Main functions of routers

Since the main purpose of a router is to forward IP packets (also called IP datagrams) according to the IP address held in the datagram header, it is reasonable to conclude that the required functionality of routers can be largely determined from the specification for the Internet protocol and its various options (IPv4 is defined in RFC 791; IPv6 is defined in RFC 2460). This is true. However in addition, in 1995 theInternet Engineering Task Force (IETF)issued RFC 1812 as a supplement to RFC 791 to formally define the requirements of IPv4 routers. RFC 1812 sets out in detail the appropriate implementation in IPv4 routers of the various Internet protocol functions and fields. From it we are able to determine the minimum set of basic functions which should be undertaken by a router. Routers are required to support the following functions:

• networkinterfacing (including fragmentation as necessary);

• packetforwarding according to a routing table;

• routing tablecreation and updating;

• Internet protocol (IP) processing;

• network congestion and admission control;

2See Chapter 4.

• network security and access control; and

• network configuration, monitoring and administration.

The following sections provide more details of each function.

Network interfacing A router provides for:

• the internetworking and interfacing of networks of different types (e.g., interfacing the physical anddatalink layers of a LAN to a WAN);

• the adaptation of data-packet or frame formats at network boundaries as necessary, e.g., conversion fromcanonical tonon-canonical data transmission formats³ or vice versa;

• theresolution andtranslation of addresses as necessary;

• fragmentation and reassembly of large packets as necessary;

• the support of PPP (point-to-point protocol)as a standard IP-suite layer 2 (datalink pro-tocol) interface for general purpose, point-to-point serial lines. PPP⁴is similar to HDLC⁵.

Packet forwarding according to a routing table

A router supports the following packet forwarding and routing capabilities:

• the ability toforward packets towards theirultimate destination based upon the indicated destination IP-address;

• the creation and maintenance of a routing table for the purpose of determining the next hop of the packet’s path to its destination;

• therouting tablerecognises all standardbroadcast (e.g., 255.255.255.255),multicast and unicast addresses (explained later) and has adefault routefor all possible addresses (e.g.,

‘if I don’t recognise this address, I’ll pass the packet to another default router, which will know how to deal with it’). The default route is usually indicated in the routing table with the notation ‘0.0.0.0’. Each ‘0’ value means ‘any value between 1 and 255’.⁶Thus 0.0.0.0 matches ‘all possible IP-addresses’.

• thedestination IP addressis compared with all the entries in the routing table, to determine therouting tableentry which matches the greatest number of leading digits (i.e., thelongest match). This is the entry with the greatest number of consecutive matching digits (reading the number from left to right — Figure 5.2). Thus the destination IP address of Figure 5.2 (173.65.8.1) generates the following ‘longest matches’ in each of the routing tables:

• at router A: the longest match is ‘173.0.0.0’ and the chosen next hop is via router B

• at router B: the longest match is ‘173.65.0.0’ and the chosen next hop is via router C

3See Chapter 3.

4See Chapter 8.

5See Chapter 3.

6The value ‘0’ in a routing table is taken to mean ‘any allowable value in this position’ (i.e., any value 1–255).

Main functions of routers 169

Figure 5.2 Network and associated routing tables.

• at router C: the longest match is ‘173.65.8.0’ and the chosen next hop is via router D

• at router D the full destination address is recognised as a directly-connected destination.

Routing table updating and maintenance Routing tables in routers are kept up-to-date as follows:

• Entries in a router‘s routing table are either based onstatic routing(i.e., only occasionally updated manually by humans) or ondynamic routing (in which they are kept up-to-date automatically by means of routing table updates sent between different routers by means ofrouting protocols).

• In the case of dynamic routing, network configuration changes (e.g., new links, removed links or failed links) and the addition or removal ofreachable addresses (e.g., an end-device or subnetwork has been added to or removed from the local network) are monitored automatically by means of arouting protocol.

• Routers must normally support at least oneinterior gateway protocol (IGP)for advertising routing changes to other routers within the immediate network (called an administrative systemorautonomous system — AS). Examples of commonly used IGPs areRIP (routing information protocol), OSPF (open shortest path first), Cisco’s IGRP, interior gateway routing protocol and ISO’sIS-IS andES-IS protocols.

• Routers (acting as border nodes) at the boundaries of different networks (autonomous systems) exchange routing information with neighbouring networks by means of anexterior gateway protocol (EGP). The most commonly used protocol is BGP4 (border gateway protocol version 4).

• A router supporting dynamic routing uses routingmetrics, routing algorithms androuting policies to sift through and analyse the information it receives by means of the routing protocols. By doing so, it can determine the best current next-hop route to eachreachable IP address or range of addresses and thus keep its routing table up-to-date.

Internet protocol (IP) and other protocol processing

At a minimum, all routers must support the Internet protocol (IP) and the related protocol ICMP (Internet control message protocol) which is an integral part of it. IP allows for the processing and forwarding of packets. ICMP allows for monitoring the correct functioning of IP:

• Each received IP-packet must be verified. The header checksum (i.e., frame check sequence — FCS⁷needs to be checked, as do all the other fields in the packet header. Time-expired packets and those with invalid destination addresses (e.g., theloopback address 0.0.0.0) should be discarded, returning a notification to the source (if appropriate) by means of ICMP.

• Source routers or source hosts should performdiscoveryof thepath maximum transmission unit (PMTU). By doing so, fragmentation of packets along the path can be avoided by only sending packets of a size less than or equal to the PMTU. This maximises the network efficiency.

• In the case of source routing, thedestination IP address appearing in the IP header may not be the ultimate destination of the packet. Nonetheless the next hop is determined by the router based upon the indicated destination address rather than upon the ultimate destination. This allows the source router to place a string of IP addresses in the source routing field of the IP header to control the exact path taken by the packet across the internetwork.

• In general,transport layer protocolsneed not be supported by intermediate routers except as required for internal network management purposes (e.g., for carriage of management information by means of SNMP, simple network management protocol).

• Multicast andanycast routers must supportIGMP (Internet group management protocol) for the appropriate updating of multicast address lists.

Network congestion and admission control

In some cases it is appropriate for routers to performnetwork admission controls. By limit-ing the amount of datatraffic admitted to the network, we can minimise the possibility of network congestion:

• Some routers perform congestion control byprioritisationof forwarded packets according to thetype of service (TOS), IP precedenceordifferentiated service (DiffServ)information contained in the IP packet header.

• Some modern routers which support the optional RSVP, Resource ReSerVation Protocol performadmission control at the time when ahost initially requests aconnectionto be set up or a given quantity of bandwidth to be reserved (e.g., for a real-timestreamapplication).

Only if sufficient bandwidth is adjudged to be available is the new connection permitted, otherwise the connection is rejected (rather like returning the busy tone on a telephone call to a busy line).

7See Chapter 2.

Main functions of routers 171

Network security and access control

Since some of the packets which arrive at routers connected to the router are unwelcome — having originated from maliciously-minded intruders, most modern routers provide various means ofaccess control:⁸

• Most routers offer access control based onfiltering and access control lists (ACLs, also called simply access lists). A filter or access list checks the source IP address, only forwarding packets from selected (i.e., permitted) source addresses to given allowed des-tinations. This provides a measure of security — allowing only certain outsiders to get access to certain data and computer files.

• Non-transparent routers may perform network address translation (NAT). Such routers translate the IP addresses in the IP packet headers from public Internet addresses into private Internet addresses as used within the ‘local’ network. The use of NAT has two benefits — first, the number of IP addresses available for use within the ‘local’ network is almost unlimited (public IP addresses, on the other hand) are difficult to come by;

second, only those local addresses converted by NAT can be reached by outside parties (e.g. intruders).

• Some sophisticated types of routers are also able to act as proxies. A proxy acts as a gateway between an outside host and aclient or server within the local network. The outside host wishes to communicate directly with the client or server within the local network, but it is not allowed to do so directly. Instead theproxy client or proxy server (at the network boundary) acts on behalf of the real client or server. The proxy interprets the higher layer protocol requests of the outside host and decides which requests will be dealt with and which will not. The proxy (as atrusted party) then communicates with or forwards request to the real client or server as it sees fit. The use of a proxy client or proxy server concentrates the network security measures in a single device, thereby avoiding the need for specific security measures in each internal client and server. The disadvantage is that it requires sophisticated router hardware and software.

• Some types of routers includefirewall security functions. These usually include NAT and proxy server functions as described above. We shall discuss firewalls in more detail in Chapter 13.

Network configuration, monitoring and administration Routers must support certain network and self-administration functions:

• Routers are expected to monitor network status and any communications errors.

• Network status is normally reported to a remote network management control station (e.g., a network management centre) by means of standard managed objects, MIBs and the simple network management protocol (SNMP). We shall discuss these in Chapter 9.

• Routers typically boot (i.e., set their basic settings) automatically using BOOTP (boot-strap protocol) or TFTP (trivial file transfer protocol). These protocols are used to load appropriate network settings and other configuration files.⁹

8Some access routers (access routersare those which typically connect a local network such as a LAN to the public Internet) aretransparent routers. By transparent we mean they use the public Internet addressing scheme even within their local network and forward packets freely in both directions. The LANs connected by means of such transparent routers are relatively prone to intruder attacks from the Internet.

9See Chapter 6.

• Routers are often used as address servers: allocating or advising IP addresses to host devices when they are switched on using protocols like BOOTP and DHCP. We shall talk more about this in Chapter 6.

• Hosts may also have to act as routers, or at least have simpleembedded routerfunctionality.

At a minimum, a static gateway or adefault gateway needs to be configured to direct all outgoing IP traffic to the LANs main router.