Friday, July 22, 2011

Static Route


In large scale enterprise computer network which span in multiple remote places, communication between sites with a well routing design is very essential. Both static route and dynamic route must be designed as efficient as possible. See types of WAN technologies.
static route is a routing mechanism that depends on manually configured routing tables. Dynamic route is a routing mechanism for dynamically exchanging routing information among routers on an internetwork.
In smaller networks that contain only a couple of routers, the design of the static route is generally used. Static routers (routers that use static route) must be configured and maintained separately because static routers do not exchange routing information with each other. See also basic hardware of the router.
A static route will function properly when the routing table contains a route for every network in the internetwork which is configured manually by the administrator. Each host on the network must be configured to point their default gateway to match the Internet Protocol (IP) address of the local router interface. When a host needs to send a packet to another network, it forwards the packet to the local router, which checks its routing table and determines which route to use to forward the packet.
The basic concept of the routing (both static route and dynamic route) is that routers forward IP packets based on the destination IP address in the IP packet header. They compare the destination address to the routing table with the hope of finding a matching entry – an entry that tells the router where to forward the packet next. If the router does not match an entry in the routing table, and no default route exists, the router discards the packet. Therefore, having a full and accurate routing table is important.
Static routing consists of individual configuration commands that define a route to a router. A router can forward packets only to subnets in its routing table. The router always knows about directly connected routes—routes to subnets off interfaces that have an “up and up” status. By adding static routes, a router can be told how to forward packets to subnets that are not attached to it.
The following figure can be used to describe how to configure the static route. Two ping commands test the IP connectivity from Sydney router to Perth router.
An example of static route - implementation diagram
Sydney router EXEC Commands with only connected routers
Sydney#show ip route
Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP
i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area
* – candidate default, U – per-user static route, o – ODR
P – periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 3 subnets
C 10.20.1.0 is directly connected, Ethernet0
C 10.20.130.0 is directly connected, Serial1
C 10.20.128.0 is directly connected, Serial0
Sydney#ping 10.20.128.252
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.20.128.252, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms
Sydney#ping 10.20.2.252
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.20.2.252, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)
The ping command sends the first packet and waits on the response. If a response is received, the command displays a “!”. If no response is received within the default timeout of 2 seconds, the ping command displays a “.”. The IOS ping command sends 5 of these packets by default.
In the above figure example, the ping 10.20.128.252 command works, but the ping 10.20.2.252 command does not. The first ping command works because Sydney has a route to the subnet in which 10.20.128.252 resides (subnet 10.20.128.0). However, the ping to 10.20.2.252 does not work, because the subnet in which 10.20.2.252 resides, subnet 10.20.2.0, is not connected to Sydney, so Sydney does not have a route to that subnet.
To resolve this problem, routing protocols on all three routers should be enabled. For a simple network with 3 routers like in the above figure, a static route configuration would be a reasonable solution.
Static route in Sydney must be added as follows:
Ip route 10.20.2.0 255.255.255.9 10.20.128.252
Ip route 10.20.3.0 255.255.255.0 10.20.130.253
The ip route commands supply the subnet number and the next-hop IP address. One ip route command defines a route to 10.20.2.0 (mask 255.255.255.0), which is located off Perth, so the next-hop IP address as configured on Sydney is 10.20.128.252, which is Perth’s Serial0 IP address. Similarly, a route to 10.20.3.0, the subnet off Darwin, points to Darwin’s Serial0 IP address, 10.20.130.253. Note that the next-hop IP address is an IP address in a directly connected subnet—the goal is to define the next router to send the packet to. Now Sydney can forward packets to these two subnets.
You can configure static routes in a couple different ways. With point-to-point serial links, you can also configure the outgoing interface instead of the next-hop IP address. For instance, you could have configured ip route 10.20.2.0 255.255.255.0 serial0 for the first route in the above example.
Unfortunately, adding these two static routes to Sydney does not solve all the network’s routing problems. The static routes help Sydney deliver packets to these two subnets, but the other two routers don’t have enough routing information to forward packets back toward Sydney.
For instance, PC Jhonny cannot ping PC Robert in this network. The problem is that although Sydney has a route to subnet 10.20.2.0, where Robert resides, Perth does not have a route to 10.20.1.0, where Jhonny resides. The ping request packet goes from Jhonny to Robert correctly, but Robert’s ping response packet cannot be routed by the Perth router back through Sydney to Jhonny, so the ping fails.
Pros:
  • Static route is more secure than dynamic route
  • Static route is immune from attempts by hackers to spoof dynamic routing protocol packets in order to reconfigure the router and try to hijack network traffic.
Cons:
  • Administration is more difficult than dynamic routing particularly when there are many routers need to be configured manually.
  • Prone to the mistyping during manual configuration