May 5, 2025
Routing
1-1. General.
Routing is the process by which network traffic is directed from it’s point of origin to its intended destination. Correct routing ensures orderly communication between separate networks.
1-2. Classification.
Routes are established in two principle forms: a. Static. Routes manually entered by the operator b. Dynamic. Routes automatically exchanged by routing protocols.
SECTION I
ROUTING TABLES
5-1. General
A routing table is the record maintained by a router that lists known networks, their associated metrics, and the next hop or interface to reach them. All forwarding decisions are based on this table.
5-2. Purpose.
a. Provide the router with instructions on where to send packets.
b. Record both manual(static) and dynamic learned routes.
c. Ensure packets take the most effecient or preferred path to the
destination
5-3. Structure.
Routing tables typically contain the following elements.
a. Network Destination. The network or host address being matched.
b. Subnet Mask/Prefix.
c. Gateway/Next Hop. IP of the next router toward destination.
d. Outgoing Interface. Local router interface to forward the packet.
e. Metric. Value used to select the best path when multiple exist.
f. Administrative Distance. Trustworthiness of the source route.
![[Screenshot 2025-08-27 133439.png]]
5-4 Route Sources.
a. Connected Routes. Directly attached networks. Installed automatically
when interface is up.
b. Static Routes. Manually configured by operator.
c. Dynamic Routes. Learned through routing protocols.
d. Default Route. Used when no other specific match is found.
5-5. Longest Match Rule.
When multiple routes could match a packets destination, the router selects the route with the most specific prefix (longest subnet mask.)
5-6. Lookup Process.
a. Packet arrives at router interface.
b. Router examines destination IP address.
c. Router scans routing table for the longest prefix match.
d. Router forwards packet listed next hop or interface.
e. If no route is found, packet is dropped or forwarded to default
gateway(if configured)
5-7. Inspection Commands.
a. Cisco IOS.
show ip route
b. Linux.
ip route show
c. Windows.
route print
5-8. Maintenance.
a. Static entries remain until altered by operator.
b. Dynamic entries are updated by protocols and aged out if not
refreshed.
c. Table size and efficiency must be monitored to prevent excessive load.
Section II
STATIC ROUTING
2-1. Definition.
2-2 Employment
Static routing is employed in small or stable networks where path changes are infrequent, or as a backup to dynamic routing/override.
2-3. Advantages
a. Simple to configure.
b. Secure. Routes do not change without operator action.
c. Requires no additional processing overhead.
2-4. Limitations.
a. Does not scale well as the network grows.
b. Does not adapt to link failure without operator intervention.
c. Increases administrative burden in larger systems.
2-5. Examples
a. Cisco IOS.
ip route 192.168.2.0 255.255.255.0 192.168.1.2
b. Linux
ip route add 192.168.2.0/24 via 192.168.1.2
c. Windows
route add 192.168.2.0 mask 255.255.255.0 192.168.1.2
Section III
DYNAMIC ROUTING
3-1. Definition.
Dynamic routing is the automatic determination and maintenance of network routes through the use of routing protocols. Routers exchange updates at intervals or upon change, and the protocols determine the best available path. Entries are placed in the routing table without operator intervention.
3-2. Employment.
Dynamic routing is employed in medium and large networks where manual routing is impractical. It is used when rapid adaptation to link or node failure is required.
3-4. Characteristics.
a. Routes are learned or updated automatically.
b. Protocols exchange routing information on a recurring basis or when
changes occur.
c. Operator intervention is required only for the initial setup.
3-5. Advantages.
a. Scales to large and complex topologies.
b. Provides automatic failover when a link becomes unavailable.
c. Reduces administrative workload compared to static routing.
3-6. Limitations.
a. Increases processor and memory load on routers.
b. Subject to misconfiguration or malicious injection of routes.
c. More complex to understand and troubleshoot than static routing.
3-7. Protocol Types.
a. Distance Vector. Each router advertises known networks and the
distance (hop count) to them. Examples: RIP, EIGRP.
b. Link-State. Each router maintains a complete map of the network and
computes the best path using algorithms such as Dijkstra. Examples:
OSPF, IS-IS.
c. Path Vector. Routes are advertised along with the full path of
autonomous systems. Example: BGP
3-8. Route Learning and Updates
a. Neighbor Discovery. Routers establish adjacency(sync) with other
routers using protocol-specific messages ("Hello" packets in OSPF
and EIGRP, or TCP sessions in BGP. Adjacency is
required before route exchange.
b. Advertisement.
Routers send routing information to neighbors. The contents vary by
protocol.
b1. Distance-Vector protocols advertise entire routing tables at
set intervals.
b2. Link-State protocols flood state information about interfaces
and links whenever change occurs.
b3. Path-Vector protocols(BGP) advertise destinations along with
complete sequence of autonomous systems.
c. Metric Evaluation.
Protocols assign a cost or metric to each path. Metrics may include hop
count, bandwidth, delay, reliability, or composite values.
The lowest cost path is placed in the routing table.
d. Periodic Updates. Some protocols (RIP) send updates at fixed
intervals to maintain knowledge. Others (OSPF, EIGRP) send updates
only when a change is detected.
e. Convergence. When a topology change occurs, routers exchange updates
until all routers in the network agree on the current state. Fast
convergence is critical for maintaining communication.
f. Route Aging. Protocols employ timers to remove stale routes, If an
update is not received within the hold-down period, the route is
marked invalid and removed from the table.
SECTION IV
ROUTING PROTOCOLS
4-1. General.
Routing protocols are the methods by which routers exchange information dynamically. Each protocol differs in operation, metric, and scalability.
4-2. Routing Information Protocol (RIP)
a. Type. Distance-Vector.
b. Operation.
(1) Advertises entire routing table to all neighbors every 30 seconds.
(2) Uses UDP port 520.
(3) Employs hop count as metric. Max 15 hops; 16 considered
unreachable.
c. Advantages. Simple. Widely supported.
d. Limitations. Slow convergence. Limited to small networks.
4-3. Enhanced Interior Gateway Routing Protocol (EIGRP)
a. Type. Advanced Distance-vector.
b. Operation.
(1) Establishes adjacency using Hello packets(multicast
224.0.0.10).
(2) Uses Diffusing Update Algorithm (DUAL) to compute loop-free
routes.
(3) Advertises only changes, not entire table.
(4) Supports multiple metrics: bandwidth, delay, reliability, load.
c. Advantages. Fast convergence. Efficient updates. Scales better
than RIP.
d. Limitations. Cisco proprietary (later opened but still mostly
Cisco).
4-4. Open Shortest Path First (OSPF).
a. Type. Link-State.
b. Operation.
(1) Builds a complete map of the topology through Link-State
Advertisements (LSAs).
(2) Uses Hello packets (multicast 224.0.0.5/6) to form adjacencies.
(3) Each router runs Dijkstra's Shortest Path First algorithm to
compute bet routes.
(4) Areas are used to compute best routes.
c. Advantages. Fast convergence. Scales to large enterprise networks.
Open standard.
d. Limitations. More complex to configure. Higher cpu and memory usage.
4-5. Intermediate System to Intermediate System (IS-IS)
a. Type. Link-State.
b. Operation.
(1) Similar to OSPF, maintains full topology.
(2) Uses CLNS (Connectionless Network Service) as transport.
(3) Divides networks into areas.
c. Advantages. Scales very large.
d. Limitations. Less common in enterprise. Steeper learning curve.
4-6. Border Gateway Patrol (BGP)
a. Type. Path-Vector.
b. Operation.
(1) Forms TCP sessions (port 179) between peers.
(2) Exchanges entire path information (autonomous system numbers) for
each route.
(3) Selects best path using attributes (AS-path, local preference, MED,
etc.).
(4) Designed for inter-domain (between ISPs) routing.
c. Advantages. Scales to internet size. Policy-based routing control.
d. Limitations. Complex. Slow convergence. Requires careful
configuration.
SECTION V
NETWORK ADDRESS TRANSLATION (NAT)
5-1. General.
Network Address Translation (NAT) is the process of modifying the source or destination address of IP packets as they pass through a router or firewall. It is employed to conserve public addresses and to provide controlled access between private and public networks.
5-2. Purpose.
a. Extend limited IPv4 address space.
b. Permit internal hosts using private addresses to reach external
networks
c. Conceal internal addressing schemes from outside observation.
5-3. Forms.
a. Static NAT. One-to-one mapping between private and public IP.
b. Dynamic NAT. Many-to-pool mapping, drawing from a group of available
public addresses.
c. Port Address Translation (Port Overload). Many-to-one mapping where
multiple private hosts share a single public IP, differentiated by
port numbers.
5-4. Employment.
a. used at network boundaries (gateway) between private LANs and the
internet.
b. NAT table translates the private address to public address, recording
the session in memory.
c. Reply packets are translated back using the stored table entry.
d. In PAT, translations are tracked by both IP address and TCP/UDP port
number.
5-5. Operation.
a. Packet enters NAT device with a private source address.
b. Nat table translates the private address to a public address,
recording said private IP.
c. When packets are sent back to the NAT device, a translation occurs,
using recorded IP in NAT table for routing to proper recipient.
d. In PAT, translations are tracked by both IP and TCP/UDP port number.
5-6. Advantages.
a. Conserves scarce IPv4 public addresses.
b. Provides basic security through address hiding.
c. Enable multiple internal hosts to share limited external addresses.
5-7. Limitations.
a. Breaks true end-to-end connectivity.
b. Adds processing overhead on translation device.
c. Can interfere with protocols embedding IP info in payload (VOIP, FTP)
d. Not required by IPv6.