- Posts: 81
- Thank you received: 0
How routing works?
18 years 1 month ago #18321
by Brandonh
How routing works? was created by Brandonh
Can someone explain to me how routing works between subnets for instance going from 192.168.0.0/24 and 192.168.1.0/24 theese two subnets cannot see each other. The only way i can get them to see each other is if i put the routers with a 255.255.0.0 subnet mask such as 192.168.1.1/16 192.168.0.0/16. It seems to me you can add routes but the routes that you add the gateway has to be in the same subnet as the network interface. From what i have found the only way to get to a different subnet is to have a route to a router within its own subnet that is in the same network as the desitination address. Is that how it works on the internet and in general or am i missing another side to this ?
18 years 1 month ago #18324
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: How routing works?
First of all, appologies for the lame diagram, i will have to get Visio installed on mi machine for next time. Anyhow, here is the basic concept of routing....hope it helps ya understanding..
192.168.0.0/24 192.168.1.0/24
Host A
ROUTER
Host B
192.168.0.1 192.168.0.254 192.168.1.254 192.168.1.1
255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
Right, the above diagram we have the two subnets both Class C (24 Bit Subnet) with 254 addressible host addresses. The network on the left of the router is 192.168.0.0/24 and the one on the right is 192.168.1.0/24
When Host A wants to communicate to another host, it will check to see if its on its local subnet (using the subnet mask, this is done (i think) using an AND function against the subnet mask to see if the bits left match). e.g.
192.168.0.1 = 11000000 10101000 00000000 00000001
255.255.255.0 = 11111111 11111111 11111111 00000000
AND = 11000000 10101000 00000000 00000000
192.168.0.2 = 11000000 10101000 00000000 00000010
255.255.255.0 = 11111111 11111111 11111111 00000000
AND = 11000000 10101000 00000000 00000000
As you can see, the AND function identifies the same number of bits therefore these to machine 192.168.0.1 and 192.168.0.2 are on the same subnet and they start to communicate (Check a MAC address mapping exists, if not then ARP goes on the get the Layer 2 addressing).
Right, if we are talking on different subnets, the same as above goes on. If we are looking for Host A talking to Host B, the same mathamatical calculation goes on, e.g.
192.168.0.1 = 11000000 10101000 00000000 00000001
255.255.255.0 = 11111111 11111111 11111111 00000000
AND = 11000000 10101000 00000000 00000000
192.168.1.1 = 11000000 10101000 00000001 00000001
255.255.255.0 = 11111111 11111111 11111111 00000000
AND = 11000000 10101000 00000001 00000000
Now, as you can see the two end results are different. For this reason, the host now knows that its on a different network. Providing a default gateway is configured (or a route to the other network) as the router 192.168.0.254/24 then host A will send the packet to the router (as usual, a check for the Layer 2 addressing is done, if it doesn't know this then ARP process happens). Once the router receives the packet, it does the same process to see if it has a route to the destination network, since its locally attached, it will see if it knows the Layer 2 address for Host B, if not then it will ARP and then send the packet to the Host. If the Host is a few routes away, the router will send the packet to another router by looking this up in its routing table. The Layer2 details are changed to pass the packet onto the upstream router but the layer 3 addresses are kept in-tacked so that the other routers know where the packet is going, and the destination address knows where it came from to send packets back to it. Also, each router decrements the TTL to ensure that if their is a routing loop anywhere the packet will not route forever.
Hope it helps with your understand, this is how i understand it all to work.
Cheers
192.168.0.0/24 192.168.1.0/24
Host A
ROUTER
Host B
192.168.0.1 192.168.0.254 192.168.1.254 192.168.1.1
255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
Right, the above diagram we have the two subnets both Class C (24 Bit Subnet) with 254 addressible host addresses. The network on the left of the router is 192.168.0.0/24 and the one on the right is 192.168.1.0/24
When Host A wants to communicate to another host, it will check to see if its on its local subnet (using the subnet mask, this is done (i think) using an AND function against the subnet mask to see if the bits left match). e.g.
192.168.0.1 = 11000000 10101000 00000000 00000001
255.255.255.0 = 11111111 11111111 11111111 00000000
AND = 11000000 10101000 00000000 00000000
192.168.0.2 = 11000000 10101000 00000000 00000010
255.255.255.0 = 11111111 11111111 11111111 00000000
AND = 11000000 10101000 00000000 00000000
As you can see, the AND function identifies the same number of bits therefore these to machine 192.168.0.1 and 192.168.0.2 are on the same subnet and they start to communicate (Check a MAC address mapping exists, if not then ARP goes on the get the Layer 2 addressing).
Right, if we are talking on different subnets, the same as above goes on. If we are looking for Host A talking to Host B, the same mathamatical calculation goes on, e.g.
192.168.0.1 = 11000000 10101000 00000000 00000001
255.255.255.0 = 11111111 11111111 11111111 00000000
AND = 11000000 10101000 00000000 00000000
192.168.1.1 = 11000000 10101000 00000001 00000001
255.255.255.0 = 11111111 11111111 11111111 00000000
AND = 11000000 10101000 00000001 00000000
Now, as you can see the two end results are different. For this reason, the host now knows that its on a different network. Providing a default gateway is configured (or a route to the other network) as the router 192.168.0.254/24 then host A will send the packet to the router (as usual, a check for the Layer 2 addressing is done, if it doesn't know this then ARP process happens). Once the router receives the packet, it does the same process to see if it has a route to the destination network, since its locally attached, it will see if it knows the Layer 2 address for Host B, if not then it will ARP and then send the packet to the Host. If the Host is a few routes away, the router will send the packet to another router by looking this up in its routing table. The Layer2 details are changed to pass the packet onto the upstream router but the layer 3 addresses are kept in-tacked so that the other routers know where the packet is going, and the destination address knows where it came from to send packets back to it. Also, each router decrements the TTL to ensure that if their is a routing loop anywhere the packet will not route forever.
Hope it helps with your understand, this is how i understand it all to work.
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
18 years 1 month ago #18335
by Brandonh
Replied by Brandonh on topic can you clear the route up for me ?
So how would your make a route to the other subnet if you wanted to go to 192.168.0.0 from 192.168.11 from interface 192.168.0.1 how would you make that route? It hasnt worked for me when i add route 192.168.1.0 MASK 255.255.255.0 192.168.0.1 The gate way address has to be in the same subnet as your inteface or else the interface dosnt see it as part of its network and cannot reach the gateway but then if its in the same subnet as the interface then it cant see the subnet your going to unless if you made the router 255.255.0.0 then it could see anything as part of its subnet in the last two ocets. so the router 255.255.0.0 could see both 192.168.0.0 and 192.168.1.0. Thats how it appears to work for me can you clear the make a route up for me ?
18 years 1 month ago #18340
by Dove
as smurf said to route the packet from one subnet to another subnet we need to define the default gateway or a next hop / router.
as per in Smurf example there is no more hops so we can use default gateway.
ip route 0.0.0.0 0.0.0.0 e0
after giving this command if any of the packets detinationed to 192.168.1.0 subnets from 192.168.0.0 subnets then directly it will be forwarded to interface e0.
Dove
Replied by Dove on topic Re: How routing works?
if you wanted to go to 192.168.0.0 from 192.168.11 from interface 192.168.0.1 how would you make that route? It hasnt worked for me when i add route 192.168.1.0 MASK 255.255.255.0 192.168.0.1
as smurf said to route the packet from one subnet to another subnet we need to define the default gateway or a next hop / router.
Now, as you can see the two end results are different. For this reason, the host now knows that its on a different network. Providing a default gateway is configured (or a route to the other network) as the router 192.168.0.254/24 then host A will send the packet to the router
Cheers
as per in Smurf example there is no more hops so we can use default gateway.
ip route 0.0.0.0 0.0.0.0 e0
after giving this command if any of the packets detinationed to 192.168.1.0 subnets from 192.168.0.0 subnets then directly it will be forwarded to interface e0.
Dove
18 years 1 month ago #18341
by Brandonh
Replied by Brandonh on topic router sees both networks
so in order for the router to route between subnettes A and B the router would have to see both subnettes right ?
18 years 1 month ago #18342
by Smurf
In my example yes, however as Dove pointed out above, the router can also have a default route configuring using
[code:1]ip route 0.0.0.0 0.0.0.0 {next hop address}[/code:1]
This will basically tell the router that if it doesn't know where the packets need to go, default the next hop to an address. If you don't have any routing protocols enabled on your whole network that maps all your different subnets, the router needs to know where to route stuff.
e.g.
Host A
E0 - Router A - E1
E0 - Router B -E1
Host B
In order for Host A to get to Host B. Host A has the Default Gateway address set to the IP Address of the Router A E0 interface. Since Router A and Router B are not running any routing protocols, Router A only knows about two subnets, the subnet of interface E0 and the subnet of interface E1. For this reason, Host A will not be able to talk to Host B unless Router A has either a static route for Host B's Subnet, or a default route to send all traffic to Router B.
Router B will also need to know how to get back to Host A's subnet in the same way. If you set the default routes on both Router A and Router B to point to each other, any other subnets that you try to talk to that are not connected on both these routers would then result in a routing loop which is where the TTL packet would come in to stop it.
Take a look at the material that has been written up on the info pages on this site. They are very well written and will help to explain it all www.firewall.cx/routing.php
Cheers
Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: router sees both networks
so in order for the router to route between subnettes A and B the router would have to see both subnettes right ?
In my example yes, however as Dove pointed out above, the router can also have a default route configuring using
[code:1]ip route 0.0.0.0 0.0.0.0 {next hop address}[/code:1]
This will basically tell the router that if it doesn't know where the packets need to go, default the next hop to an address. If you don't have any routing protocols enabled on your whole network that maps all your different subnets, the router needs to know where to route stuff.
e.g.
Host A
E0 - Router A - E1
E0 - Router B -E1
Host B
In order for Host A to get to Host B. Host A has the Default Gateway address set to the IP Address of the Router A E0 interface. Since Router A and Router B are not running any routing protocols, Router A only knows about two subnets, the subnet of interface E0 and the subnet of interface E1. For this reason, Host A will not be able to talk to Host B unless Router A has either a static route for Host B's Subnet, or a default route to send all traffic to Router B.
Router B will also need to know how to get back to Host A's subnet in the same way. If you set the default routes on both Router A and Router B to point to each other, any other subnets that you try to talk to that are not connected on both these routers would then result in a routing loop which is where the TTL packet would come in to stop it.
Take a look at the material that has been written up on the info pages on this site. They are very well written and will help to explain it all www.firewall.cx/routing.php
Cheers
Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.140 seconds