How to Use Static Routing and dynamic routing for network access control

Static Routing and dynamic routing are frequently used, and they also play an important role. When a Host application needs to send data packets to different network destinations, the router receives data information from an interface. The Network Layer checks this packet to determine the expected network to be sent. Then, the router checks its route table and uses the route table information to determine the expected port to be sent. The router encapsulates the data packet according to certain rules again, and then forwards the data packet on a port.

When a vro forwards any data packet, the route is determined. The router determines that the router can select the most appropriate interface to forward data packets. That is to say, a vro works mainly on a route table. If there is no route table or the information in the route table is incorrect, the vro will be like a heap of scrap iron, without any value.

Classification of route table Generation Mechanism

Depending on the route table generation mechanism, Static Routing and dynamic routing can be divided. Dynamic Routing means that the router automatically updates the route table according to certain methods. In the network, when a router or link fails to be added, some information will be generated on the network to inform the other party. The router updates its route table based on the information and adjusts the route information according to the predefined rules. It can be seen that dynamic routing can facilitate our management. However, it also brings about some problems. For example, dynamic routing will search all visible routes in the network. That is to say, if a dynamic route of a router is used, as long as there is no problem with the data link, generally, each network is reachable, this is not conducive to network access control by network administrators.

A static route is manually updated by the network administrator. When the network topology changes or the number of routers increases or decreases, the network administrator must manually update the route table of the router. Otherwise, network communication will be affected. However, compared with dynamic routing, Static Routing requires the network administrator to manually update the route table regardless of any changes to the enterprise network. This is a very heavy workload for network administrators.

However, Static Routing also has its advantages. For example, on the one hand, it does not need to enable the dynamic routing selection protocol service, so it can reduce the running resource overhead of the router. In addition, you do not need to send or transmit information on the network, which can reduce the bandwidth usage. To implement dynamic routing, some protocols, such as RIP, must be supported. These Protocols define the routing table generation rules in the vro. Running these protocols will occupy the resources of routers after all. At the same time, these protocols will often communicate with neighboring routers to determine whether the operation of the other party is normal. Undoubtedly, this will increase the burden on routers and enterprise network bandwidth.

However, the above advantages are not the main reason for using static routing. As the enterprise network is transformed and upgraded, these vro resources or network bandwidth restrictions are no longer the bottleneck resources during the establishment of the enterprise network. We decided to adopt the Static Routing Technology, which is another feature. Network administrators can use static routing to control network access.

For example, the company where the author is located is a big group company. The Group Corporation and the following three subsidiaries use the same network. Now, when establishing the network, the leaders hope that the networks of subsidiaries and group companies can be independent from each other and work together to avoid mutual interference. Of course, there are many ways to achieve this requirement. For example, you can apply for an independent online account for each subsidiary. However, this processing method is a waste, because the group company already has a bare metal network, if you want to activate the network for other companies without going through the group's line, you need to pay a lot of extra money, the speed may not be as fast as the optical network, so it is not realistic.

In addition, the access control list of the CISCO router can also be controlled. However, this requires the vro to support this function. In addition, there are some configuration methods and the maintenance is not very good. Therefore, according to my understanding, although the access control list is a good network access control mechanism, in actual application, there are few enterprises to use because of its configuration, it is still difficult.