RIP and Routing Tables
So far, we've worked with a simple example of two networks with one server connecting them. In simple IP forwarding, a server knows about only the networks to which it's directly attached. However, you can connect multiple networks with multiple intermediate systems to form a more complex set of interconnections. As network topology becomes more involved, simple network-to-network packet forwarding is no longer adequate—you must employ a routing protocol so that servers can become aware of networks to which they aren't directly attached. Figure 2 illustrates a more complicated network scenario in which a new router, KERBEROS, joins the 192.168.99.0 network with the address 192.168.99.8. A third network (222.168.111.0) connects to KERBEROS at the address 222.168.111.6. This third network has its own dedicated router with a connection to the Internet. The third network and router are invisible to GOLEM, just as the 192.168.88.0 network is invisible to KERBEROS.
As we mentioned earlier, RIP is NT's IP routing protocol. Both versions of RIP are current Internet standards; RIP2 supports variable-length subnet masks (just as Classless Inter-Domain Routing—CIDR—does), and RIP1 is limited to advertising standard classful network addresses. (For more information about the specifics of IP addressing, see the sidebar "IP Addressing Basics.") RIP is an older routing protocol and still sees widespread, although diminishing, use on the Internet. RIP is a distance vector routing protocol. Routing tables maintain a list of all networks that the router knows, with the address of the next hop toward each known destination, and the total network cost (or metric) of getting to the destination. A distance vector routing protocol doesn't spell out the entire route from one network to each known destination but merely starts the packet in the right direction. Although some distance vector protocols allow a variety of metrics, hop count is the only metric RIP uses.
Distance vector routing protocols use the table exchange process to create and maintain routing tables. For example, in RIP, routers broadcast a portion of their routing table to their neighbor routers every 30 seconds. A router receiving a neighbor's table compares the routes in the broadcast table with the routes it already knows, and if the receiving router finds what appears to be a more efficient route in the broadcast table, that router will update its table. Figure 3 shows an example of the table exchange process between Router 1 and Router 3. Router 1 has a table entry for Network A that shows the network to be five hops away from Router 1 when the router routes via Router 2. Router 3 believes that it is three hops away from Network A if it routes via Router 7 (neither Router 2 nor Router 7 appear in Figure 3). When Router 3 broadcasts an RIP packet that contains a portion of its routing table, Router 3 increments the hop count from three to four because all of Router 3's neighbors are four hops from Network A if they route via Router 3. Router 1 determines that routing to Network A via Router 3 requires fewer hops than routing through Router 2 and updates its table accordingly.
RIP has fallen increasingly out of favor for widespread Internet use since the early 1990s because the protocol doesn't scale well to large and complex network topologies, in which it can become unstable and take a long time to propagate changes through the network. The Open Shortest Path First (OSPF) protocol is steadily replacing RIP. Nevertheless, RIP is a simple protocol to implement and requires very little processing and management. RIP is therefore well suited to small networks such as those you might build with a few software-based routers.
Reading RIP Routing Tables
In NT and Windows 9x, you can use the Route Print command from the DOS command line to display a server-router system's RIP routing tables. You can use the Route command to manually add, delete, or modify table entries. The Route Help command displays basic information and directions, although an easy way to prevent the Help information from scrolling off the screen or to redirect the Help output to a file doesn't seem to exist.
An NT routing table contains five pieces of information. Table 1 is a sample routing table for the NT server GOLEM in Figure 1, which interconnects two LANs. The network address and netmask together specify the address to which a particular row in the table applies. The gateway address is the IP address of the router (or gateway) to which the server-router forwards packets destined for the specified network address; the gateway is accessible at the IP address that the interface specifies. Finally, the metric indicates the number of hops a packet must make to get from the server-router to the destination network.
Lines 1 and 2 refer to the address 0.0.0.0, which is shorthand for "unknown network." The server-router will send packets with this address back out on the NIC that the packets came in through. Line 3 is the local host loopback address.
Lines 4 through 6 refer to the 192.168.88.0 network. The server-router will forward a packet addressed to this network (mask 255.255.255.0) to the gateway at address 192.168.88.1. The server-router sends out packets addressed to the host address 192.168.88.1 (mask 255.255.255.255) via the local host. Packets addressed to the network's broadcast address also go out to 192.168.88.1. Lines 7 through 9 refer to the network 192.168.99.0.
Lines 10 and 11 refer to address 224.0.0.0, mask 224.0.0.0. The server-router sends back packets targeted to any address in which the first three bits are 1 (i.e., any Class D or E address) on the NIC that the packets came in on. The same routing action applies to packets addressed to the all-hosts address, to which lines 12 and 13 refer.
Table 2 shows an abbreviated routing table for the GOLEM router in Figure 2. Table 2 is an illustration of a routing table that contains network addresses that aren't local to the server. The table also shows one configured default gateway. The server-router assumes that any packet addressed to a network other than the three that Figure 2 defines is aimed at the Internet; therefore, the server-router will forward such packets to the default gateway. One subtlety of IP routing is that the gateway address is never inside an IP packet. IP packets contain only the original source and destination host addresses; routers use the gateway address only to determine the destination address for the MAC's transmission.
In Table 2, line 1 shows that the server-router forwards packets with an unknown address to the default gateway at 222.168.111.1. This router is three hops away from GOLEM. Note that GOLEM knows about only one default gateway. Lines 2 through 5 show that the server-router forwards packets destined for the networks directly connected to GOLEM (i.e., 192.168.88.0 and 192.168.99.0) to only the appropriate NIC. Line 6 shows that the server-router forwards packets destined for network 222.168.111.0—a network to which GOLEM isn't directly attached—to the router at address 192.168.99.8, which is accessible via GOLEM's interface 192.168.99.7. Note that network 222.168.111.0 is two hops away from GOLEM.
For Further Investigation
Using an NT server as a software-based router can make sense in specific situations. Understanding RIP will help you better understand the tables that the protocol generates and how you might manipulate the tables to improve routing. You can find more information about bridging, routing, their associated protocols, and Internet applicability in two excellent books: Routing in the Internet (Prentice Hall, 1995) by Christian Huitema and Interconnections: Bridges and Routers (Addison-Wesley, 1992) by Radia Perlman.