- Objective 1.1: Compare the layers of the OSI and TCP/IP models
- Objective 1.2: Classify how applications, devices, and protocols relate to the OSI model layers
- Objective 1.3: Explain the purpose and properties of IP addressing
- Objective 1.4: Explain the purpose and properties of routing and switching
- Objective 1.5: Identify common TCP and UDP default ports
- Objective 1.6: Explain the function of common networking protocols
- Objective 1.7: Summarize DNS concepts and its components
- Objective 1.8: Given a scenario, implement the following network troubleshooting methodology
- Objective 1.9: Identify virtual network components
Objective 1.4: Explain the purpose and properties of routing and switching
Routers and switches are the two basic connectivity devices used to join individual LANs into internetworks. Routing is the process of forwarding data packets from one network to another, until they reach their final destinations. A switch is a multiport bridging device in which each port forms a separate network segment. Similar in appearance to a hub, a switch receives incoming traffic through any of its ports and forwards the traffic out to the single port needed to reach the destination.
Both routing and switching are complex processes that require the additional functionality of many other specialized TCP/IP processes and protocols. This objective covers a good many of these processes and protocols, knowledge of which is essential for the Network+ exam.
Exam need to know
Explain the purpose and properties of routing tables.
For example: Why does every TCP/IP system need a routing table?
Explain the differences between static and dynamic routing.
For example: What tools do you use for static routing?
Explain the function of routing metrics.
For example: Where do routing metric values come from?
Explain the meaning of next hop routing.
For example: What is a hop and what is its significance to the routing process?
Explain the differences between link state, distance vector, and hybrid routing protocols.
For example: How does a link state protocol measure route efficiency?
Explain the purpose and properties of RIP.
For example: What is the difference between RIPv1 and RIPv2?
Explain the purpose and properties of EIGRP.
For example: How does EIGRP evaluate the efficiency of routes?
Explain the purpose and properties of OSPF.
For example: How does OSPF offer an improvement over RIP?
Explain the meaning of convergence.
For example: Why is a network’s convergence state significant?
Explain the purpose of the Spanning-Tree Protocol.
For example: What switching problem does the Spanning Tree Protocol address?
Explain the purpose and properties of 802.1q VLANs.
For example: Why are VLANs needed on switched networks?
Explain the purpose of port mirroring.
For example: Why do administrators need mirrored ports?
Explain the differences between broadcast domains and collision domains.
For example: What effect do switches have on collision domains?
Explain the differences between IGP and EGP.
For example: What exterior gateway protocol is in common use today?
Every host on a TCP/IP network has a routing table that holds the information the system uses to send packets to their proper destinations. On a LAN, routing is essentially the process of determining what data-link layer protocol address the system should use to reach a particular IP address. In the case of an Ethernet LAN, IP must determine what MAC address the system should use in its Ethernet frames.
If a computer wants to transmit a packet to a destination on the local network, for example, the routing table instructs it to address the packet directly to that system. This is called a direct route. If a packet’s destination is on another network, the routing table supplies the address of the router that the system should use to reach that destination.
Remember that data-link layer protocols such as Ethernet can only send frames to the local network. Because the final destination of the packet is on a distant network, the Ethernet destination on the local network must be a router. This is called an indirect route.
True or false: On a TCP/IP network, every router and computer has its own routing table.
Answer: True. Every host on a TCP/IP network must have a routing table to determine where to send its packets. This includes routers and computers.
True or false: The default gateway is usually the first entry in a computer’s routing table.
Answer: True. The default gateway is the router that a system uses for all packets with destinations not listed in the routing table.
Static vs. dynamic routing
There are two techniques for updating a routing table: static routing and dynamic routing. In static routing, a network administrator manually creates routing table entries, using a program designed for this purpose. In dynamic routing, routers use specialized protocols to create routing table entries automatically.
True or false: Static routing is suitable only for relatively small networks.
Answer: True. Static routing requires administrators to type the information for each route, often using a command line program with a cryptic syntax. Therefore, it is a time-consuming process that is prone to errors.
Each entry in a routing table contains a metric, which is a value that specifies the efficiency of the route. Metric values are relative; a lower value indicates a more efficient route than a higher value. When a routing table contains multiple routes to the same destination, the system always uses the table entry with the lower metric value.
The term hop count refers to the distance between two networks, based on the number of routers that packets must pass through on the way from the source to the destination. Distance vector routing protocols use hop counts to create metric values in routing table entries. A route with fewer hops is considered to be more efficient than one with more hops.
The size of IP packets depends on the data-link layer protocol the network is using. The transmitting system uses the maximum transmission unit (MTU) of the connected network to determine how large each datagram should be. The MTU is the largest possible frame supported by the data-link layer protocol. Using the largest frame conserves bandwidth by eliminating the overhead involved in transmitting multiple packets instead of one. If, during the journey from source to destination, a packet encounters a network with a smaller MTU, the router for that network fragments the packet into smaller pieces and transmits each one individually.
One of the criteria that link state protocols use to evaluate routes is the route cost. The route cost is a metric assigned by the network administrator used to rate the relative usability of a route. The cost can refer to the literal financial expense incurred by the link, or any other pertinent factor. By using criteria such as this, link state protocols reflect the latency of network routes more precisely. Latency is the time required for data to travel from one location to another.
True or false: The metric values in a routing table must be 15 or less.
Answer: False. The Routing Information Protocol (RIP) uses metric values that can be no larger than 15, but that is a limitation of the protocol, not of the routing table.
True or false: On a network that uses static routing, administrators can use any values they wish for the routing table metrics.
Answer: True. In static routing, the metric values are relative, and have no statistical meaning. All that matters when there are two routes to the same network is which has the lower metric value.
True or false: IPv4 and IPv6 routers both fragment packets when necessary.
Answer: False. In IPv6, intermediate routers do not fragment packets. Instead, end systems use Path MTU Discovery to determine the MTU for an entire route from source to destination.
The term next hop refers to the next router on a packet’s path through an internetwork to its destination. Routing table entries specify only the next hop that a packet should take, not the entire route. RIPv2 routes have a Next Hop field that contains the address of the next router, which in a Windows routing table goes in the Gateway field.
True or false: In distance vector routing, a hop between two LANs in the same building carries the same weight as a transoceanic hop between networks on different continents.
Answer: True. The fundamental flaw of distance vector routing is its reliance on hop counts that do not consider the distance or relative speed of the links between routers.
Link state vs. distance vector routing
A routing protocol that uses metrics based on the number of hops to the destination is called a distance vector protocol. The metric value included with each route determines the efficiency of the route, based on the number of hops required to reach the destination. In a distance vector routing protocol, every router on the network advertises its routing table to its neighboring routers. Each router then examines the information supplied by the other routers, chooses the best route to each destination network, and adds it to its own routing table.
Distance vector routing has a fundamental flaw: it bases its routing metrics solely on the number of hops between two networks, which is not always efficient. When an internetwork consists of multiple LANs in the same location, all connected using the same data-link layer protocol, the hop count is a valid indicator. However, when WAN links are involved, a single hop can refer to anything from a high-speed leased line to a dial-up modem connection. It is therefore possible for traffic moving over a route with fewer hops to take longer than one with more hops.
The alternative to distance vector routing is called link state routing. A link state routing protocol works by flooding the network with messages called link state advertisements. Each router receiving such a message propagates it to its neighbors, incrementing a sequence number value for each entry that indicates its distance from the source. Using these advertisements, each router compiles a map of the network and uses it to construct its own routing table.
True or false: Link state routing protocols are preferable on an internetwork with links running at different speeds.
Answer: True. Link state routing evaluates the efficiency of a route based on actual transport times, not hop counts.
True or false: Distance vector routing protocols impose a greater processing burden on routers than link state protocols.
Answer: False. Link state routing is more complex than RIP and requires more processing by the router.
The Routing Information Protocol (RIP) is a popular interior gateway protocol in the TCP/IP suite. When a RIP router starts, it generates a RIP request and transmits it as a broadcast over all of its network interfaces. Upon receiving the broadcast, every other router on any network that supports RIP generates a reply message that contains its routing table information. A reply message can contain up to 25 routes. When the router that sent the request receives the replies, it integrates the routing information in the reply messages into its own routing table.
The metric value included with each RIP route determines the efficiency of the route, based on the number of hops required to reach the destination. When routers receive routing table entries from other routers using RIP, they increment the value of the metric for each route to reflect the additional hop required to reach the destination.
RIP version 1 is widely criticized for the large amount of broadcast traffic it produces, and for its lack of a subnet mask field. Version 2 of the protocol adds a subnet mask field and support for the use of multicast transmissions instead of broadcasts.
True or false: Because it lacks a subnet mask field, RIPv1 can only be employed on networks that use classful IP addressing.
Answer: True. Without a subnet mask, the only way a router receiving RIPv1 data can identify the size of the network identifier in an address is to read the class from its first few bits. For subnetted classes, or for classless addressing, each RIP route must include a subnet mask.
True or false: RIPv1 is a distance vector routing protocol, but RIPv2 is a link state protocol.
Answer: False. RIP is a distance vector protocol in both versions, which uses hop counts to generate its metrics.
The Enhanced Interior Gateway Routing Protocol (EIGRP) is a hybrid between a distance vector and a link state protocol, relying on six vector metrics to compare the value of entries in a computer’s routing table. These vector metrics are as follows:
- Bandwidth The bandwidth of the link between the router and the destination network
- Load The relative traffic saturation of the link between the router and the destination network
- Delay The total transmission delay between the router and the destination network
- Reliability The relative reliability of the link between the router and the destination network
- MTU The path maximum transfer unit (MTU) value of the link between the router and the destination network
- Hop count The number of intermediate systems between the router and the destination network
True or false: EIGRP was conceived after RIP and before Open Shortest Path First (OSPF).
Answer: True. Before OSPF became available, the outcry against RIP grew so loud that Cisco Systems came out with the Interior Gateway Routing Protocol (IGRP), and eventually EIGRP.
OSPF is a link state routing protocol that, unlike RIP and most other TCP/IP protocols, uses messages that are encapsulated directly in IP datagrams, not in TCP segments or UDP datagrams. Link state routing, as implemented in OSPF, uses a formula called the Dijkstra algorithm to judge the efficiency of a route based on criteria such as the following:
- Hop count Though link state routing protocols still use the hop count to judge a route’s efficiency, it is only part of the equation.
- Transmission speed The speed at which the various links operate is an important part of a route’s efficiency. Faster links obviously take precedence over slow ones.
- Congestion delays Link state routing protocols consider the network congestion caused by the current traffic pattern when evaluating a route, and bypass links that are overly congested.
- Route cost The route cost is a metric assigned by the network administrator used to rate the relative usability of various routes. The cost can refer to the literal financial expense incurred by the link, or any other pertinent factor.
True or false: OSPF evaluates routes by counting the number of hops between the source and the destination.
Answer: False. OSPF is a link state protocol, which relies on a combination of factors to evaluate routes, rather than counting hops.
True or false: OSPF is a more suitable routing protocol than RIP for an internetwork spanning multiple sites with WAN links running at different speeds.
Answer: True. Because OSPF uses actual performance criteria to evaluate routes, rather than hop counts, it is a better choice than RIP for internetworks with links running at various speeds.
Convergence is the process of updating the routing tables on all of a network’s routers in response to a change in the network, such as the failure or addition of a router. Distance vector protocols such as RIP have a rather slow convergence rate because updates are generated by each router asynchronously, that is, without synchronization or acknowledgment. Link state routing protocols judge the relative efficiency of routes more precisely and have a better convergence rate than RIP.
True or false: The convergence rate of a network is based in part on the routing protocols it uses.
Answer: True. Link state routing protocols generally provide a better convergence rate than distance vector protocols, but there are other factors that affect convergence as well, such as the presence of relatively slow WAN links..
True or false: Convergence rates are only an issue with networks that use dynamic routing.
Answer: True. On a network that uses static routing, there are no dynamic routing protocols, so convergence is only a reflection of how long it takes the administrator to update all of the routing tables on the network.
Spanning Tree Protocol
Installing multiple switches on a network can provide fault tolerance if a switch fails. However, it is also possible for the switches to begin forwarding traffic in an endless cycle, a condition called a switching loop (or a bridge loop, because it can also occur with bridges).
To address the problem of bridge looping, switches (and bridges) use a technique called the Spanning Tree Protocol (STP). STP is a data-link layer protocol that selects a non-redundant subset of switches to form the spanning tree, deactivating the others. Data circulating throughout the network uses only the switches in the tree unless a switch fails, in which case the protocol activates one of the inactive switches to replace it.
True or false: The Spanning Tree Protocol is only needed on networks with multiple switches per segment.
Answer: True. Switching loops only occur when there are multiple switches forwarding packets back and forth to each other.
A virtual LAN or VLAN is a group of systems on a switched network that functions as a logical network segment. The systems on a VLAN can communicate locally with each other, but not with systems on other VLANs. The physical network is still switched, however; the VLANs exist as a logical overlay to the switching fabric, as shown in Figure 1-4.
The standard that defines the use of virtual LANs on an Ethernet network is IEEE 802.1q. Network administrators create VLANs by using a web-based configuration utility built into the switch. With this utility, administrators can specify the MAC addresses or switch ports of the systems that are to be part of each VLAN. Because VLANs are independent of the physical network, their members can be located anywhere, and a single system can even be a member of more than one VLAN. For systems in different VLANs to communicate, the switch must use routers, either physical or virtual.
Figure 1-4 VLANs on a switched network.
True or false: VLANs are only necessary on networks that use switches instead of routers.
Answer: True. On a routed internetwork, the routers create the subnets that divide the network, so there is no need for VLANs.
True or false: Virtual LANs cannot communicate with physical LANs.
Answer: False. Using routers, VLANs can communicate with each other and with physical LANs.
On a switched network, capturing traffic for monitoring and analysis is difficult, because switches forward incoming unicast traffic only to its intended recipient. A protocol analyzer connected to a standard switch port therefore has access only to one computer’s incoming and outgoing traffic, plus any broadcasts transmitted over the local network segment.
To monitor or capture all of the traffic transmitted on the network, you must plug the computer running the protocol analyzer into a switch that supports port mirroring. Switches that support port mirroring have a special port to which they send all incoming traffic.
True or false: You must employ switches that support port mirroring if you want to connect switches together to create a single network.
Answer: False. Port mirroring is only required if you want to use a protocol analyzer or other device to monitor or capture all of the traffic transmitted over the network.
Broadcast domains and collision domains
A broadcast domain is the group of computers that will receive a broadcast message transmitted by any one of its members. A LAN typically forms a single broadcast domain, because hubs, switches, and bridges all propagate broadcast transmissions to every system connected to them. Routers do not propagate broadcasts, however, so connecting two segments with a router creates two broadcast domains.
A collision domain is a group of network devices connected in such a way that if two devices transmit at the same time, a collision occurs. Ethernet LANs that use a shared network medium, such as bus networks or hub-based star networks, form a single collision domain, as do wireless LANs based on IEEE 802.11. Most Ethernet LANs today, however, use switches, which either create a separate collision domain for each pair of devices, in the case of a half-duplex connection; or eliminate collisions entirely, in the case of a full-duplex connection.
True or false: Splitting a hub-based Ethernet network in two by adding a bridge creates two separate collision domains.
Answer: True. Bridges wait until they receive an entire packet before they forward it out through the other port. Therefore, if computers on opposite sides of the bridge transmit at once, the packets will be delayed and will not collide.
True or false: Switches create a separate broadcast domain for each pair of devices connected to them.
Answer: False. Switches forward broadcast packets out through all of their ports, just like hubs, so they maintain a single broadcast domain for all of their connected systems.
IGP vs. EGP
Routing protocols are generally divided into two categories: interior gateway protocols (IGPs) and exterior gateway protocols (EGPs). On the Internet, a collection of networks that fall within the same administrative domain is called an autonomous system (AS). Autonomous systems are the largest and highest-level administrative units on the Internet. Autonomous systems have unique identifiers called autonomous system numbers (ASNs), consisting of two 16-bit decimal numbers, separated by a period.
The routers within an AS use an IGP, such as the RIP or the OSPF protocol, to exchange routing information among themselves. At the edges of an AS are routers that communicate with the other ASes on the Internet, using an exterior gateway protocol (as shown in Figure 1-5) such as the Border Gateway Protocol (BGP) or the Exterior Gateway Protocol (EGP).
Figure 1-5 IGPs and EGPs within and between autonomous systems.
True or false: Link state routing protocols are used for exterior gateway routing, and distance vector protocols are used for interior gateway routing.
Answer: False. Both link state and distance vector protocols are used for interior gateway routing.
Can you answer these questions?
Find the answers to these questions at the end of this chapter.
- What is one of the advantages of creating VLANs on a large switched network?
- How can switching from RIPv1 to RIPv2 help to conserve bandwidth on a LAN?
- How does the Spanning Tree Protocol prevent switching loops?
- What are the main differences between RIPv1 and RIPv2?
- Why is convergence an important factor in the routing process?