What are router? How does the router work to monitor Internet activity?



routers hub

It’s an internet-driven age. Everything from phones to TV and even cars is now linked to the online world. Despite how much you use the web, you may not think much about the tools that enable digital lives and connect you to it. Along with smartphones and cellular connections, routers 

What are routers?

A router is quite different from a switch or hub because its main function is to route data packets to other networks, rather than just local computers. Routers are quite popular to find in homes and businesses because it allows your network to communicate with other networks including the Internet.
Basically, a router router will bridge the gap between other networks and allow your network access to more features such as firewall, QoS, traffic monitoring, VPN and more. so more.
A router is a networking device that forwards data packets between computer networks. Types of routers that perform functions that direct traffic on the Internet. A data packet is normally forwarded from one router to another through the networks constituting an internal network until it reaches its destination node.
A router router is connected to two or more data streams from different networks. When a packet arrives on one of the streams, the router reads the network address information in the packet to determine the final destination. Then, using the information in its routing table or routing policy, it directs the data packet to the next network on its journey.
There are three main devices that work to connect one computer to another. A network hub, network switch, and router can perform this function. Sometimes it can be confusing trying to figure out which devices are currently in use on a computer network without knowing which ones are active.

How do routers work?

We will introduce about how routers work, router routing table and IP router routing section

So, how does the router work? Well, before we get into that you should know the basics of IP addresses, subnet masks and default gateways before continuing.

How Routers Work

Routing is the process of forwarding IP packets from one network to another. Routers are devices that join a network together and route traffic between them. A router will have at least two network cards (NICs), one physically connected to one network and the other physically connected to another. A router can connect any number of networks together providing it has a dedicated NIC for each network.

basic router
Basic router diagram

Having two networks with one router is extremely simple and easy to configure. However, as we move to larger networks with multiple routers, things get a bit more complicated. For example, if we only have 3 networks, we can connect them in two different ways; one way is to connect them together using only 2 routers. The other way is to connect them directly with 3 routers.
configuration router
 2 routers

configuration router
3 routers

In configuration 1 if router A or B has no hosts from subnet A will be able to communicate with subnet C because there is only one path to it. However, if we add an additional router between subnets A and C, we now have two routes to Subnet C making our network more efficient.

Routers don't just route traffic to other networks, they know the fastest routes and use them first. Using configuration 2 from subnet on A has two routes to subnet C; directly through Router C (1 hop) and one through Router A then B (2 hops).

When sending traffic from subnet A to C we explicitly want it to try to go directly through Router C first. This is the fastest and most efficient route but how does the router know this? It knows using something called a metric value. Each route that the router knows has an index value assigned to it. The underlying metric value is the option number.

If there are two routes to the same destination, the route with the lowest index is assumed to be the most efficient. Routers will always use this route first until it fails, in which case it will try the route with the next lowest index and so on. The router stores all this information in the routing table included in the

Router routing table

All network devices that use TCP/IP have routing tables, even your Windows PC has. ALL devices use their routing table to determine where to send packets. Without a routing table, your PC wouldn't even be able to communicate with computers on the same subnet. Here is a screenshot of my computer's routing table.

To view your own routing table, open a command prompt by typing CMD in the run or search box. Then at the command prompt type “”router print” and press Enter.

CMD , IP address

Here are my computer's TCP/IP settings:
IP address:
Subnet mask:
Default port:

Before proceeding, you should know how the subnet mask works to determine the start and end range of the subnet.

Each line is a route to a specific network or device. The routes that you can see in the picture are the default routes that Windows creates for the PC. Check out my routing table and look at it line by line: – Network combined with a network mask (subnet mask) of means ALL IP addresses. Note this is the only line whose port is This line tells the computer that for ALL traffic regardless of destination IP address send it to This as you may have noticed is my default gateway. This is a default route created by Windows when you configure your TCP/IP settings. This is the final route it evaluates if it cannot find a more specific match in the routing table. – The next 3 lines are entries for the loopback address and can be omitted. These are the default entries but the gateway message says “On-link”. This means that these addresses are directly accessible on the local LAN and do not need to be routed through another network. Although is assigned to the local NIC, if those entries are not in the routing table your computer will try to send them to the default gateway as the next intrusion it will closely match will is one. – The next three lines are for your local network. The first one is the full range 192.168.111.x specified by the netmask as Again when this network is local, it says “on-link” in the gateway. They are automatically generated just like the others when you configure your TCP/IP settings. – These are also the default entries for multicasting and can be omitted for the purposes of this article. – This is also a default entry and can be omitted.

How does the router router work?

Before sending a packet, your PC looks up the destination IP address in the routing table to determine the best possible route. A more specific match will take precedence over the others.

For example, if our computer from above wants to send data to, it will first look it up in its routing table and find the entry It also finds entry but as is a closer match it takes precedence.

If I had added a static entry (which we'll get to later) of with a netmask of this was an EXACT match, so it would take precedence over entries. and

Once it finds a match it then checks the gateway column in our case entry, it finds an “on-link” status. The on-link status tells the machine that the network is directly attached, so it sends packets directly to using the NIC with the interface.

If a computer cannot find a matching entry in the routing table it will fail. It will also fail if the routing table is misconfigured.

For example, what do you think will happen if we remove all entries starting with 192.168.111? If I try to connect to any IP address that starts with 192.168.111 there is no specific entry for this anymore so the next best route is

This route tells my computer to forward packets to port so that will fail. The same thing happened if I left those entries but changed the port from “on-link” to (a random IP).

What I tell my computer to do now is forward all traffic for the network to instead of going directly to the computer. As you can see this will also fail.

You may be wondering what the interface column is? Well, if you remember, routers have two NICs. When a router forwards packets, it does not know which NIC to use without this value.

In case there is only one NIC in a device (like a PC) this value will be meaningless, but when there are two or more NICs, you must tell the router which router to use for a given route. . 

Step-by-step router routing example

Let's expand on the network above and take a look at router The routing table will be similar to the one above but will obviously have a reference to its own IP address rather than

We will connect the router to a different subnet with the second NIC. We assign it an IP address of with a subnet mask of Doing so will automatically add more entries to the routing table. Now we will have an additional entry as follows:

Destination address, network mask, bind port, interface

From everything learned so far we can trace the exact steps taken when one computer communicates with each other on another subnet. Now our router is aware of the two subnets and it knows that it is attached directly to both networks through its respective interface. This is what happens when our computer with IP communicates with a PC on another subnet (

Using the same methods on a PC look at the destination IP address and look at its routing table for a match.
Since the PC doesn't know about the 192.168.1.x network, the closest it can find is This entry as explained above is the default gateway and its range includes any IP range. In this entry, it finds the port of The PC now knows that in order to access the 192.168.1.x network, it must forward data packets to and do so.
The router receives these packets on interface and checks its own routing table. It found a match for this network ( which states that it is attached directly (on-link) through the interface assigned to IP The router sends packets over this interface and on the way. Since the packet is now on the destination network, it goes directly to the machine and the router's job is done.
The same thing happens when sends the packet back to The PC looks at its local routing table and the closest it finds is network with interface (hence its own default gateway set up for this).
PC sends packets to router with IP The router checks its routing table and finds a match for the network on the path and sends it directly to
In short, all devices have a routing table, without it, they wouldn't know where to send packets to. When one computer sends a packet to another, it looks at its routing table to determine the best possible route.

If it finds the destination address is “on-link”, it knows it is part of the same subnet as the destination and sends the packets directly to the PC. If it doesn't forward the packet onto whatever is in the port field of the matching route entry.

This same process is repeated at every router/hop along the way until it reaches a router that is part of the destination network. The router then sends the packets directly to the destination computer

Now I will talk about IP router routing and how you can manipulate routes to “direct” traffic. 

What is the router's mission?

When packets have a certain route to their destination, they do NOT have to take the same route. I can't stress this, packages do NOT document the route they take.

This is a big misconception among some IT professionals. Let's say you are playing an online game, you have an established connection to the game server and data is continuously being sent and received.

The packets you send may go through 5 routers, but the packets can return to CAN and will most likely take a completely different route than the other 7 routers. Always remember this when troubleshooting IP routing problems. This is a good example of how you can get it wrong.

Let's say you're troubleshooting a network problem and suspect the cause has something to do with IP routing. You decide to use the PING command to verify that the routing is properly configured. The device you ping is 4 steps (router/network). Ping failed.

For the sake of simplicity, we will assume that everything else is working perfectly and it will respond. Now you use the route tracking command to investigate further and find it is in fact routed correctly; you can see the packets go through all 4 hops and reach the destination.

At this point, you're assuming the routing is working correctly, so move on to look elsewhere. However, the problem isn't that the packets can't reach their destination, it's that they can't come back.

It can be as simple as a misconfigured default gateway on the target computer; packets will go there but on reply the PC sends them to a misconfigured port and thus fails. What you should do is run a trace route in both locations to check IP routing in both directions.

If this had been done, you might have discovered the misconfigured computer right away when it sent it replying to the wrong port.

Make sure you remember this for the future as you are unlikely to find this material elsewhere.

Routing IP routers across multiple networks 
Let's expand on the net from part 2 . We had two subnets 192.168.111.x and 192.168.1.x connected by a router. Let's add 2 subnets 192.168.2.x and 192.168.3.x, they are connected as follows:
Routing IP routers
In the above diagram the default port of PC1 is Router A, the same is true for PC2. All packets from one of these computers will be forwarded to Router A for destinations other than their subnet. What if PC1 wants to communicate with a PC on the 192.168.2.x subnet?

With everything explained so far this is not possible. Let's go through this process; PC1 wants to connect to IP but knows it is on another subnet to forward packets to default gateway router A. At this point Router A cannot find a match for the destination subnet, it just has routes to two subnets attached to it, it should Fail. However, the router also has a default gateway.

If we configure Router A's default gateway to IP (Router B), it adds the entry to its routing table with an IP port As explained in part 2, this will forward everything to this IP, it cannot find a specific match for in its own routing table. When Router B is attached to the 192.168.2.x subnet, it finds a suitable route and sends the packets directly to the computer.

If we apply this same principle to all routers, we can create a loop where packets are forwarded to other routers clockwise as follows; Router A > Router B > Router C > Router D > Router A. This is not an ideal IP routing solution but for learning purposes if enough for now. This is what happens when PC1 transfers data to a PC on the 192.168.3.x network.

PC1 checks its own IP routing table and finds a unique match of (default gateway rule) and forwards the packet to IP
Router A is not exactly the same as PC1. It checks its routing table and finds it is not part of that network to send it to its own default gateway IP (Router B).
Router B does the same and sends it to Router C.
Router C is part of the 192.168.3.x subnet; it finds a match in its routing table and sends it directly to the PC.
PC on 192.168.3.x subnet sends data back to IP but finds it on another subnet. It checks its routing table and looks for entry
This entry has default gateway set to IP (Router D) to forward packets there.
Router D delivers packets to IP

As you can see PC1 had to go through 3 routers to reach its destination because it (and Router A) didn't know that the 192.168.3.x network was accessible through Router D (1 hop). This is because there is no match in any router routing table for the subnet until it reaches Router C.

When packets return from a computer on 192.168. It works, but it's not very efficient.

The most efficient method of IP routing is to make all routers aware of the fastest route to each subnet. We do this using a technique known as Static Routing.

Static Router 

Static routing is the process of manually adding IP routing information to the routing table. Let's start by adding a static route to Router A so that the 192.168.3.x network is accessible via Router D. If we were using Microsoft RRAS as the routers, we would type this command at the prompt. Comeinand:

Router adds mask 1 . data

All routers are configured differently, this is just how Windows RRAS is done but the principle is the same regardless. This command adds an entry to the routing table stating that the 192.168.3.x network can be accessed through IP

When PC1 sends data to 192.168.3.x, it is forwarded to Router A but this time Router A finds a match with the subnet so it forwards the packets to (Router D). Router D of course then delivers it directly to the machine. You might be wondering why can't we just add this route directly on PC1 instead of allowing us to bypass Router A?

This is an option, and we will eliminate a hop in doing so. However, it's bad practice; Remember this subnet can have hundreds of computers attached to it, it will mean adding routes to all of them. This is more work, and in addition it further complicates the network.

For example, if the network topology changes, will you change the IP address of Router D in the near future? The route now needs updating but instead of updating it once on one router, you need to do it on all machines again! It is best to leave the routing to the router. Adding a route at the router means you only have to do it once.

Router A now has routes to 3 subnets; 2 are directly attached and the one we added above. We add another route for the final network, 192.168.2.x. We could add an entry telling Router A that the 192.168.2.x network can be accessed through Router B but because of the rule (Router A's default gateway) it also sends packets to Router B it would be meaningless. Instead, we'll add this new static route to go in the opposite direction for fallback like so:

Router adds mask 2 . data

Since this is a more specific match than routing ip will prioritize this first. When sending traffic to 192.168.2.x, it will always send it to Router D. If for any reason it fails, it will fall back to the rule and send packets to

Adding the two static routes above allows our router to "see" all 4 subnets. You will then configure the other 3 routers in the same way.

Internet IP router routing
Internet traffic routes in exactly the same way but on a much larger scale with thousands of networks and routers. EVERY time a router receives a new packet, it is evaluated against the routing table for a match. If it cannot find it, it forwards the packet to its own default port.

This process continues until a router finds a match. If the router finds two matches on the same network (for redundancy), the filter will always prioritize the entry with the lowest metric value first.

The main difference between IP routing on the Internet and routing on a private network is how the routing table is built. Private networks tend to use static routing while the Internet uses Dynamic Routing.

Dynamic router routing

Maintaining IP routing tables on small networks requires little administrative effort; once the network is established and the static routes have been added there is nothing else to do.

However, on large networks, the network topology is constantly changing; new subnets are added, faster routes are learned, subnets are joined or added to the subnet.

Updating routers to reflect this each time a change occurs can be a chore in itself. This is where dynamic routing comes in.

In static routing, administrators create routes themselves, but in dynamic routing routes are "learned" and automatically built by routers. Dynamic routing allows routers to "talk" to each other to find the location of other networks.

As the network topology changes, implement dynamic routes. As routers go down or faster routes become available dynamic routing also detects and reconfigures the IP routing table accordingly.

As you can imagine dynamic routing requires little to no management and is ideal for the Internet where new networks are added every day.

Dynamic routing is implemented using the IP routing protocol. Some of the more common types are RIP , OSPF and BGP

Application of Router Router

A home or small office DSL router showing a telephone socket (left, white) to connect to the internet using ADSL and an Ethernet jack (right, yellow) to connect to a computer and print at home.

A router can have interfaces for different types of physical layer connections, such as copper, fiber, or wireless transmission. It can also support different network layer transport standards.

Each network interface is used to allow data packets to be forwarded from one transmission system to another. Routers can also be used to connect two or more logical groups of computing devices called subnets, each with a different network prefix.

Routers can provide connectivity within businesses, between businesses and the Internet, or between networks of internet service providers (ISPs).

The largest routers (such as the Cisco CRS-1 or Juniper PTX) connect different ISPs or can be used in large enterprise networks.

Smaller routers typically provide connectivity for typical home and office networks.

All sizes of routers can be found inside businesses. The most powerful routers are often found in ISPs, learning and research facilities.

Large enterprises may also need more powerful routers to cope with the growing demand for intranet data traffic. A hierarchical internetworking model for connecting routers in large networks is commonly used

Network routers are rapidly transforming from a device dedicated to connecting disparate networks to an integrated services appliance capable of performing many functions beyond routing.

An increasing number of Cisco customers deploy integrated services routers – sophisticated network routers that provide voice, video, data and Internet access, wireless networking, and other applications.

Technological functional benefits of Cisco Router Integrated Services Routers
Growing companies, especially those opening new offices, can take advantage of Cisco's integrated network router solution that is secure, highly flexible, and built to compatible with future technologies.

One device, multiple functions: unify multiple services on a single device. Cisco ISR routers deliver a multitude of services including security, wireless, video, unified communications, WAN optimization, and customizable virtual services on a single device.

WAN Performance: Deliver next-generation WAN and network service requirements. Cisco Generation 2 Integrated Services Routers (ISR G2) have up to 350 Mbps WAN performance with services.

Video: Use the onboard digital signal processors (DSPs) of the Cisco ISR G2 platform to run enterprise-class video applications including video streaming, digital dashboards, video surveillance and TelePresence capability with T1/E1 links.

Service Virtualization: Support an on-demand service delivery model that uses the innovative Cisco Services Ready Engine (SRE) to deploy customizable services on demand.

Simplified management: Manage your network from a centralized location and simplify troubleshooting with the only universal Cisco IOS software on the Cisco ISR G2.

Network services are easily integrated or added to Cisco routers. Companies just need to install a sophisticated piece of equipment rather than buying separate products for each separate function.

Integrated services Cisco routers offer many advantages, from reduced investment and operational costs to increased productivity for companies of all sizes. A small company with two offices can benefit just like a company with hundreds of branch offices.


Post a Comment

Previous Post Next Post