IP routing works by comparing the destination addresses of IP packets to a list of possible destinations called the routing table. The destination address in a packet usually identifies a single host. It is also possible to use the multicast functions of the IP protocol to send packets to many hosts simultaneously, as discussed in Chapter 23. In this chapter, however, we focus on routing to one specific destination, which is called unicast routing.
In a very large network, such as the public Internet or a large corporate network, it is impractical to keep track of every individual device. Instead, the IP protocol groups devices together into subnets. A subnet is, in effect, a summary address representing a group of adjacent hosts. And, similarly, you can summarize adjacent groups of subnet addresses. The result is an extremely efficient hierarchical addressing system.
There are two different sets of rules for how groups of subnets can be summarized together. The older method uses a concept called class, while the newer method is classless and is often referred to by the acronym CIDR, for Classless Inter-Domain Routing. CIDR is described in detail in RFCs 1517, 1518 and 1519. Both methods are still in common use, although the public Internet makes extensive use of CIDR, and all newly registered IP addressing follows the new rules.
You can turn on CIDR in Cisco routers with the global configuration command ip classless. Classless routing has been the default since IOS Version 11.3. If the older rules are required, you have to explicitly disable CIDR with the no ip classless command.
For small networks, the distinction is often irrelevant, particularly if they don't use a dynamic routing protocol. However, using a mixture of classful and classless addressing and routing models in a network can cause some extremely strange and unexpected routing behavior. Because many network administrators are unclear on the distinctions, a brief review is in order.
The biggest difference between classful and classless addressing is that classful addressing assumes that the first few bits of the address can tell you how big the network is. Table 5-1 shows how address classes are defined. As you can see, a Class A address is any network from 0.0.0.0 to 127.0.0.0, and all of these networks are assumed to have a mask of 255.0.0.0 (/8).
Class |
Range of network addresses |
Mask |
Mask bits |
---|---|---|---|
A |
0.0.0.0 - 127.0.0.0 |
255.0.0.0 |
8 |
B |
128.0.0.0 - 191.255.0.0 |
255.255.0.0 |
16 |
C |
192.0.0.0 - 223.255.255.0 |
255.255.255.0 |
24 |
D |
224.0.0.1 - 239.255.255.255 |
255.255.255.255 |
32 |
E |
240.0.0.1 - 255.255.255.255 |
255.255.255.255 |
32 |
You can create several subnets within a Class A, B, or C network. However, it is harder to work with structures that are larger than the network. For example, if you wanted to work with the networks 192.168.4.0/24, 192.168.5.0/24, 192.168.6.0/24, and 192.168.7.0/24, CIDR would allow you to address this entire group (called a supernet) as 192.168.4/22 (or 192.168.4.0 255.255.252.0 in netmask notation). However, with classful routing, the router would have to maintain routes to all of these ranges as separate Class C networks.
A router decides where to send a packet by comparing the destination address in the header of the IP packet with its routing table. The rule is that the router must always use the most specific match in the table. This will be the entry that has the most bits in its netmask, so it is often called the longest match. This longest match rule is required because the routing table often contains several possible matches for a particular destination.
For example, suppose the destination address in a particular packet is 10.5.15.35. The router will look in its routing table for possible matches and the accompanying next-hop information that will tell it where to send this packet. If there is a match for the specific host, 10.5.15.35/32, it doesn't need to look any further. But, it is more likely that the router will find a more general route, such as 10.5.15.0/24 or 10.5.0.0/16. And, if it can't find any reasonable matches, there is usually a default route or gateway of last resort, 0.0.0.0/0, that matches anything. If there is no match at all, the router must drop the packet.
Classless routing can use a mask of any length when looking for the best route to a destination, but classful routing cannot. For example, CIDR would allow the four networks 192.168.4.0/24, 192.168.5.0/24, 192.168.6.0/24 and 192.168.7.0/24 to be written together as 192.168.4.0/22. But a router using classful routing would not consider the destination address 192.168.5.15 to be a part of 192.168.4.0/22 because it knows that anything beginning with 192 must be a Class C network. Instead, if there was no specific route for 192.168.5.0/24 or a subnet containing this destination, the router would skip straight to the default route. If you mix classless and classful routing, this could be the wrong path, and in the worst case, it could even cause a routing loop.
This is why it is so important to make sure that you are consistent about which type of routing and addressing you want to use. In general, it is better to use CIDR because of the improved flexibility it offers. Also, since CIDR allows more levels of route summarization, you can often simplify your routing tables so that they take up less memory in the routers. This, in turn, can improve network performance.
Summary routes have another important benefit. The router will keep its summary route as long as any of its subnets exist. This means that the summary route is as stable as the most stable route in the summarized range. Without summarization, if there is one route that repeatedly flaps up and down, the routing protocol must propagate every transition throughout the network. But a summary route can hide this instability from the rest of the network. The routing protocol doesn't need to waste resources installing and removing the flapping route, which improves overall network stability.
Most of the IP addresses used in examples in this book are unregistered. The Internet Engineering Task Force (IETF) and the Internet Assigned Numbers Authority (IANA) have set aside several unregistered ranges of addresses for anybody to use at any time. The only stipulation is that, because anybody and everybody is using these numbers, they cannot be allowed to leak onto any public sections of the Internet. The allowed ranges of unregistered IP addresses are defined in RFC 1918 and summarized in Table 5-2. It is a good practice to address all private networks using these address ranges.
Class |
Network |
Mask |
Comment |
---|---|---|---|
Class A |
10.0.0.0 |
255.0.0.0 |
One large Class A network |
Class B |
172.16.0.0 - 172.31.0.0 |
255.255.0.0 |
16 Class B networks |
Class C |
192.168.0.0 - 192.168.255.0 |
255.255.255.0 |
256 Class C networks |
Note that RFC 3330 defines a number of other special ranges including a special TEST-NET range, 192.0.2.0/24, which is reserved for documentation purposes. We occasionally use this address range in this book. You should not use it in production networks, however.
Top |