Learn Networking in 10 DaysDay 5: Routing
books.chapter 5Learn Networking in 10 Days

Day 5: Routing

What You'll Learn Today

  • Static vs. dynamic routing and when to use each
  • How routing tables work
  • Key routing protocols: RIP, OSPF, and BGP
  • The role of the default gateway
  • How traceroute reveals the path packets take

What Is Routing?

Routing is the process of selecting a path for network traffic across one or more networks. A router examines the destination IP address of each packet and decides which interface to forward it through, based on its routing table.

flowchart LR
    subgraph Net_A["Network A\n192.168.1.0/24"]
        PC["PC\n192.168.1.10"]
    end
    subgraph Router["Router"]
        RT["Routing Table"]
    end
    subgraph Net_B["Network B\n10.0.0.0/24"]
        SRV["Server\n10.0.0.5"]
    end
    PC --> RT --> SRV
    style Net_A fill:#3b82f6,color:#fff
    style Router fill:#f59e0b,color:#fff
    style Net_B fill:#22c55e,color:#fff

Routing operates at Layer 3 (Network) of the OSI model. Every time a packet crosses a network boundary, a router makes a forwarding decision.

Static vs. Dynamic Routing

Static Routing

With static routing, an administrator manually configures routes in the routing table. The router does not learn routes automatically.

ip route 10.0.0.0 255.255.255.0 192.168.1.1

This tells the router: "To reach the 10.0.0.0/24 network, send packets to 192.168.1.1."

Dynamic Routing

With dynamic routing, routers automatically discover and maintain routes by exchanging information with neighboring routers using routing protocols.

flowchart TB
    subgraph Static_Box["Static Routing"]
        S1["Admin manually adds routes"]
        S2["No automatic updates"]
        S3["Simple but doesn't scale"]
    end
    subgraph Dynamic_Box["Dynamic Routing"]
        D1["Routers exchange route info"]
        D2["Automatic convergence"]
        D3["Scales to large networks"]
    end
    style Static_Box fill:#f59e0b,color:#fff
    style Dynamic_Box fill:#22c55e,color:#fff
Feature Static Routing Dynamic Routing
Configuration Manual Automatic
Scalability Poor (doesn't scale) Good (scales well)
Adaptability No auto-recovery on failure Reroutes automatically
Resource usage No CPU/bandwidth overhead Uses CPU and bandwidth for updates
Security More secure (no protocol to attack) Protocol can be exploited
Best for Small networks, default routes, stubs Medium to large networks

Routing Tables

A routing table is a data structure stored in a router (or host) that lists known network destinations and how to reach them.

Routing Table Entry Components

Field Description
Destination network The target network (e.g., 10.0.0.0/24)
Next hop IP address of the next router along the path
Interface The router's outgoing interface
Metric Cost of the route (lower is better)
Route source How the route was learned (C = connected, S = static, O = OSPF, R = RIP, B = BGP)
Administrative distance Trustworthiness of the route source (lower = more trusted)

Example Routing Table

Destination        Next Hop        Interface    Metric    Source
192.168.1.0/24     Connected       eth0         0         C
10.0.0.0/24        192.168.1.1     eth0         1         S
172.16.0.0/16      192.168.1.2     eth0         110       O
0.0.0.0/0          192.168.1.254   eth0         1         S*

Route Selection Process

When a packet arrives, the router:

  1. Extracts the destination IP from the packet header.
  2. Performs a longest prefix match against the routing table.
  3. If multiple routes match, selects based on administrative distance, then metric.
  4. If no specific route matches, uses the default route (0.0.0.0/0).
  5. If no default route exists, the packet is dropped.
flowchart TB
    subgraph Selection["Route Selection"]
        A["Extract destination IP"]
        B["Longest prefix match"]
        C{"Multiple\nmatches?"}
        D["Compare admin distance\nthen metric"]
        E["Forward via best route"]
        F{"Default\nroute?"}
        G["Forward via default"]
        H["Drop packet\n(ICMP unreachable)"]
    end
    A --> B --> C
    C -->|Yes| D --> E
    C -->|No match| F
    F -->|Yes| G
    F -->|No| H
    style A fill:#3b82f6,color:#fff
    style E fill:#22c55e,color:#fff
    style G fill:#f59e0b,color:#fff
    style H fill:#ef4444,color:#fff

Administrative Distance

When the same destination is learned from multiple sources, administrative distance (AD) determines which source is most trustworthy.

Route Source Administrative Distance
Connected 0
Static 1
EIGRP (summary) 5
eBGP 20
OSPF 110
RIP 120
EIGRP (external) 170
iBGP 200

Routing Protocols

Routing protocols are classified into two main categories:

flowchart TB
    subgraph Protocols["Routing Protocol Classification"]
        subgraph IGP["Interior Gateway Protocols (IGP)\nWithin an Autonomous System"]
            subgraph DV["Distance Vector"]
                RIP_P["RIP"]
            end
            subgraph LS["Link State"]
                OSPF_P["OSPF"]
            end
        end
        subgraph EGP["Exterior Gateway Protocol (EGP)\nBetween Autonomous Systems"]
            subgraph PV["Path Vector"]
                BGP_P["BGP"]
            end
        end
    end
    style IGP fill:#3b82f6,color:#fff
    style EGP fill:#8b5cf6,color:#fff
    style DV fill:#f59e0b,color:#fff
    style LS fill:#22c55e,color:#fff
    style PV fill:#ef4444,color:#fff

RIP (Routing Information Protocol)

RIP is a distance vector protocol. Each router shares its entire routing table with its neighbors at regular intervals.

Feature Detail
Algorithm Bellman-Ford
Metric Hop count (max 15; 16 = unreachable)
Update interval Every 30 seconds
Convergence Slow
Versions RIPv1 (classful), RIPv2 (classless, supports VLSM)
Best for Small networks (< 15 hops)

How RIP works:

  1. Each router initializes with its directly connected networks (cost = 0).
  2. Every 30 seconds, each router sends its full routing table to neighbors.
  3. When a router receives an update, it adds 1 to the hop count and updates its table if the new route is better.
  4. Routes with hop count > 15 are considered unreachable.

Limitations:

  • Maximum 15 hops limits network size.
  • Slow convergence can cause routing loops. Mitigations include split horizon, route poisoning, and hold-down timers.

OSPF (Open Shortest Path First)

OSPF is a link-state protocol. Each router builds a complete map of the network topology and independently calculates the shortest path.

Feature Detail
Algorithm Dijkstra's Shortest Path First (SPF)
Metric Cost (based on bandwidth: 10^8 / bandwidth in bps)
Update mechanism Link-State Advertisements (LSAs) β€” only sent on change
Convergence Fast
Hierarchy Uses Areas (Area 0 = backbone)
Best for Medium to large enterprise networks 
flowchart TB
    subgraph OSPF_Areas["OSPF Area Design"]
        subgraph Area0["Area 0 (Backbone)"]
            ABR1["ABR 1"]
            ABR2["ABR 2"]
            R0["Router"]
        end
        subgraph Area1["Area 1"]
            R1A["Router A"]
            R1B["Router B"]
        end
        subgraph Area2["Area 2"]
            R2A["Router A"]
            R2B["Router B"]
        end
    end
    R1A --- ABR1
    R1B --- ABR1
    ABR1 --- R0
    R0 --- ABR2
    ABR2 --- R2A
    ABR2 --- R2B
    style Area0 fill:#ef4444,color:#fff
    style Area1 fill:#3b82f6,color:#fff
    style Area2 fill:#22c55e,color:#fff

How OSPF works:

  1. Routers discover neighbors using Hello packets.
  2. Routers exchange LSAs describing their links and costs.
  3. Each router builds a Link-State Database (LSDB) β€” the complete network topology.
  4. Each router runs Dijkstra's algorithm to calculate the shortest path tree from itself to every destination.
  5. When a link changes, only the affected LSA is flooded β€” not the entire table.

BGP (Border Gateway Protocol)

BGP is the path vector protocol that routes traffic between Autonomous Systems (ASes) β€” the routing protocol of the Internet.

Feature Detail
Algorithm Path vector (best path selection)
Metric Multiple attributes (AS path, local preference, MED, etc.)
Transport TCP port 179
Convergence Slow (by design β€” stability is prioritized)
Types eBGP (between ASes), iBGP (within an AS)
Best for Internet routing, ISPs, large enterprises

BGP path selection (simplified order):

  1. Highest local preference
  2. Shortest AS path
  3. Lowest origin type (IGP < EGP < incomplete)
  4. Lowest MED (Multi-Exit Discriminator)
  5. eBGP over iBGP
  6. Lowest router ID

Protocol Comparison

Feature RIP OSPF BGP
Type Distance vector Link state Path vector
Scope IGP IGP EGP
Metric Hop count Cost (bandwidth) Path attributes
Max hops 15 Unlimited Unlimited
Convergence Slow Fast Slow (stable)
Scalability Small Large Internet-scale
Admin distance 120 110 20 (eBGP) / 200 (iBGP)

Default Gateway

A default gateway is the router that a device sends packets to when the destination is not on the local network. It is the "exit door" from the LAN.

flowchart LR
    subgraph LAN["Local Network 192.168.1.0/24"]
        PC["PC\n192.168.1.10"]
        GW["Default Gateway\n192.168.1.1"]
    end
    subgraph Internet["Internet"]
        WEB["Web Server\n93.184.216.34"]
    end
    PC -->|"Dest not local"| GW -->|"Routes to Internet"| WEB
    style LAN fill:#3b82f6,color:#fff
    style Internet fill:#22c55e,color:#fff

When your PC wants to reach 93.184.216.34:

  1. It checks: is 93.184.216.34 in the 192.168.1.0/24 network? No.
  2. It sends the packet to its default gateway (192.168.1.1).
  3. The gateway router looks up the destination in its routing table and forwards the packet toward the destination.

Without a default gateway, a device can only communicate with hosts on its own subnet.

Traceroute

Traceroute (Linux/macOS: traceroute, Windows: tracert) discovers the path packets take from source to destination by exploiting the TTL (Time To Live) field in the IP header.

How Traceroute Works

  1. Send a packet with TTL = 1. The first router decrements TTL to 0 and replies with ICMP Time Exceeded.
  2. Send a packet with TTL = 2. The second router replies with ICMP Time Exceeded.
  3. Repeat, incrementing TTL, until the destination is reached (replies with ICMP Port Unreachable or Echo Reply).
sequenceDiagram
    participant PC as Source
    participant R1 as Router 1
    participant R2 as Router 2
    participant R3 as Router 3
    participant DST as Destination
    PC->>R1: TTL=1
    R1->>PC: ICMP Time Exceeded
    Note over PC: Hop 1 discovered
    PC->>R1: TTL=2
    R1->>R2: TTL=1
    R2->>PC: ICMP Time Exceeded
    Note over PC: Hop 2 discovered
    PC->>R1: TTL=3
    R1->>R2: TTL=2
    R2->>R3: TTL=1
    R3->>PC: ICMP Time Exceeded
    Note over PC: Hop 3 discovered
    PC->>R1: TTL=4
    R1->>R2: TTL=3
    R2->>R3: TTL=2
    R3->>DST: TTL=1
    DST->>PC: ICMP Port Unreachable
    Note over PC: Destination reached

Reading Traceroute Output

traceroute to 8.8.8.8, 30 hops max
 1  192.168.1.1      1.234 ms   1.112 ms   1.056 ms
 2  10.0.0.1         5.678 ms   5.432 ms   5.321 ms
 3  203.0.113.1     12.345 ms  12.210 ms  12.198 ms
 4  8.8.8.8          15.678 ms  15.543 ms  15.432 ms
Column Meaning
Hop number Position in the path (1 = first router)
IP address Router interface address at this hop
Round-trip times Three RTT measurements (ms)
* * * No response β€” the router may be filtering ICMP

Traceroute Uses

  • Diagnosing latency β€” identify which hop introduces delay
  • Finding routing loops β€” repeated hop addresses indicate a loop
  • Verifying path β€” confirm traffic takes the expected route
  • Identifying failures β€” find where packets are being dropped

Summary

Summary Table

Concept Key Point
Static routing Manually configured; best for small/stub networks
Dynamic routing Routers learn paths automatically via protocols
Routing table Contains destination, next hop, interface, metric, source
Longest prefix match Most specific route wins
RIP Distance vector, hop count metric, max 15 hops
OSPF Link state, cost metric, uses Dijkstra's algorithm, area-based hierarchy
BGP Path vector, routes between ASes, powers the Internet
Default gateway Router used when the destination is not on the local network
Traceroute Discovers path using incrementing TTL values

Key Takeaways

  1. Static routing works for small networks; dynamic routing is essential for larger, changing topologies.
  2. Routers select routes using longest prefix match, administrative distance, and metric.
  3. RIP is simple but limited to 15 hops; OSPF scales to large enterprises with fast convergence.
  4. BGP is the protocol that holds the Internet together, routing between autonomous systems.
  5. Traceroute is an essential diagnostic tool that reveals the hop-by-hop path to any destination.

Practice Problems

Beginner

  1. What is the difference between static and dynamic routing? Give one advantage of each.
  2. Your PC has IP 192.168.1.50/24 and default gateway 192.168.1.1. You ping 10.0.0.5. Describe what happens at each step from your PC to the gateway.
  3. Run traceroute 8.8.8.8 (or tracert on Windows). How many hops does it take? What is the latency at each hop?

Intermediate

  1. A routing table has these entries: 10.0.0.0/8, 10.1.0.0/16, and 10.1.1.0/24. A packet arrives for 10.1.1.50. Which route is selected and why?
  2. Compare RIP and OSPF. Why does OSPF converge faster than RIP? Explain using the differences in their algorithms and update mechanisms.
  3. What is administrative distance? If a router learns a route to 172.16.0.0/16 via both OSPF (AD=110) and RIP (AD=120), which route is installed in the routing table?

Advanced

  1. Design an OSPF network with 3 areas. Area 0 is the backbone with 2 routers. Area 1 has 5 routers, and Area 2 has 3 routers. Identify the ABRs and explain how inter-area routing works.
  2. Explain BGP's AS path attribute. An AS receives routes to 203.0.113.0/24 via two paths: one through AS 100 β†’ AS 200 (path: 200 100) and one through AS 300 (path: 300). Which path does BGP prefer by default, and why?
  3. A traceroute shows the same router IP appearing at hops 5, 6, and 7. What does this indicate? What could cause this, and how would you troubleshoot it?

References

  • RFC 2453 β€” RIP Version 2
  • RFC 2328 β€” OSPF Version 2
  • RFC 4271 β€” Border Gateway Protocol 4 (BGP-4)
  • Doyle, J. & Carroll, J. β€” Routing TCP/IP, Volume 1, 2nd Edition
  • Odom, W. β€” CCNA 200-301 Official Cert Guide, Volume 2

Next Up

In Day 6, we will explore DNS and Application Layer Protocols β€” how domain names are resolved, the structure of DNS, and key application-layer protocols like HTTP, HTTPS, FTP, and SMTP.