Router fully explained

Router

This is a hardware device that routes data (hence the name) from a local area network (LAN) to another network connection. A router acts like a coin sorting machine, allowing only authorized machines to connect to other computer systems. Most routers also keep log files about the local network activity.

Working principle of routers:-

Routing is the process of forwarding IP packets from one network to another. A router is a device that joins networks together and routes traffic between them. A router will have at least two network cards (NICs), one physically connected to one network and the other physically connected to another network. A router can connect any number of networks together providing it has a dedicated NIC for each network.

Basic Routing - Connecting two subnets

Having two networks with one router is extremely simple and easy to configure. Once we move onto bigger networks with multiple routers however, things get a little more complicated. For example, if we have just 3 networks we can connect them in two different ways; one way is to daisy chain them together using only 2 routers. The other way would be to connect them directly to each other using 3 routers.

Different Router Configurations

In configuration 1 if router A or B went down no machines from subnet A would be able to communicate with subnet C as there is only one path to it. But, if we add an additional router between subnets A and C we now have two routes to Subnet C which makes our network more efficient.

Routers don’t just route traffic to other networks, they learn which are the fastest routes and use them first. Using configuration 2 from above subnet A has two routes to subnet C; one directly through Router C (1 hop) and one through Router A then B (2 hops). When sending traffic from subnet A to C we obviously want it to try going directly through Router C first. This is the quickest and most efficient route but how does the router know this? It knows by using something called a metric value. Each route the router knows of has a metric value assigned to it. A metric value is basically a preference number. If there are two routes to the same destination then the one with the lowest metric is assumed to be the most efficient. Routers will always use this route first until it fails, in which case it will then try the route with the next lowest metric and so on. Routers store all this information in a routing table.

ROUTING TABLE:-

All network devices that use the TCP/IP protocol have a routing table, even your Windows PC has one. ALL devices use their routing table to determine where to send packets. Without a routing table your PC wouldn’t even be able to communicate with computers on the same subnet. Here is a screenshot of the routing table of my PC. To see your own routing table open a command prompt by typing CMD in the run or search box. Then at the command prompt type “”route print” and press enter.

Here are the TCP/IP settings of my PC:
IP Address: 192.168.111.55
Subnet mask: 255.255.255.0
Default gateway: 192.168.111.254

Before continuing you should know how the subnet mask works to define the start and end range of a subnet. If you do not you need to read computer networking basics now.

Each line is a route to a specific network or device. The routes you can see in the picture are the default routes Windows creates for a PC. Let’s examine my routing table and take a look at each line:

• 0.0.0.0 – The 0.0.0.0 network combined with the netmask (subnet mask) of 0.0.0.0 means ALL IP addresses. Note how this is the only line where the gateway is 192.168.111.254. This line tells the computer that for ALL traffic no matter what the destination IP address is send it to 192.168.111.254. This as you may have noticed is my default gateway. This is a default route created by Windows when you configure your TCP/IP settings . It is the last route it evaluates if it can’t find a more specific match in the routing table.
• 127.0.0.0 – The next 3 lines are entries for the loopback address and can be ignored. These are default entries but notice the gateway says “On-link”. This means that these addresses are directly accessible on the local LAN and do not need to be routed through another network. Although 127.0.0.1 is assigned to the local NIC, if these entries where not in the routing table your PC would try to send these to the default gateway as the next entry it would closely match would be the 0.0.0.0 one.
• 192.168.111.0 – These next 3 lines are for your local network. The first one is the entire 192.168.111.x range as defined by the netmask of 255.255.255.0. Again as this network is local it says “on-link” in the gateway. These are created automatically like the others when you configure your TCP/IP settings.
• 224.0.0.0 – These are also default entries for multicasting and can be ignored for the purpose of this article.
• 255.255.255.255 – This is also a default entry and can be ignored.

How the Routing Table is Processed

Before sending a packet your PC looks up the destination IP address in the routing tableto determine the best route possible. A more specific match will take priority over others. For example if our PC from above wants to send data to 192.168.111.9 it first looks this up in it’s routing table and finds the entry 192.168.111.0. It also finds the 0.0.0.0 entry but as 192.168.111.0 is a closer match it takes priority. If I were to add a static entry (which we’ll come onto later) of 192.168.111.9 with a netmask of 255.255.255.255 this is an EXACT match so this would take priority over the 0.0.0.0 AND 192.168.111.0 entries. Once it finds a match it then checks the gateway column where in the case of our 192.168.111.0 entry it finds the “on-link” status. The on-link status tells the machine that this network is directly attached so it sends the packets directly to 192.168.111.9 using the NIC with interface 192.168.111.55.

If a PC can’t find a matching entry in the routing table it will fail. It will also fail if the routing table is wrongly configured. For example what do you think would happen if we remove all the entries starting with 192.168.111? If I try to connect to any IP address starting with 192.168.111 there won’t be a specific entry for this anymore so the next best route is 0.0.0.0. This route tells my PC to forward the packets to the gateway 192.168.111.254 which would consequently fail of course. The same would happen if I left those entries in but changed the gateway from “on-link” to 192.168.111.87 (a random IP). What I am telling my PC to do now is forward all traffic for the 192.168.111.0 network to 192.168.111.87 instead of going directly to the PC’s. As you can see this would also fail.

You may be wondering what the interface column is for? Well if you remember, routers have two NIC’s. When a router forwards packets it doesn’t know which NIC to use without this value. In the case where there is only one NIC in a device (like a PC) this value would be pointless, but when there are two or more NICs you must tell the router which one to use for a given route.

A Step by Step Routing Example

Let’s expand on the above network 192.168.111.0 and take a look at the router 192.168.111.254. The routing table will be similar to the one above but will obviously have references to it’s own IP address rather than 192.168.111.55. We will join the router to another subnet with it’s second NIC. We assign it an IP address of 192.168.1.254 with a subnet mask of 255.255.255.0. Doing so automatically adds more entries into the routing table. We would now have an additional entry as follows:

destination address 192.168.1.0, netmask 255.255.255.0, gateway on-link, interface 192.168.1.254.

From everything learned so far we can now trace the exact steps taken when one computer communicates with another on a different subnet. Now our router is aware of two subnets and it knows that it is directly attached to both of them via it’s respective interfaces. This is what happens when our PC  with IP 192.168.111.55 communicates with a PC on the other subnet (192.168.1.9):

• Using the same methods above the PC looks at the destination IP address of 192.168.1.9 and looks at it’s routing table to find a match.
• As the PC doesn’t know of the 192.168.1.x network the closest match it finds is the 0.0.0.0 match (that means ANYWHERE). This entry already explained above is the default gateway and it’s scope covers every IP range. In this entry it finds the gateway of 192.168.111.254. The PC now knows that to get to the 192.168.1.x network it must forward the packets onto 192.168.111.254 and does so.
• The router receives these packets on interface 192.168.111.254 and examines it’s own routing table. It finds a match for this network (192.168.1.0) which states it is directly attached to (on-link) through the interface assigned with IP 192.168.1.254. The router sends the packet out through this interface and on it’s way. As the packet is now on the destination network it goes directly to the machine and the job of the router is done.
• The exact same thing happens when 192.168.1.9 sends a packet back to 192.168.111.55. The PC looks at it’s local routing table and the closest match it finds is the 0.0.0.0 network with interface 192.168.1.254 (due to it’s own default gateway being set to this).
• The PC sends the packets to the router with IP 192.168.1.254. The router checks it’s routing table and finds a match for the 192.168.111.0 network out the 192.168.111.254 inteface and sends it on its way directly to 192.168.111.55.

In summary all devices have a routing table, without it they wouldn’t know where to send packets to. When a PC sends packets to another PC it looks at it’s routing table to determine the best route possible. If it finds the destination address is “on-link” it knows it is part of the same subnet as the destination and sends the packets directly to the PC. If not it forwards the packet onto whatever is in the gateway field of the matching route entry. This same process is repeated at every router/hop along the way until it eventually arrives at a router that is part of the destination network. The router then sends the packets directly to the destination PC.