be the best path towards the destination in terms of performance (even though BGP’s measurements of performance are not as advanced as those of an IGP in most cases) but also based on the explicit preference of both network operators. This means that any business agreements they have created in regard to the routing of each other’s traffic can be implemented between their networks by BGP. The reasons for these arrangements are many, and they have helped spur the growth of the internet.
On each BGP router, the BGP protocol allows the configuration of the local preference and the multi exit discriminator (MED) values. Although both of these values are used to directly influence routing decisions, they operate from two different sides. As the sender of traffic, one BGP router may have a local preference value configured which instructs it to use a specific route to reach a destination, and concurrently the MED value configured on the receiver of traffic allows that router to indicate to the sender which path it would prefer to receive traffic on, which is entering its AS. Although the effect of the MED value can be overridden by any of its BGP peers, this feature allows a BGP AS to attempt to influence the paths that traffic inbound to the AS takes. BGP path selection is a detailed topic itself, but the concepts in this section will provide the required background for later sections in this book.
3.6.3 Routing Process
To contextualise all of the routing information presented so far in this chapter, let us use an end‐to‐end example of traffic being routed across multiple networks from its source to its destination (see Figure 3.1). In this example, traffic will flow from a source on the left of the diagram to a destination on the right.
In this example, traffic will need to be routed across two networks which are peering using BGP as their EGP. One network is using OSPF for its IGP, while the other will use IS‐IS. The traffic is using IPv4, though the same concepts and flow seen in this example would apply to IPv6 traffic as well:
1 Traffic is generated by a device within the first network. Its destination is a server in the second network. The majority of internet use cases follow this general structure; examples include a device accessing a video or a cloud service from a remote server across networks.Figure 3.1 Routing process example.
2 The device sends its traffic to its local gateway, which is a router. This router inspects the IP packet headers of the traffic from the device and deduces that its neighbouring router is the best route available to reach this destination. The information to inform this deduction was the result of the router querying its local routing table, which was generated by OSPF using information received from the local router and its neighbouring routers across the network.
3 The traffic is sent to that neighbouring router, which then inspects its own routing table and determines that the best route to the destination of that traffic is via an external network. This same router has established a BGP peering with that external network, and so it sends the traffic to its BGP peer. Although it is an external network, this process is identical from a routing perspective to how traffic was moved within the network, excepting the use of BGP.
4 Once the traffic has entered the second network, the router which received it repeats the process of looking up the optimal route to the destination of the traffic in its routing table. This routing table informs the router that the optimal path is through its neighbouring router within the network, and so it sends the traffic over its link to that router. Note that although this network uses IS‐IS for its internal routing protocol, once the routing table is created by the routing protocol, the traffic routing process itself is identical on a hop‐by‐hop basis.
5 Finally, the last router receives the traffic and, upon inspecting its routing table, discovers that the subnetwork containing the destination of the traffic is directly attached to one of its local interfaces. The router sends the traffic over that link to its destination, and the process of routing traffic from source to destination is complete. Often traffic will be sent responding to the traffic which was sent; in this case, the same process is performed, from right to left.
Regardless of the size or number of networks between the source and destination of traffic, this is the routing process which takes place. Although different routing protocols differ in how they create their routing tables, how they pass information between each other to create them, and the criteria they use to determine the optimal route, this does not affect the general routing process as above.
3.6.3.1 Switching
Compared to routing, switching uses only layer 2 information in order to direct network traffic to its destination. In the example of Ethernet, as described previously, the Ethernet frame header itself features a pair of MAC addresses, which are the source and destination addresses of the traffic. This section will focus primarily on Ethernet as a data link layer protocol used to perform switching, just as the previous section focused on IPv4 and IPv6 as network layer protocols used to perform routing.
In this section, much as devices that perform routing on network traffic are referred to as routers, a device which performs switching on network traffic will be referred to as a switch. Although these terms are often used interchangeably in the networking industry, in this book routing refers only to the layer 3 process of directing traffic from its source to its destination and switching refers in turn only to the layer 2 process that is used to achieve this same end goal. As will be seen in an upcoming section, these two processes are typically used together to operate a modern network.
Switching is generally used on networks which are local in scope. This is due to both the nature and limitations of link layer endpoint addressing but also the operational characteristics of switching as a process. Unlike IP addresses, Ethernet MAC addresses are not assigned to endpoints or interfaces of endpoints by the network administrator whether manually or via automation. Instead Ethernet MAC addresses are assigned to an endpoint or endpoint interface at the factory where they are produced and are not intended to be changed during normal operation. This does not allow the network to be arranged in an hierarchical or summarised fashion as is possible using a layer 3 protocol such as IP and so makes organising and scaling the network more difficult due to a few key operational factors.
Much like the routing table described in the previous section, all switches maintain a switching table that operates in a similar fashion; once populated, it is a record of the local interfaces of that switch via which a particular destination MAC address can be reached. This table is then used by the switch to forward traffic to those destinations as it is received. Each switch makes a forwarding decision by using the contents of its switching table, much like the hop‐by‐hop routing process described earlier.
A key difference between routing and switching is in how the routing table and switching table are built. As previously described, a routing protocol exchanges information between routers across the network and in some cases even with external networks in order to create its routing table. However, in the case of switching there is no such protocol; the switching table is created over time by using flooding, learning, and forwarding. This is a simpler, albeit far less scalable method of determining where in the network a particular destination is located. When a switch receives traffic without a corresponding entry in its switching table, it floods a request for the destination of that traffic from all of its interfaces besides the one it received the traffic on. The switch then expects an endpoint within the network to reply that it knows or is the destination of the traffic; the interface that this reply is received on is marked in the switching table as the path to reach the destination, and the original traffic plus any subsequent traffic to the same destination is then sent using this interface.
Unlike routing, due to the comparatively simple methods by which the locations of endpoints are learnt when using switching, a switch does not have a sophisticated view of the cost of the paths which are available or of the overall network topology. Although protocols such as the Spanning Tree Protocol (STP) and other similar protocols provide some level of intelligence to a switching network, primarily to enhance network resiliency by eliminating broadcast loops