Viewpoint: reasonable Optimization of static routing configuration

I believe many people have read a lot about static routing configuration. Here we mainly explain how to optimize static routing configuration. In fact, we can use static routing technology, to control network routing.

The router routing table contains the following information. Destination network address, subnet mask, gateway, interface, and so on. The destination network address, subnet mask, and packet sending IP address can be used together to determine whether the departure and destination addresses belong to the same network. If they belong to the same network, the router does not forward data or process data according to predefined rules. If the sending Address and the destination address are not in the same subnet, the router determines the path based on the information in the route table. If the router cannot find a proper path, the data forwarding will be terminated, and our network administrator can control the route access according to this feature.

For example, if I add the following three subsidiaries to my current group company, there are a total of four subnets that can communicate with each other through static routing configuration. However, network communication between different companies is allowed. However, for various reasons, communication between them is unnecessary, and it will also bring great interference to our network maintenance. If a sub-network is poisoned, the performance of the other network may be affected, and other networks may be infected. At the same time, because computers in each subnet can access each other, this is not conducive to the security of data in each enterprise. In actual work, companies are independent of each other, so they generally do not need to access each other. Therefore, there is no need to access each subnet for any reason. Therefore, we can use the Static Routing mentioned above to control network access.

For example, the company's network has five vro connections, four vrouters connect to four subnets, and then a vro connects to the Internet. Now we can configure static routes on four vrouters connected to subnets. For example, we can configure static routes on a router that connects to the subnet of the Group Corporation. From the vro of the group subnet, only the fifth router information is known to the outside, but the vro paths of the other three subnets are not known. In this case, the router will end up failing to send data packets to other subnets. At the same time, it can still access the Internet normally.

It can be seen that static routing can help network administrators to enhance network access control. Although the workload of static routing configuration is relatively large, it is easy to implement a simple network structure for enterprise networks. According to my understanding, in fact, for a complicated enterprise, its router-level connection will not exceed five levels. Therefore, static routing configuration is not complex.

In addition, I would like to add another method for Manual Static Routing configuration. Before configuring a static route on a vro。, you can set the vro as a dynamic route table, view the relevant route information, and find out unnecessary route information. Then configure the vro. In this case, on the one hand, we can avoid missing useful route records, and on the other hand, we can also disable all unused route information. At the same time, we can also save a lot of trouble during configuration, because of the reference. Pay attention to the following points when configuring Static Routing:

1. Try to use vswitches instead of vrouters. If an enterprise uses static routing to control network access during network deployment, it is recommended that you do not use other routers to expand network applications after the network is deployed. Instead, you should use vswitches instead of vrouters. In other words, it is best to ensure the stability of the number and layout of routers in the enterprise network. In this case, the workload of static routing configuration can be reduced.

2. for static routing configuration, it is generally stored in the running-config file. This file is a temporary file. When the vro restarts, the information in this file will disappear. Therefore, when the static route configuration is complete and the test is complete, you need to use the COPY command to save the static route table information to startup-config. In addition, it is best to back up data remotely. In this case, when the vro fails, you do not need to configure additional settings on the backup vro to use it immediately.

3. Enterprises Adopt different management policies based on their different network security requirements. Different enterprises have different network security requirements. Therefore, they have different requirements for static route tables. If an enterprise has only dozens of computers and does not have different subnets, or the enterprise does not have high requirements on network security, static routing configuration can be used, there is no practical effect at all. Generally, Static Routing is used when the network security requirements are relatively high or the number of network hosts is too large and there are multiple subnets. Therefore, no technology is suitable for an enterprise. You must make reasonable choices based on the situation of the enterprise.