Routing
Interface
An interface is a logical interface associated with a piece of communications
hardware that has a TCP/IP stack. These bits of hardware include things like
Modems, ethernet cards, ethernet interfaces on a router etc. The logical
interface always has an IP address associated with it.
These IP addresses must be unique within any connected network.
Route tables
When you want to make a TCP/IP connection, or just send some packets to a
machine, you have to figure out which interface to send the packets out of. It is
obviously no good sending packets out your LAN adapter when you are trying to
say connect to an internet site. Conversely, it is no good sending packets out
your modem when you are trying to access a machine on your LAN.
For this reason there are routing tables. The routing table is a table that
the TCP/IP stack looks at when it wants to send a packet somewhere, and the
routing table tells the stack which interface to pump the packets out of in order
to get to the desired destination.
So route table entries specify:
1. A range of destinations (made up by network address / subnet mask - see later)
2. Which router (gateway) to send packets to for these destinations.
3. Which interface to send packets out to get to these destinations
in Win95, the syntax is
route ADD networkaddr MASK subnetmask gateway
subnetmask is a way of saying which bits to ignore in the address when
checking for a match. So if the subnetmask is 255.255.255.0 then we ignore the last 8
bits of the address (last octet) when checking to see if this route table
entry applies to the destination or not.
E.g.
This is my route table when I am online with my modem
Active Routes:
Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 203.96.10.254 03.96.10.51 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.0.0 192.168.0.4 192.168.0.4 2
192.168.0.4 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.0.255 255.255.255.255 192.168.0.4 192.168.0.4 1
203.96.10.0 255.255.255.0 203.96.10.51 203.96.10.51 1
203.96.10.51 255.255.255.255 127.0.0.1 127.0.0.1 1
203.96.10.255 255.255.255.255 203.96.10.51 203.96.10.51 1
224.0.0.0 224.0.0.0 203.96.10.51 203.96.10.5 1
224.0.0.0 224.0.0.0 192.168.0.4 192.168.0.4 1
255.255.255.255 255.255.255.255 192.168.0.4 192.168.0.4 1
I have 2 interfaces on my box - a LAN adapter with IP address 192.168.0.4 and
a modem PPP interface with address 203.96.10.51
You will see that there is an entry in the table for both of these, plus some
others.
If we look at the 4th entry, that is the definition of the entry for the LAN
card. What it is saying is that if we get a packet that we want to send to
192.168.0.4 MASK 255.255.255.255 (which means that it must match the whole
address), then we send the packet over interface 192.168.0.4 - the gateway is ignored.
That is the easy one.
The next significant one is the 3rd entry. That is saying that if we have a
packet for 192.168.0.0 MASK 255.255.0.0 (that means anything from 192.168.0.1 to
192.168.254.254 since 255 is reserved as is 0) then we send it out interface
192.168.0.4 - so this means all our LAN traffic goes out of the LAN card.
By comparison, the 7th entry is the same as the 4th entry, but for the PPP
interface (modem) and the 6th entry is the same as the 3rd entry, but applies to
the range 203.96.10.1 to 203.96.10.254 which is a subnet on our service
provider. This will probably give us access to their router.
The other VERY significant entry is the 1st one. The effect of having a
destination of 0.0.0.0 with MASK 0.0.0.0 means any IP address at all. This is
called the DEFAULT ROUTE. This one is the last route used if there is no match on
the others. This is the one that causes problems in multi-segment networks when
you dial up, because it is changed by the PPP login process. What this means
is that if we don't have a static route (like the other entries) for a
destination, we send it out over the default route to 203.96.10.254 (our ISPs router)
which is accessible through the interface 203.96.10.51 (our modem).
What this is saying, is that everything goes out over our modem, except things
that match a static route - so this includes our LAN (local subnet only).
The other entries are.
127.0.0.0 is the localhost (loopback interface) this is a software only
interface internal to the stack itself, and is not accessible over any interface.
This means that this interface can only be accessed from the machine itself.
192.168.0.255 is the broadcast address for broadcast packets on our LAN.
203.96.10.255 is the broadcast address for broadcast packets on the LAN segment on
our ISP.
LAN. The effect of two matching entries means any packets sent to this
destination will be broadcast on our LAN and the ISPs LAN.
255.255.255.255 is the global broadcast address.
Route table when off-line
Active Routes:
Network Address Netmask Gateway Address Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.0.0 192.168.0.4 192.168.0.4 1
192.168.0.4 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.0.255 255.255.255.255 192.168.0.4 192.168.0.4 1
224.0.0.0 224.0.0.0 192.168.0.4 192.168.0.4 1
255.255.255.255 255.255.255.255 192.168.0.4 192.168.0.4 1
So these are all the same except for the PPP interface addresses, since we
are off-line there is no PPP interface.
Routes automatically created by the OS
There are a number of routes created automatically by the OS. Whenever an
interface is added, you get a route for the interface, one for the subnet the
interface is on, and one for the broadcast address for that interface. If you look
at the route table above, the interface 192.168.0.4 results in the addition of
route entries 2, 3, 4, 5 and 6.
The OS also creates the localhost interface (1st one).
Important
If you specify a default gateway for your LAN adapter (i.e you have a router
on your LAN), then you also get a default route entry. this is the entry that
is used to access the other subnets on your LAN.
What this all means
Well, what it means is that your PPP login when it changes your default route.
So by default all your packets go to your ISPs router (so you can access
internet sites). This makes the rest of your LAN segments inaccessible, since
unless you have manually entered a static route to those subnets, they will have
been dependent on the default route.
So, if you have other subnets, you need to add a static route to your route
table with the ROUTE ADD command.
You can be smart about it.
if you have numbered your segments say like this:
Segment A (wingate machine): 192.168.0.0 mask 255.255.255.0
(this means 192.168.0.1 to 192.168.0.254)
Segment B : 192.168.1.0 mask 255.255.255.0
Segment C : 192.168.2.0 mask 255.255.255.0
Segment D : 192.168.3.0 mask 255.255.255.0
Segment E : 192.168.4.0 mask 255.255.255.0
Segment F : 192.168.5.0 mask 255.255.255.0
Segment G : 192.168.6.0 mask 255.255.255.0
and the router is on 192.168.0.254
Then you can either do it the hard way and add a route for each of B to F -
e.g.
route ADD 192.168.1.0 MASK 255.255.255.0 192.168.0.254
route ADD 192.168.2.0 MASK 255.255.255.0 192.168.0.254
route ADD 192.168.3.0 MASK 255.255.255.0 192.168.0.254
route ADD 192.168.4.0 MASK 255.255.255.0 192.168.0.254
route ADD 192.168.5.0 MASK 255.255.255.0 192.168.0.254
route ADD 192.168.6.0 MASK 255.255.255.0 192.168.0.254
Or, you could combine these to a single entry by setting the mask to ignore
the second to last octet of the address as well
e.g
route ADD 192.168.0.0 MASK 255.255.0.0 192.168.0.254
This would cover segments B to F.
If some of the segments B to F are only accessible through another router
somewhere else, you can either add route statements to the router on 192.168.0.254
or put in different route table entries for these ones.
When matching, the stack looks for a match in this sequence.
1. Look for a match with an interface address (mask of 255.255.255.255 - exact
address)
2. Look for a match with a subnet
3. use the default route.