Versions Compared

Old Version 43

changes.mady.by.user Māris B.

Saved on

compared with

New Version Current

changes.mady.by.user Guntis G.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: typos

...

To fix this we need to add a route that tells the router what is the next device in the network to reach the destination.  In our example next hop is Router2, so we need to add a route with the gateway that points to the Routers Router's 2 connected address. This type of route is known as a static route:

...

Routing Information Base is a database that lists entries for particular network destinations and their gateways (address of the next device along the path or simply next-hop). One such entry in the routing table is called a route.

A hop occurs when a packet is passed from one network segment to another.

...

Its purpose is not just to store routes, but also to filter routing information to calculate the best route for each destination prefix, to build and update the Forwarding Information Base, and to distribute routes between different routing protocols.

...

  • address part of the dst-address of the connected route is equal to a network of IP address item.
  • netmask part of dst-address of the connected route is equal to the netmask part of the address of the IP address item.
  • gateway of the connected route is equal to the actual-interface of the IP address item (same as an interface, except for bridge interface ports) and represents an interface where directly connected hosts from the articular particular Layer3 network can be reached.

...

A default route is used when the destination cannot be resolved by any other route in the routing table. In RouterOS dst-address of of the default route is 0.0.0.0/0 (for IPv4) and ::/0 (for IPv6) routes. If the routing table contains an active default route, then the routing table lookup in this table will never fail.

Typically home router routing table contains only connected networks and one default route to forward all outgoing traffic to the ISP's gateway:

Code Block
languagetext
themeFadeToGrey
[admin@TempTest] /ip/route> print 
Flags: D - dynamic; X - disabled, I - inactive, A - active; C - connect, S - static, r - ri
p, b - bgp, o - ospf, d - dhcp, v - vpn
Columns: DST-ADDRESS, GATEWAY, Distance
#      DST-ADDRESS     GATEWAY      D
   DAd 0.0.0.0/0       10.155.125.1 1
   DAC 10.155.125.0/24 ether12      0
   DAC 192.168.1.0/24  vlan2        0

...

Devices withLayer 3 Hardware Offloading (L3HW, otherwise known as IP switching or HW routing) allows to offload allow offloading packet routing onto the switch chip. When L3HW is enabled, such routes will display H-flag:

...

For example, if we know that the majority of traffic flows to the network where servers are located, we can enable offloading only to that specific destination:

...

Now only the route to 192.168.3.0/24 has an H-flag, indicating that it will be the only one eligible to be selected for HW offloading:

...

Warning

H-flag does not indicate that the route is actually HW offloaded, it indicates only that route can be selected to be HW offloaded.

...

There can be multiple routes with the same destination received from various routing protocols and from static configurations but only one (best) destination can be used for packet forwarding. To determine the best path, RIB runs a Route Selection algorithm which that picks the best route from all candidate routes per destination.

...

  • Route is not disabled.
  • If the type of route is unicast it must have at least one reachable next-hop. ( if a gateway is from a connected network and there is a connected route active, the gateway is considered as reachable) 
  • Route should not be synthetic.

...

Gateway check can be extended by setting check-gateway parameter. Gateway reachability can be checked by sending ARP probes, or ICMP messages or by checking active BFD sessions. The router periodically (every 10 seconds) checks the gateway by sending either an ICMP echo request (ping) or an ARP request (arp). If no response from the gateway is received for 10 seconds, the request times out. After two timeouts gateway is considered unreachable. After receiving a reply from the gateway it is considered reachable and the timeout counter is reset.

...

    Dst [4]/0 1/0+4                             18  <-- number of prefixes
         ^  ^ ^ ^ ^
         |  | | | |
         |  | | | \- bytes taken by Route distinguisher or Interface Id
         |  | | \--- vrf/routing table
         |  | \----- AFI
         |  \------- netmask length of prefix
         \---------- bytes taken by prefix value

         [stuff subject to change without notice]

...

  • L1 Data - all flags, list of extra properties, as-path;
  • L2 Data - nexthops, RIP, OSPF, BGP metrics, route tags, originators, etc.
  • L3 Data - distance, scope, kernel type, MPLS stuff
  • extra properties - communities, originator, aggregator-id, cluster-list, unknown

...

Each route has dst-address property, that specifies all destination addresses this route can be used for. If there are several routes that apply to a particular IP address, the most specific one (with the largest netmask) is used. This operation (finding the most specific route that matches the given address) is called ''routing table lookup''.

...

When forwarding decision uses additional information, such as the source address of the packet, it is called policy routing. Policy routing is implemented as a list of policy routing rules, that select different routing tables based on the destination address, source address, source interface, and routing mark (which can be changed by firewall mangle rules) of the packet.

...

Run routing decision:

  • check that the packet has to be locally delivered (the destination address is the address of the router)
  • process implicit policy routing rules
  • process policy routing rules added by a user
  • process implicit catch-all rule that looks up the destination in the ''main'' routing table
  • the returned result is "network unreachable"

...

  • drop or unreachable, then it is returned as a result of the routing decision process.
  • lookup then the destination address of the packet is looked up in the routing table that is specified in the rule. If the lookup fails (there is no route that matches the destination address of the packet), then FIB proceeds to the next rule.
  • lookup-only  is similar to lookup except that lookup fails if none of the routes in the table matches the packet.

...

  • if the type of the route is blackhole, prohibit, or unreachable, then return this action as the routing decision result;
  • if this is a connected route or route with an interface as the gateway value, then return this interface and the destination address of the packet as the routing decision result;
  • if this route has an IP address as the value of  the gateway, then return this address and associated interface as the routing decision result;
  • if this route has multiple values of nexthop, then pick one of them in a round-robin fashion.


Show Routes

...