need to understand some really basic problems with routing. Just like in Layer 2, routers need to be redundant. Redundancy always introduces the possibility of a loop, and every routing protocol has to deal with this. The idea of a network topology is pretty absurd in the context most people picture it. VLANs turned the world up side down in that regard. But in routing, topology is actually important, if you zoom out a bit.

The whole idea behind routers is that they will "pass it on," either in the correct direction, or on to their smarter peers. If your network core has a bunch of stubs connected, many of the stub routers will know nothing about each other. But they know "the way to everything" is through the core, and they simply forward packets that way. Hesitantly, we'll call this a star topology. Of course, I'm insulting your intelligence, because this is the concept of a default route. But pay attention here: This is how many dynamic routing protocols work. It isn't always the case that you'll pass a packet onto the all-knowing default router, instead sometimes you'll be passing the packet to the router that you know handles a certain subnet. The point is that you know nothing about the other routers behind the one that tells you "I am network X."

The previous paragraph really embodies what routing is. You get packets closer to the destination. Of course, you have to know what's at each destination, and that's what routing protocols tell you. It's really easy to jump back and fourth when talking about routing, so take note that all of the above was with the picture of a single network in mind. This is also known as a routing domain. A routing domain is a set of routers that are all under the same administrative control, presumably all running the same routing protocols.

When routing packets, we have a few paradigms to choose from. The telco world sets up a circuit for your telephone call as soon as you dial. The path is always the same, and it's very reliable. The IP world does not work that way, and it can handle much more traffic. The tradeoff is that you can get congestion, and sometimes fail to reach certain Web sites, whereas your telephone call will never drop because of congestion. The IP world can almost do this, through a mechanism called loose source routing. This is how it started: Each end node knew what hops it needed to take to reach its destination. Source-based routing doesn't scale, and introduces security problems. So we use dynamic routing protocols to figure out the paths for us. Take note that each direction can take a different path!

Routing protocols are broken up into a few different categories, in two senses. First, we have IGP, or Interior Gateway Protocols. RIP, OSPF, and IS-IS are a few IGP's you may have heard about. These are routing protocols that deal with intra-domain routing. EGP, Exterior Gateway Protocols, deal with inter-domain routing, between enterprises. Now defunct, EGP was actually a protocol, but BGP is now the standard inter-domain protocol.

Second, routing protocols are said to be of two categories in another sense: link-state, or vector-distance. The vector-distance approach is: "tell your neighbors about the world." This means that you will broadcast your entire routing table, to all your neighbors. The "vector" is the destination, and the "distance" is really a metric, or hop count. Link-state routing protocols "tell the world about your neighbors." The idea is to figure out who is "up" and broadcast that information about their link's state to all other routers. Link-state is very computationally intensive, but it provides an entire view of the network to all routers.

Most people prefer link-state protocols because they converge faster, which means that all of the routers have the same information. Link-state calculations take a long time, though, and happen every time we get an update, so they can't be used Internet-wide.