Basic theory of IP routing in Linux system

Maybe you know how to use command netstat or route on a Linux system to find (or even add/remove) routes that already exist. But when you do these things you may not know how IP routing works. This article will help you understand the rationale of IP routing and how it works. IP routing involves the forwarding of IP data messages. If the host is directly connected to the destination host, then the host can send the IP message to the destination host directly, this process is relatively simple. For example, through point-to-point links or through a network share. If the host is not directly connected to the destination host, the main opportunity sends the IP message to the default router, which is then determined by the router to send the IP message.

IP routing involves the forwarding of IP data messages. If the host is directly connected to the destination host, then the host can send the IP message to the destination host directly, this process is relatively simple. For example, through point-to-point links or through a network share. If the host is not directly connected to the destination host, the main opportunity sends the IP message to the default router, which is then determined by the router to send the IP message.

Routing principle

The fundamental difference between a common host and a router is that the host does not forward a message from one interface to another, and the router can forward the message.

Today, most multi-user systems can be configured to be used as routers. Therefore, a common routing algorithm can be used on the router, but also can be used on a common host. When a host can be used as a router, we usually say that the host is embedded in the router's capabilities. A host with an embedded router function does not normally forward a message unless we configure it to turn on this feature.

The IP layer maintains a routing table and uses this table to decide what to do next when it receives a datagram. When receiving data packets from the network side, the IP layer first checks whether the IP address of the message is the same as the host's own address.

If the IP address in the data packet is the address of the host itself, then the message is sent to the corresponding protocol in the transport layer. If the IP address in the message is not the host's own address, and the host is configured with the function of routing, the message will be forwarded;

More Wonderful content: http://www.bianceng.cnhttp://www.bianceng.cn/Network/lyjs/

The data in the routing table is usually in the form of an entry. A typical routing table entry contains the following key entry items:

Destination IP Address: This field represents the destination's IP address. This IP address can be the address of a particular host, or it can be a network address. If the entry contains a host address, its host ID is marked as not 0, and if the entry contains a network address, its host ID is marked as zero.

IP address of the next router: why we use the word "next" because the next router is not always the final destination router, but it is probably an intermediate router. The entry gives the address of the next router that is used to forward IP data packets received from the corresponding interface.

Flag: This field provides another set of important information, such as whether the destination IP address (previously mentioned) is a host address or a network address. In addition, you can tell from the flag whether the next router (previously mentioned) is really a router or a directly connected interface.

Network Interface Specification: Some data packet network interface specification, this specification follows the message to propagate together.

How does the basic route work?

So if we now want to describe the routing process simply and figuratively, we will see that once the host (configured to have the routing function) of the IP layer received from the network side of the packet, it will verify the packet in the destination IP address, if this IP is not the host's IP address, then the packet will be forwarded through the routing table.

If the first field of any entry exactly matches the destination IP address (host) or a partially matched destination IP address (network), it indicates the IP address of the next router. This is an important message because it tells the host (which has the routing function) what "next router" the packet should be forwarded to. And all the other fields in the entry will provide more auxiliary information to make decisions for routing forwarding.

In the previous paragraph we had a basic understanding of the routing forwarding process, but if we tried to get to know more, we would have to look at some of the following details about the routing table algorithm.

First, the routing table searches for an entry with the destination IP address field exactly as the destination IP address in the data message. This means that the host ID of the IP address is exactly the same as the network ID. If found, the packet is sent to the appropriate interface or intermediate router.

If a full matching IP is not found, then the search matches the network ID. If found, the datagram is forwarded to the specified router. So we see that all the hosts on this network are managed by a single (this) entry in the routing table.

If both of these conditions do not match, the data message is forwarded to a "default router."

If the above steps fail, that is, there is no default router, then the data message cannot be forwarded at last. Any undeliverable data message will result in an ICMP host unreachable or an ICMP network unreachable error, and return this error to the application that generated this data message.

Sometimes people ask, why are there two types of entries in the routing table? Why do you need network-related entries when you have more precise host entries? Well... It is a great advantage to include network-related routing entries in the routing table. The advantage is that there is a full network-related entry to avoid including all the individual host entries in this network (this is a huge amount of data). This makes the routing table size drop to a acceptable order of magnitude, which is great.

commands for viewing routing table information

You can use the Netstat command to view the routing table information as follows:

$ netstat-rn Kernel IP routing table destination Gateway genmask Flags MSS Window irtt iface 192.168.         2.0 0.0.0.0 255.255.255.0 u 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 u 0 0 0 eth0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0 Its output provides the destination IP address and gateway-related details. The sign "U" indicates that the router is up to, and "G" indicates that the router is connected to a gateway (router). If this flag is not set, then we can assume that the host is directly connected to the target.