Routing

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
7 hours 50 minutes
Difficulty
Beginner
CEU/CPE
8
Video Transcription
00:00
>> Let's talk about routers.
00:00
This chapter, we're going to focus on
00:00
how routers learn what they know.
00:00
The whole Internet is based on a series of routers
00:00
that direct traffic from
00:00
my system to anywhere in the world.
00:00
We want to figure out how it is
00:00
routers know the magic that they know.
00:00
One of the main ways that routers know is that they can
00:00
be told through a creation of manual static routes.
00:00
Which means a network administrator is
00:00
going to create a series of statements and say,
00:00
okay, if traffic is going to be
00:00
on the 10 network, go this direction.
00:00
Obviously, that's not what's happening on the Internet.
00:00
But for certain situations in my internal network,
00:00
that may be something that's used.
00:00
Usually, we allow our routers
00:00
to learn about their network and
00:00
other networks through a series
00:00
of dynamic routing protocols.
00:00
They're a handful.
00:00
We'll talk about RIP,
00:00
OSPF, and BGP in the next section.
00:00
BGP is what the Internet routers are using.
00:00
We'll also talk about a feature that
00:00
many routers have called NAT,
00:00
which is network address translation,
00:00
and it's best friend, PAT, port address translation.
00:00
Then we'll talk about access control lists
00:00
which are how we add security to routers.
00:00
For static routes, we can use command route add,.
00:00
There's also route p for persistent, and route print.
00:00
These are commands you'll want to know for the exam.
00:00
When we're creating static routes,
00:00
we use the command route add.
00:00
What we want to configure
00:00
is how to get the destination network.
00:00
If I want to get to the destination network,
00:00
on what interface on the router should traffic be sent?
00:00
Where is its next stop?
00:00
It's a little bit challenging
00:00
or not so much challenging as it is
00:00
time-consuming to go through and
00:00
configure static routes in all your routers.
00:00
However, if I do have a specific pathway that
00:00
doesn't change frequently or it doesn't change at all,
00:00
it might be good to use a static route in
00:00
that instance because
00:00
dynamic routing protocols are chatty.
00:00
They generate some additional traffic on the network.
00:00
If you have a route that doesn't need to be
00:00
learned or isn't something that comes and goes,
00:00
then a static route is probably best.
00:00
For many of the routes you need your devices to learn,
00:00
a routing protocol is probably the way to go.
00:00
There are three main ways of routing protocols;
00:00
one is called the Distance Vector,
00:00
then we have Link State,
00:00
and then we have our Exterior Gateway Protocols.
00:00
The ones you and I are most likely to work
00:00
with are distance vector or link state.
00:00
For distance vector routing,
00:00
these routers make their decision on the best path
00:00
based on how many hops away and in what direction.
00:00
For instance, a distance vector router is
00:00
always going to prefer two hops to three hops,
00:00
even if the three hop direction or
00:00
three hop link is at a much faster speed.
00:00
Distance vector routers are older than RAP,
00:00
which is routing information protocol.
00:00
We're on RIP version 2,
00:00
but it's still fairly dated.
00:00
The thing about RIP and
00:00
distance vector routing protocols is that they're
00:00
very easy to set up and they
00:00
don't generate a lot of traffic on the network.
00:00
They're pretty manageable for a very small network.
00:00
Quick and easy, wheel-like quick and easy.
00:00
The way these routers learn from
00:00
the network is from their neighbor,
00:00
and their neighbor learns from their neighbor.
00:00
That's a method called routing by rumor.
00:00
In the illustration, you can see router C is
00:00
connected to the four network and to the three network,
00:00
B is connected to the three network
00:00
>> and the two network,
00:00
>> A is connected to two network and the one network.
00:00
Each router only knows about
00:00
its directly connected network.
00:00
C only knows how to get to
00:00
the three network and the four network,
00:00
B only knows how to get to the two and three,
00:00
A only knows how to get to the one and two.
00:00
Ultimately, you can see that C is hey,
00:00
[inaudible] this information and
00:00
it's passing its routing table onto B.
00:00
It sends its routing table onto A until they
00:00
get updates about the various networks that exist.
00:00
That's routing by rumor.
00:00
The problem with that is that it takes
00:00
a long time for what we've referred to as convergence,
00:00
which means learning if there's a network change.
00:00
Another problem is we see that router C
00:00
is directly connected to the four network.
00:00
Because B is one hop from C,
00:00
if you look in B's routing table
00:00
and what's highlighted in green,
00:00
it says, okay, I'm one hop away from four network.
00:00
A says, well, I'm two hops
00:00
away from the four network because I'm
00:00
one hop from B who's one hop from C. So far so good.
00:00
That's how routing by rumor is supposed to work.
00:00
Let's say that that link between B and C goes down.
00:00
B can no longer get to
00:00
router C and can get to the fourth network.
00:00
B starts to listen to A,
00:00
and A says, "I'm two hops away from the four network."
00:00
B says, "Well, I'm a hop away from A,
00:00
I must be three hops."
00:00
C listens and says,
00:00
"I must be four hops," and then B hear C and says,
00:00
"I must be five hops," and A says,
00:00
"I must be six hops."
00:00
Basically, what's happening is
00:00
a process called count infinity.
00:00
It winds up happening if there are
00:00
no controls in place to keep
00:00
these routers from learning from each other
00:00
going different pathways when there's a downlink.
00:00
One of the things that cracks me up is
00:00
the way the RIP deals with that count infinity issue.
00:00
It says infinity as a number 16.
00:00
Sixteen is a high as we go to infinity.
00:00
What that means is once we count to the infinity,
00:00
process, B says,
00:00
"I'm 15 hops away",
00:00
then C says, "Oh, that makes me an infinite distance."
00:00
Therefore, there is a downlink.
00:00
That's one of the ways we deal with count to infinity,
00:00
and that's called poisoning the route.
00:00
The other thing about poisoning
00:00
the route is poison reverse.
00:00
It basically means that once that route is down,
00:00
C sends a message out saying,
00:00
"I'm 15 hops away from network 4," and
00:00
then B and A automatically know that's a dead network.
00:00
That's really how we counteract count to infinity.
00:00
There's also something called split horizon
00:00
which means that if you look at counter C,
00:00
it's sending information about
00:00
the four network on its Ethernet zero interface.
00:00
What split horizon means is it's not going to learn
00:00
information about the foreign network
00:00
on its Ethernet zero interface.
00:00
It's not going to send information to B and A and
00:00
learn information from B and A about the specific link.
00:00
Basically, these are just controls
00:00
that are built into RIP
00:00
that can be enabled to deal with
00:00
that problem called count to infinity.
00:00
With link-state routing protocols,
00:00
the most common is called OSPF,
00:00
open shortest path first.
00:00
Nice thing about OSPF is
00:00
rather than learning about the network from neighbors,
00:00
OSPF allows each router to learn about
00:00
the network on its own and
00:00
>> create its own topology table.
00:00
>> Every router directly communicates
00:00
with every other router through what
00:00
are called LSAs or link-state advertisements.
00:00
It continues to make sure that
00:00
the network is available through
00:00
these little link-state advertisements because they are
00:00
essentially constantly checking in
00:00
to make sure that they're still there.
00:00
When that router doesn't hear
00:00
the LSA from a specific router,
00:00
it assumes and it marks
00:00
that router as being dead or not available,
00:00
and then learns
00:00
different pathways throughout the network.
00:00
The problem with this is
00:00
that it's very resource-intensive.
00:00
RIP is good for smaller outdoor routers
00:00
that don't have a lot of processing capability.
00:00
But with link-state routers or link-state protocols,
00:00
you don't have a lot of memory,
00:00
and that's a lot of processing capability to
00:00
build these topology tables to track this information.
00:00
It's very resource-intensive and
00:00
is designed for larger networks.
00:00
Then you have Border Gateway Protocol,
00:00
and we really aren't going to get into
00:00
the border gateway routers because
00:00
these are the routers that are
00:00
used throughout the Internet.
00:00
That's a discussion for another day.
Up Next