Networking: Routers

This article covers the basics behind networking routers and why we need them. It's intended for people looking for basic background information to become familiar with the concepts of networking technology.

Need For Routers

Routers are vital part of the Internet infrastructure. When communicating over the Internet, every computer must have a unique address so the Internet knows where to send information. It’s the same concept as every house or building having a mailing address. For the Internet, this address is called the Internet Protocol Address (commonly referred to as the “IP Address”). Unlike mailing addresses, the IP Address is a 4-byte number only. A 4-byte number restricts the total number of possible addresses to about 4.29 billion. This effectively means that at some point no more addresses will be available. It’s no different than saying that all mailing addresses have to be a 2-digit number only. The mailing system would run out after 100 addresses (00-99) have been assigned to buildings.

This address limitation was known since infancy of the internet and is one of the reasons we have routers today. Routers help by making a number of computers in an office or home look like one computer to the rest of the world. By doing this, the capacity of the internet went from 4.29 billion individual computers to 4.29 billion individual networks of computers. The internet infrastructure is also set up so routers can sit behind routers, effectively expanding the internet capacity further.

To add in some terminology used in the router world, there are names for the connections to the internal network and the outside world. The internal network is the LAN (Local Area Network), and the outside world is the WAN (World Access Network). The router effectively has two IP addresses for itself, one the WAN side sees and one the LAN side sees. The WAN is provided by the ISP (Internet Service Provider), the folks that provide Cable, DSL, or T1 lines to a facility. The LAN is provided by the network administrator of the facility. The address given to the LAN side of the router is known as the Gateway: all requests to the outside world must go through the router’s LAN address (Gateway to the World).

Sending & Receiving Data

When a computer on the LAN network wants to get information from the Internet (such as a webpage), it sends its request to the Gateway address. Inside this request is the IP address of the computer on the outside world with the requested information as well as its own address so the computer on the other end knows where to return the information. When a router receives information from a computer on its LAN network, it records the source of the request and the destination computer's address in a table. It then replaces the source address with its WAN address and sends it off. To the outside world, it looks like the router is requesting the information. Once the information is returned to the router, it uses its table to determine who requested the information and passes the information back to the original computer. The process of routers exchanging IP addresses is known as Network Address Translation (NAT).

Routers also provide a mechanism for allowing requests from the outside to be sent to an internal network. Since computers on the outside of the router (WAN) do not necessarily know the address on the inside (LAN), requests are actually sent to the router. Network administrators configure the router with a set of mapping instructions known as port forwarding. Typically when someone from the outside wants information, it is something like a webpage. Port forwarding allows the network administrator to set up a NAT that specifies "I want all webpage requests that come in on the WAN to go to this computer on the LAN."

Firewalls

With a mechanism in place to allow one computer to request information from another computer through the Internet, a need arises to restrict access. The technology for restricting access is known as firewalls, which reside on both computers and routers. On the router, a firewall is nothing more than a set of rules that determine whether an IP request is allowed to pass through. This includes a request going from the LAN to the WAN and from the WAN to the LAN. In the router world, these rules are known as “policies.” By default, most routers out of the box typically allow all LAN to WAN requests and restrict all WAN to LAN requests. This allows any computer on the LAN to immediately use the internet, but keeps anyone from the outside from getting in. A network administrator can adjust the policies on the router to match the requirements of the network.