Probably you know how to check the existing routes (or even add/modify routes) on Linux using route or netstat command. You migh’ve done that without understanding much about how IP routing works.
This article will help you understand the principles behind the IP routing and how it works.
This is the 1st part in the IP Routing series of articles.
IP routing involves forwarding of IP datagrams. Its a simple process in which the host sends the IP datagram directly to the destination if the destination host is connected. For example, through a point to point link or through a shared network. If the destination host is not directly connected then the host sends the IP datagram to the default router and lets the router decide where to send the IP datagram further.
Routing Principles
A fundamental difference between a normal host and a router is that a host never forwards a datagram from one interface to other while a router can forward a datagram.
Today, most of the multiuser systems can be configured to act as a router. So, a common routing algorithm can be specified that can be used by the router as well as by a host. When a host can act like a router, it is generally said that the host has an embedded router functionality. Such a host which has an embedded router functionality should never forward datagrams until and unless configured to do so ie configured to act like a router.
IP layer maintains a routing table which it uses while making decisions about what to do with the datagram received. When the data gram is received from the network then IP layer first checks its IP address to see if the IP address is of its own or not.
In case the destination IP address in the datagram is of its own then the datagram is sent to the appropriate protocol at the transport layer but if the destination address is not of its own then the datagram is forwarded if the host was configured to act like a router otherwise the datagram is discarded.
The data in routing table is generally in the form of entries. A typical routing table entry contains the following main entries :
- Destination IP address : This field represents the IP address of the destination. This IP address could be the address of a single host or could that be of a network. If this entry contains the IP address of a host then it is signified by a non zero host ID in the address while if the entry contains the IP address of a network then it is signified by a host ID value of 0.
- IP address of next router : Why have we used the term ‘next’ is because this is not always the final router but it could very well be an intermediate router. This entry gives the IP address of the next router which decides how to further send an IP data gram received on its interface.
- Flags : This field provides another set of vital information like destination IP address (specified above) is a host address or a network address. Also, flags convey whether the next router (specified above) is really a next router or a directly connected interface.
- Network interface specs : Some specification about the network interface the datagram should be passed for further transmission.
How Basic Routing Works?
So if we briefly try to visualize the routing process now, then we see that as soon as a datagram from a network is received at the IP layer of a host (which is configured to act like a router) then after verifying that the destination IP address in the packet is not that of this host the routing tables are consulted.
Any entry whose first field matches the destination IP address completely(a host) or partially (a network) would signal the IP address of the next router. This is the vital information that a host (acting like a router) would require to forward a packet as this information directly tells on which next router the datagram should be forwarded to. All the other fields in the entry support the decision making by providing more information for routing.
In the paragraph above we build a basic understanding but if we try to get a level deeper then the following points give the detailed information about the routing table algorithm:
- First the routing table is searched for an entry whose ‘Destination IP address’ field matches the datagram destination IP address completely. By completely, it is meant that the host ID and network ID of the IP addresses match. If found, then the datagram is sent to that interface or to the intermediate router.
- If a complete match is not found then a search for matching network ID is done. If found then the datagram is forwarded to the indicated router. So we see that all the hosts on this network are managed by this single entry in the routing table.
- If none of the above two is true then the datagram is forwarded to a ‘default router’.
- If the above step also fails ie there is not default router then the datagram ends up being undeliverable. Any undeliverable datagram would produce an ICMP host unreachable or ICMP network unreachable error and this error is returned to the application that generated this datagram.
Sometimes one would ask as to why there are two types of entries in the routing table or to be more precise why network related entries are needed in a router? Well, having entries in routing table corresponding to networks has a big advantage. The advantage is that by having an entry related a complete network avoids the need to have a huge number of separate entries of each host on that network. This brings down the size of the routing table to a significant level which is always good.
Command to list routing tables
You can use netstat command to list the routing tables as shown below.
$ netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
The output provides a detailed information in the destination IP addresses and their gateways. The flag ‘U’ suggests that the route is up and the flag ‘G’ suggests that the router is to a gateway (router). If this flag is not set then it can be assumed that the destination is directly connected.
My name is Ramesh Natarajan. I will be posting instruction guides, how-to, troubleshooting tips and tricks on Linux, database, hardware, security and web. My focus is to write articles that will either teach you or help you resolve a problem. Read more about
Comments on this entry are closed.
Hi,
Thanks a lot
I am waiting for part 2
What is UH flag ?
Thank you . Regards .
Good one..Keep up good work..:)
@Catalin
UH is combination of ‘U’ and ‘H’ flag.
Flag U
This flag indicates that the route entry is up and running or ACTIVE. If there is no U, then the route entry is defined but not active. This may be because the device is in a NOT ACTIVE status.
Flag H
This flag indicates that the destination field in this route entry specifies a host route. That means this route is used only if the destination IP address of a datagram exactly matches all 32 bits (255.255.255.255) in the route entry destination field.
If there is no H, then the destination field in this route entry specifies a network route. That means this route is used only if the destination IP address of a datagram exactly matches all the network bits (less than 32 bits, for example, 255.255.255.0) in the route entry destination field.
@Himanshu: Thank you for your reply.
On my provider i use a pppoe connection and return this flags.
The result of netstat -nr is:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 ppp0
10.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
Also I saw is a “Kernel IP routing table” … What is this and it is a hierarchy in routing?
I think will be good if somebody will read something about this.
Regards.
PS: Can I ask something more delicate? It’s your name or is nickname ? I saw one movie – Hackers 2 – and I think a hear this name…
@Catalin
Since you have used the -r option which for displaying kernel routing tables
so in the output “Kernel IP routing table” is just for information I think.
From the netstat man page :
–route , -r
Display the kernel routing tables.
PS : This is my name (not the nick name) and I am not the one you are talking about
😛
i want to see the routes configured on a linux server ,please tell me commands thanx
I have 4 static IP’s (10.42.43.1, 10.42.43.2, 10.42.43.3, 10.42.43.4) in 4 different systems. the system with IP 10.42.43.1 can ping 10.42.43.2 and the system with IP 10.42.43.2 can ping 10.42.43.4 and the system with IP 10.42.43.4 can ping 10.42.43.3.
10.42.43.1–can ping–>10.42.43.2–can ping–>10.42.43.4–can ping–>10.42.43.3
But the system with IP 10.42.43.1 cannot ping the system with 10.42.43.3. It says Host Unreachable. So is there any work around(modifying Kernel IP routing or route command) which would allow me to ping the system with IP 10.42.43.3 from 10.42.43.1 via the intermediate system. Any help would be appreciated…
good one. keep it up thegeekstuff