基本概念

Routing is the process of selecting a path for traffic in a network or between or across multiple networks. Broadly, routing is performed in many types of networks, including circuit-switched networks, such as the public switched telephone network (PSTN), and computer networks, such as the Internet.

In packet switching networks, routing is the higher-level decision making that directs network packets from their source toward their destination through intermediate network nodes by specific packet forwarding mechanisms. Packet forwarding is the transit of network packets from one network interface to another. Intermediate nodes are typically network hardware devices such as:

The routing process usually directs forwarding on the basis of routing tables. Routing tables maintain a record of the routes to various network destinations. Routing tables may be specified by an administrator, learned by observing network traffic or built with the assistance of routing protocols.

Routing, in a narrower sense of the term, often refers to IP routing and is contrasted with bridging. IP routing assumes that network addresses are structured and that similar addresses imply proximity within the network. Structured addresses allow a single routing table entry to represent the route to a group of devices. In large networks, structured addressing (routing, in the narrow sense) outperforms unstructured addressing (bridging). Routing has become the dominant form of addressing on the Internet. Bridging is still widely used within local area networks.

路由器 VS 网关(不是具体某一层)

路由器是产品,网关是概念

路由器用于连接两个相似类型的网络,网关用于连接两个不同的网络。由于这种逻辑,路由器可能被视为网关,但网关并不总是被视为路由器。路由器是最常用的网关,用于将家庭或企业网络连接到互联网。

所有网络都有一个边界,限制与直接连接到它的设备的通信。因此,如果网络想要与该边界之外的设备,节点或网络通信,则它们需要网关的功能。网关通常被表征为路由器和调制解调器的组合。

网关在网络边缘实现,并管理从该网络内部或外部定向的所有数据。当一个网络想要与另一个网络通信时,数据包将传递到网关,然后通过最有效的路径路由到目的地。除路由数据外,网关还将存储有关主机网络内部路径的信息以及遇到的任何其他网络的路径。

网关基本上是协议转换器,促进两个协议之间的兼容性,并在开放系统互连(OSI)模型的任何层上操作。

路由器 网关(网络层) 网卡 网桥

网桥你可以理解为少口交换机,他们都能转发MAC地址,工作在前两层(物理层和数据链路层),只能分析MAC地址不能解析IP地址,只不过一般的网桥没有交换机插口多,是早期的网络产品,现在基本已经淘汰。路由器更好理解了,他能工作在前三层(物理层,数据链路层和网络层),一般只工作在第三层,顾名思义,他能“路由”网络层里的重要东西,就是IP地址,举个例子,两台主机如果IP地址在同一网段,比如192.168.1.1和192.168.1.2,它们之间通讯只要有个网桥或交换机就行了,甚至什么设备不用直接一个网线连就行(现在的操作系统都很智能,不像以前的95,98),但是如果他们工作在不同网段,像172.16.50.1和192.168.1.1,明显IP不同类,这是要通讯就得需要一个路由,帮助他们选择路径,select path(选择路径)在中文意思里就叫路由,能完成这个工作的设备叫路由器,当然你光有设备还不行,你的设置它,就是规定它如何选择路径,这是你就得给他一个网关地址,告诉它如果机器A要访问B,通讯IP地址不同类,就让A把数据包给网关地址,让网关来处理,而网关就是路由器的IP地址,说白了就是给路由器,让它来处理,替主机A来找到主机B

路由 VS NAT

本质区别:数据包通过路由可以从一个网络到另一个网络,他是通过数据包的目的IP和源IP实现的,当一个数据包进入路由器是,路由器会根据她的目标ip和源ip在路由表中查找,并将数据包原封不动的传向路由器的某个端口。而数据包通过NAT,NAT将会根据规则将数据包中的源ip和目标IP改变,并在NAT机器上做改变记录。

简而言之,路由不改变数据包包头信息,NAT则改变;

表面区别:路由打通的两个网段地位是公平的,既都是公网或都是私网,理解起来比较简单,因为路由不改变包头信息,所以如果用路由连接公网和私网的话,目的地址为私网(192.168.1.2)的数据包在公网上找不到归宿。其实路由表里面也没有相关的路由信息。

NAT打通的可以是两个公平的网络,也可以是一个内网和一个外网。

MPLS VS IP Routing

In MPLS, the switching of traffic is based on the labels assigned to the network packets. While in IP routing, it is based on the destination IP address. In MPLS, a fixed and dedicated path is established for the routing of network packets.

IP Routing: Before routers can forward a packet to its final IP address, they must first determine where the packet needs to go. Routers do this by referencing and maintaining a routing table, which tells them how to forward each packet. Each router examines the packet’s headers, consults its internal routing table, and forwards the packet to the next network. A router in the next network goes through the same process, and the process repeats until the packet arrives at its destination.

This approach to routing works well for most purposes; most of the Internet runs using IP addresses and routing tables. However, some users or organizations want their data to travel faster over paths they can directly control.

MPLS: In typical Internet routing, each individual router makes decisions independently based on its own internal routing table. Even if two packets come from the same place and are going to the same destination, they may take different network paths if a router updates its routing table after the first packet passes through. However, with MPLS, packets take the same path every time. MPLS can be “private” in the sense that only one organization uses certain MPLS paths. However, MPLS does not encrypt traffic. If packets are intercepted along the paths, they can be read. A virtual private network (VPN) does provide encryption and is one method for keeping network connections truly private.

路由表 routing table

计算机和路由器既有ARP表,也有路由表

windows路由表详解 https://mp.weixin.qq.com/s/Dep37CyOd0Szr_fzjQFOkA

理解Windows中的路由表和默认网关 https://developer.aliyun.com/article/447528

Example: VPN 改变路由

===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.5.1     192.168.5.24     50
          0.0.0.0        128.0.0.0      100.64.38.1      100.64.38.3      6
		128.0.0.0        128.0.0.0      100.64.38.1      100.64.38.3      6

0.0.0.0/128.0.0.0 covers 0.0.0.0 – 127.255.255.255 128.0.0.0/128.0.0.0 covers 128.0.0.1 – 255.255.255.255

The reason this works is because when it comes to routing, a more specific route is always preferred over a more general route. And 0.0.0.0/0.0.0.0 (the default gateway) is as general as it gets. But if we insert the above two routes, the fact they are more specific means one of them will always be chosen before 0.0.0.0/0.0.0.0 since those two routes still cover the entire IP spectrum (0.0.0.0 thru 255.255.255.255).

VPNs do this to avoid messing w/ existing routes. They don’t need to delete anything that was already there, or even examine the routing table. They just add their own routes when the VPN comes up, and remove them when the VPN is shutdown. Simple.

Understanding Routing Table with OpenVPN

Protocols

OSPF and RIP are Interior Gateway Protocols (IGP) and distribute routing information within an autonomous system, Therefore, both are confined to a single domain for routing (intra-domain). whereas BGP is a Exterior Gateway Protocol, primarily designed to be used to route between routing domains (inter-domain).

一般会先使用IGP协议在自治系统内部计算和发现路由条目,再通过BGP协议将IGP协议产生的路由传递至其他的AS(自治系统)。

BGP解决的是AS之间的路由学习问题,当今互联网是全球互联,在中国,互联网运营商有移动、电信和联通。每个公司都有自己的自治系统,并且内部运行IGP协议。但是互联网又要求互联,所以通过BGP就可以在电信和联通等之间学习对方的AS内部路由,使电信和联通的用户之间互相通信。

内部网关协议 Interior Gateway Protocol,IGP

主要包含RIP、OSPF、ISIS、EIGRP

IGP路由协议运行在AS内部,解决的是AS内部的选路问题。主要作用是发现、计算路由。

OSPF Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP).

外部网关协议 Exterior Gateway Protocol,EGP

通常就是指BGP,它运行在AS与AS之间,解决的是AS之间的选路问题。BGP的主要作用是控制路由条目的传播和选择最优路由。

在BGP术语中,全球互联网是由成千上万相关联的自治系统(AS)组成,其中每一个AS代表每一个特定运营商提供的一个网络管理域(据说,美国前总统乔治.布什都有自己的 AS 编号)

BGP

Private leased line (also known as MPLS) provides a dedicated connection that offers lots of bandwidth and it does not route through the Internet. The connection is routed using BGP (border gateway protocol) usually via a telecom provider at their backend infrastructure to establish the secure connection.

Quagga 把 LINUX 变成 BGP 路由器

如何注册BGP,可以找一个本地互联网注册机构 Local Internet Registry (LIR) 或 区域互联网注册机构 RIR: BGP简介和如何申请个人ASN

Advice for getting my own ASN

问题

路由环路

在维护路由表信息的时候,如果在拓扑发生改变后,网络收敛缓慢产生了不协调或者矛盾的路由选择条目,就会发生路由环路的问题,这种条件下,路由器对无法到达的网络路由不予理睬,导致用户的数据包不停在网络上循环发送,最终造成网络资源的严重浪费。

什么是云路由? 云路由使用边界网关协议(BGP)动态管理两个虚拟云网络之间或云网络与本地网络之间的连接。云路由可自动适应云中不断变化的网络条件。 云路由器(虚拟化路由器功能的软件)可促进云路由。

什么是 DNS 路由? 域名系统(DNS)将人类可读的域名(例如,www.amazon.com)转换为机器可读的 IP 地址(例如,192.0.2.44)。将此名称信息映射到计算机信息的数据单独存储在 DNS 服务器上。在将数据发送到任何网站之前,路由器必须与 DNS 服务器通信,以确定数据包的确切机器地址。

DNS 服务器通信可能会成为瓶颈,尤其是当许多用户想要同时访问网站时。DNS 路由是指管理与 DNS 服务器通信的各种路由策略和算法。基于延迟的路由和基于地理位置的路由等多种策略有助于管理 DNS 服务器通信负载。