IP Routing

Docs

Networking

IP Routing

IP routing is the process of forwarding packets through a network based on the destination Layer 3 (IP) address. Unlike Layer 2 switching, which forwards frames based on MAC addresses within a local network, routing operates across different networks, making decisions at the Network layer of the TCP/IP protocol stack.

Routing Fundamentals

What Is IP Routing?

IP routing is the forwarding of packets based on the destination IP address in the Layer 3 header. When a router receives a packet, it examines the destination IP address and consults its routing table to determine the best path to forward that packet toward its destination.

Packet arrives at router
    ↓
Router reads destination IP address (Layer 3)
    ↓
Router consults routing table
    ↓
Router forwards packet to next hop or directly to destination

Why It’s Called TCP/IP

The TCP/IP Protocol Stack gets its name from two key protocols:

TCP (Transmission Control Protocol) — a Layer 4 transport protocol
IP (Internet Protocol) — the primary Layer 3 network protocol

Together, these protocols form the foundation of modern network communication.

Network Addressing

Network vs Host Address

IPv4 addresses consist of two parts, analogous to a physical mailing address:

Component	Analogy	Example
Network Address	Street name	`10.10.0`
Host Address	House number	`.50`

IP Address: 10.10.0.50
            ├───┬───┘ ├┘
            │       │   └─ Host (specific device)
            └───────┴─── Network (street)

Multiple Networks

Devices on different networks are like houses on different streets:

Network 10.10.0          Network 10.20.0
(Elm Street)            (Fifth Street)
├── Client (.50)         ├── Server (.100)
├── PC-10 (.51)          └── Other devices
└── Router (.1)

A router connects these networks, similar to an intersection connecting two streets.

Layer 2 Switching vs Layer 3 Routing

Understanding the difference between switching and routing is fundamental to networking:

Function	Layer	Decision Based On	Device
Switching	Layer 2 (Data Link)	Destination MAC Address	Layer 2 Switch
Routing	Layer 3 (Network)	Destination IP Address	Router, Firewall, Multi-layer Switch

Layer 2 Switch: "Where should this frame go based on the MAC address?"
Layer 3 Router: "Where should this packet go based on the IP address?"

Routing Decisions

The Two Key Questions

Every device running IPv4 asks two questions when it needs to send a packet:

Is the destination local?
- Am I directly connected to the destination network?
- Can I reach it without going through a router?
If not local, how do I forward it?
- Do I have a route to the destination network?
- Where is my default gateway?

Client PC (10.10.0.50) wants to reach Server (10.20.0.100)
    ↓
Q1: Is 10.20.0.100 on my local network (10.10.0)?
    Answer: No
    ↓
Q2: Do I know how to reach 10.20.0?
    Answer: Yes, via my default gateway (10.10.0.1)
    ↓
Forward packet to default gateway

Default Gateway

The default gateway is the router that a device uses when it needs to send traffic to a destination outside its local network. It’s the “last resort” route, similar to asking for directions when you’re lost.

Term	Description
Default Gateway	The router IP address configured on end devices for off-network traffic
Default Route	The route on a router that specifies where to forward traffic when no specific route exists
0.0.0.0/0	The IP notation for a default route (matches any destination)

Client PC Configuration:
    IP Address:      10.10.0.50
    Subnet Mask:     255.255.255.0
    Default Gateway: 10.10.0.1  ← This is R1

Analogy: The default gateway is like the “Obi-Wan Kenobi” route. When the device doesn’t know how to reach a destination, it sends the packet to its default gateway, just as Princess Leia called on Obi-Wan Kenobi as her last hope.

Hops and Path Verification

What Is a Hop?

Each router that a packet passes through on its way to the destination is called a hop. The hop count represents the number of Layer 3 devices between source and destination.

Client (10.10.0.50) → Hop 1 → Hop 2 → Server (10.20.0.100)
                      R1      Firewall
                      (.1)    (.2)

Trace Route

Trace route is a diagnostic tool that shows the path packets take through a network and identifies each hop along the way.

Windows Command:

tracert -d 10.20.0.100

Linux/Unix Command:

traceroute 10.20.0.100

Example Output:

Tracing route to 10.20.0.100 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms   10.10.0.1
  2    <1 ms    <1 ms    <1 ms   10.12.0.2
  3    <1 ms    <1 ms    <1 ms   10.20.0.100

Trace complete.

Hop	IP Address	Device	Description
1	10.10.0.1	Router R1	Default gateway, first routing decision
2	10.12.0.2	Firewall	Second routing decision
3	10.20.0.100	Server	Final destination

Note: The -d flag on Windows tells trace route to skip DNS name resolution, making the output faster and cleaner.

Devices That Perform IP Routing

While traditional routers are the primary routing devices, several other types of equipment can make Layer 3 forwarding decisions:

Router Types

Device	Description	Typical Use
Dedicated Router	Purpose-built routing device	Enterprise WAN, internet edge
Firewall	Security device with routing capability	Network perimeter, inter-VLAN routing
Multi-layer Switch	Layer 2 switch with Layer 3 routing	Campus core, distribution layer
Virtual Router	Software-based routing in virtualized environments	Cloud, virtual labs

Physical Router Examples

Device	Description
Cisco ISR (Integrated Services Router)	Enterprise branch routers with modular slots for additional interfaces
Cisco Catalyst Switch (MLS)	Multi-layer switch capable of both Layer 2 switching and Layer 3 routing
Firewall Appliance	Security device that can route packets between interfaces
Raspberry Pi	Small computing device configurable as a basic router

Virtual Routers

Virtual routers provide routing functionality in software without dedicated hardware:

Platform	Virtual Router Options
VMware	vIOS, VyOS, pfSense, OPNsense
AWS	Virtual Private Gateway, Transit Gateway
Azure	Virtual Network Gateway, Route Server
GCP	Cloud Router

Virtual Router Configuration Example:
    - Two or more virtual network interfaces
    - Routing software installed
    - Interfaces connected to different virtual networks
    - Routing table configured with directly connected and/or static routes

Layer 3 Switching

The term “Layer 3 switching” refers to a device performing IP routing with dedicated hardware for faster forwarding. Despite the name, it’s still Layer 3 routing based on destination IP addresses:

Traditional Router: Software-based routing decisions
Layer 3 Switch: Hardware-accelerated routing decisions

Both: Forward packets based on destination IP addresses

How Routers Learn Routes

Routers populate their routing tables through three primary methods:

Method 1: Directly Connected Networks

When a router interface is configured with an IP address and activated, the router automatically knows how to reach that network because it’s directly connected to it.

Router R1 Interface Configuration:
    GigabitEthernet 0/0: 10.10.0.1/24
    ↓
Router automatically learns: "I am directly connected to 10.10.0.0/24"
    ↓
Route appears in routing table with 'C' (Connected) designation

Cisco Command to Configure Interface:

configure terminal
interface GigabitEthernet 0/0
 ip address 10.10.0.1 255.255.255.0
 no shutdown
end

Viewing Connected Routes:

show ip route connected

Example Output:

Codes: C - connected, S - static, ...

C    10.10.0.0/24 is directly connected, GigabitEthernet0/0
L    10.10.0.1/32 is directly connected, GigabitEthernet0/0

Method 2: Static Routes

Static routes are manually configured by a network administrator. They tell the router exactly where to forward packets for a specific destination network.

Static Route Configuration:
    "To reach network 10.20.0.0, forward packets to 10.12.0.2"
    ↓
Router adds this information to its routing table
    ↓
Router forwards packets to 10.20.0.0 via 10.12.0.2

Cisco Command to Configure Static Route:

configure terminal
ip route 10.20.0.0 255.255.255.0 10.12.0.2
end

Viewing Static Routes:

show ip route static

Example Output:

S    10.20.0.0/24 [1/0] via 10.12.0.2

Verification with Trace Route:

tracert -d 10.20.0.100

Tracing route to 10.20.0.100 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms   10.10.0.1    ← R1 (default gateway)
  2    <1 ms    <1 ms    <1 ms   10.12.0.2    ← Firewall (static route next hop)
  3    <1 ms    <1 ms    <1 ms   10.20.0.100  ← Server (destination)

Method 3: Dynamic Routing Protocols

Dynamic routing protocols allow routers to automatically share routing information with each other. This is more scalable than static routes in larger networks.

Dynamic Routing Protocol Analogy:
    - Store has a 50% off sale (network advertisement)
    - Person 2 sees the sale sign (receives route advertisement)
    - Person 2 tells Person 1 about the sale (shares route information)
    - Person 1 now knows about the sale (learns route dynamically)

Routing Protocol	Type	Description
OSPF	Interior Gateway Protocol	Open Shortest Path First, link-state protocol
EIGRP	Interior Gateway Protocol	Enhanced Interior Gateway Routing Protocol, Cisco proprietary
BGP	Exterior Gateway Protocol	Border Gateway Protocol, used between autonomous systems
RIP	Interior Gateway Protocol	Routing Information Protocol, distance-vector, legacy

How Dynamic Routing Works:

Router A is directly connected to network 10.20.0.0
Router A advertises this network using a routing protocol
Router B receives the advertisement
Router B adds the route to its routing table with Router A as the next hop
When Router B receives packets for 10.20.0.0, it forwards them to Router A

Firewall (directly connected to 10.20.0.0)
    ↓ Advertises: "I can reach 10.20.0.0"
    ↓
R1 receives advertisement
    ↓
R1 adds to routing table: "10.20.0.0 via Firewall (10.12.0.2)"
    ↓
Future packets to 10.20.0.0 are forwarded to Firewall

Route Type Summary

Method	Configuration	Scalability	Use Case
Directly Connected	Automatic when interface is configured	N/A	Local network connectivity
Static Route	Manual configuration by administrator	Low	Small networks, default routes
Dynamic Routing Protocol	Automatic neighbor discovery and route sharing	High	Large networks, multiple paths

Routing Table

The routing table is the database that a router uses to make forwarding decisions. It contains all known networks and the best path to reach each one.

Viewing the Routing Table

Cisco IOS Command:

show ip route

Example Output:

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       O - OSPF, IA - OSPF inter area, E1 - OSPF external type 1
       E2 - OSPF external type 2, i - IS-IS, su - IS-IS summary
       L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C        10.10.0.0/24 is directly connected, GigabitEthernet0/0
L        10.10.0.1/32 is directly connected, GigabitEthernet0/0
C        10.12.0.0/24 is directly connected, GigabitEthernet0/1
L        10.12.0.1/32 is directly connected, GigabitEthernet0/1
S        10.20.0.0/24 [1/0] via 10.12.0.2

Route Codes

Code	Description
C	Directly connected network
L	Local interface address (host route)
S	Static route
O	OSPF learned route
D	EIGRP learned route
R	RIP learned route
S*	Default static route (candidate default)

Route Selection Process

When a router has multiple routes to the same destination, it selects the best route based on:

Longest prefix match — most specific route wins
Administrative distance — trustworthiness of the route source
Metric — cost of the path (protocol-specific)

Destination: 10.20.0.100

Route 1: 10.20.0.0/16 (less specific)
Route 2: 10.20.0.0/24 (more specific) ← Selected (longest prefix match)

IP Routing Process: End-to-End

Complete Packet Journey

When a client sends data to a server on a different network:

Step 1: Client (10.10.0.50) wants to reach Server (10.20.0.100)
    ↓
Step 2: Client determines destination is not local
    ↓
Step 3: Client forwards packet to default gateway R1 (10.10.0.1)
    - Layer 2: Destination MAC = R1's MAC
    - Layer 3: Destination IP = 10.20.0.100
    ↓
Step 4: R1 receives packet, examines destination IP
    ↓
Step 5: R1 consults routing table, finds route to 10.20.0.0/24 via 10.12.0.2
    ↓
Step 6: R1 forwards packet to Firewall (10.12.0.2)
    - Layer 2: Destination MAC = Firewall's MAC
    - Layer 3: Destination IP = 10.20.0.100 (unchanged)
    ↓
Step 7: Firewall receives packet, examines destination IP
    ↓
Step 8: Firewall determines 10.20.0.100 is on directly connected network (10.20.0.0)
    ↓
Step 9: Firewall forwards packet directly to Server (10.20.0.100)
    - Layer 2: Destination MAC = Server's MAC
    - Layer 3: Destination IP = 10.20.0.100 (unchanged)
    ↓
Step 10: Server receives packet

Key Principle: Layer 2 Changes, Layer 3 Stays

As a packet traverses routers through the network:

Layer 2 (MAC) addresses change at each hop to reflect the next device in the path
Layer 3 (IP) addresses remain the same from source to final destination

Hop 1 (Client → R1):
    Layer 2: Src MAC (Client) → Dst MAC (R1)
    Layer 3: Src IP (10.10.0.50) → Dst IP (10.20.0.100)

Hop 2 (R1 → Firewall):
    Layer 2: Src MAC (R1) → Dst MAC (Firewall)  ← Changed
    Layer 3: Src IP (10.10.0.50) → Dst IP (10.20.0.100)  ← Unchanged

Hop 3 (Firewall → Server):
    Layer 2: Src MAC (Firewall) → Dst MAC (Server)  ← Changed
    Layer 3: Src IP (10.10.0.50) → Dst IP (10.20.0.100)  ← Unchanged

Verification Commands Summary

Windows Commands

Command	Purpose
`ipconfig`	Display IP address, subnet mask, default gateway
`tracert -d <destination>`	Trace route to destination (skip DNS)
`tracert <destination>`	Trace route with DNS resolution
`ping <destination>`	Test connectivity to destination

Cisco Router Commands

Command	Purpose
`show ip route`	Display full routing table
`show ip route connected`	Display only directly connected routes
`show ip route static`	Display only static routes
`show ip route <network>`	Display specific route information
`show interfaces`	Display interface details including IP addresses
`ping <destination>`	Test connectivity from router

Cisco Switch Commands (Layer 3 Capable)

Command	Purpose
`show ip route`	Display routing table (if Layer 3 routing enabled)
`show ip interface brief`	Display interface IP addresses and status

Key Concepts Recap

Concept	Description
IP Routing	Forwarding packets based on destination IP addresses
Routing Table	Database of known networks and paths to reach them
Default Gateway	Router used when no specific route exists for destination
Hop	Each router a packet passes through
Directly Connected	Network a router knows because it has an interface on that network
Static Route	Manually configured route to a specific network
Dynamic Routing Protocol	Automatic route learning and sharing between routers
Trace Route	Tool to discover the path and hops to a destination
Next Hop	The IP address of the next router in the path to destination

Layer 2 Switching