Routing

A router is a device that connects two networks, either two local area networks (LANs) or a LAN and a wide area network (WAN), and forwards traffic between the networks. A router can be a dedicated hardware device or a computer with two network interfaces. Windows Server 2003 includes the Routing and Remote Access service (RRAS), which enables the computer to function as a router, using any one of several configurations. Routers forward packets using information stored in a routing table. The routing table consists of entries for specific network destinations, each entry specifying the interface and the gateway that the router should use to send traffic to that destination. (Gateway is the TCP/IP term for a router.) To reach a particular destination on a large network, a router typically has to send packets to another router, which forwards them in the same way, handing off the packets until they reach their final destinations. On the route from the source to the destination computer, each router that processes a packet is referred to as a hop. For example, a destination can be said to be four hops away from the source. One of the most important tasks in the operation of a router is adding information to the routing table. Routers must have current and complete information to forward traffic properly. On a large installation, the network configuration can change frequently, and the routing table must keep up with the changes. There are two methods for inserting information into a routing table: static routing and dynamic routing. Static routing is a manual process in which an administrator creates or modifies routing table entries using a tool like the Windows Server 2003 Routing And Remote Access console or the ROUTE.EXE command-line utility. Although static routing has the advantage of not generating any additional network traffic, it suffers from several disadvantages, including the possibility of typographical errors, and the inability to automatically compensate for changes in the network. Static routing is suitable only for small networks that do not often change. Dynamic routing uses a specialized routing protocol to gather information from other routers on the network and automatically add it to the routing table. Routers are able to create their own routing table entries for destinations on the networks to which they are directly attached, but they have no direct knowledge of more distant networks. Dynamic routing protocols enable routers to share their routing table information with other routers, enabling each router to build a composite routing table compiled from many sources and containing an overall picture of the network. Each entry in a routing table contains a value called a metric, which specifies the relative efficiency of the route. When a router is processing a packet and there is more than one route to the packets destination, the router always chooses the route with the lowest metric value. Routing protocols determine their metric values in one of two ways. Distance vector routing uses the number of hops between the router and the destination for the metric value, while link state routing uses a more complex (and more accurate) calculation that accounts for additional factors, such as the transmission speeds of the networks involved, and network congestion. Windows Server 2003 supports two routing protocols: Routing Information Protocol (RIP) and Open Shortest Path First (OSPF). RIP is a simple distance vector routing protocol that enables a router to broadcast or multicast the contents of its routing table at regular intervals. RIP is intended for relatively small networks, because it generates large amounts of traffic and because distance vector routing is

generally not suitable for large installations with networks running at different speeds. OSPF is a more complex protocol that uses link state routing, does not use broadcast or multicast transmissions, and has the ability to split a network into distinct areas, so that routers only have to share their information with other routers in the immediate vicinity. OSPF has more features and is more efficient than RIP, but it is also more difficult to implement. You must plan an OSPF deployment carefully, while deploying RIP is simply a matter of installing the protocol on a networks routers. Multicasting is a one-to-many communications technique that enables systems to transmit messages to designated groups of recipients. Multicast transmissions use a single destination IP address that identifies a group of systems on the network, called a host group. Multicasts use Class D addresses, as assigned by the Internet Assigned Numbers Authority (IANA), which can range from 224.0.1.0 to 238.255.255.255. For a multicast transmission to reach an entire multicast group with members on different LANs, the routers on the network must know which hosts are members of the group, so that they can forward the messages to them. Computers that are to be members of a particular multicast host group must register themselves with the routers on the local network, using the Internet Group Management Protocol (IGMP). To support multicasting, all the members of the host group and all the routers providing access to the members of the host group must have support for IGMP.

Using NAT
NAT is a primary method enabling computers with unregistered IP addresses to access the Internet. As described in Chapter 2, Planning a TCP/IP Network Infrastructure, NAT functions as an intermediary between a client computer on an unregistered network and the Internet. For each packet generated by a client, the NAT implementation substitutes a registered address for the clients unregistered address. Following are three basic types of NAT: Static NAT Static NAT translates a number of unregistered IP addresses to an equal number of registered addresses (see Figure 3-4) so that each client always uses the same registered address. This type of NAT does not conserve the IP address space because you need the same number of registered addresses as unregistered addresses. Static NAT is also not as secure as the other NAT types because each computer is permanently associated with a particular registered address, which makes it more possible for Internet intruders to direct traffic to a particular computer on your network using that registered address.

Dynamic NAT Dynamic NAT is intended for circumstances in which you have fewer registered IP addresses than unregistered computers (see Figure 3-5). Dynamic NAT translates each unregistered computer to one of the registered addresses. Intruders on the Internet are less able to associate a registered address with a particular computer (as in static NAT) because the registered address assigned to each client changes frequently. The main drawback of dynamic NAT is that it can support only the same number of simultaneous users as you have registered IP addresses available. If all the registered addresses are in use, a client attempting to access the Internet receives an error message.

Masquerading Masquerading translates all the unregistered IP addresses on your network using a single registered IP address (see Figure 3-6). To enable multiple clients to access the Internet simultaneously, the NAT router uses port numbers to differentiate between packets generated by and destined to different computers. Masquerading provides the best security of the NAT types because the association between the unregistered client and the registered IP address/ port number combination in the NAT router lasts only for the duration of a single connection.