A Router is a network device that operates primarily at Layer 3 (Network Layer) of the OSI model. The primary function of a router is to connect multiple different logical networks and forward IP packets between those networks based on the destination IP address.
In practice, routers typically serve as:
- Default Gateway for end devices
- Device connecting LAN to WAN/Internet
- Device controlling and segregating traffic between networks
1. Primary Role of Router
a) Connecting Different Networks
Layer 2 Switch only forwards frames within the same network/VLAN, while router enables devices on different networks to communicate with each other.
Example:
- PC1:
192.168.1.10/24 - PC2:
192.168.2.10/24
These two devices belong to different networks, so a router is needed to route the traffic.
Sơ đồ: Router kết nối hai subnet
b) Acting as Default Gateway
Hosts do not know the complete network topology. When a host wants to send data to a different subnet, it sends the packet to the default gateway — typically the router interface.
Example: PC:
| |
Router interface:
| |
The router will continue processing and forward the packet to the destination network.
2. Router Operating Mechanism
a) Path Determination
Routers use Routing Tables to find the optimal route to the destination network. The routing table can be built using:
- Connected Routes
- Static Routes
- Dynamic Routing Protocols (OSPF, EIGRP, RIP, BGP)
Routers select the best route based on:
- Longest Prefix Match
- Administrative Distance
- Metric (Cost, Bandwidth, Delay, Hop Count)
Note: CCNA particularly emphasizes this section in the IP Connectivity domain.
b) Packet Forwarding
When a router receives a frame:
- Verify Layer 2 FCS
- Strip Layer 2 header/trailer
- Check destination IP address
- Consult Routing Table
- Determine Exit Interface / Next-hop
- Encapsulate with new Layer 2 header
- Forward packet
Critical Point: Router does not forward the original Layer 2 frame. It removes the old frame and creates a new one suitable for the next environment (e.g., Ethernet → Serial → Ethernet). The Layer 2 header changes on each hop, but the Layer 3 (IP) header remains unchanged.
Simulation: Router chuyển tiếp packet giữa hai subnet
3. Router Divides Broadcast Domain
Routers by default do not forward broadcast packets. Each router interface creates a separate Broadcast Domain, and typically also a separate IP network.
Example:
G0/0→192.168.1.0/24G0/1→192.168.2.0/24
Two broadcast domains are completely separate. This is a major difference between Layer 2 Switch and Router.
Sơ đồ: Router phân tách broadcast domain
4. Router and Collision Domain
A router interface also creates a separate Collision Domain. However, Collisions are nearly obsolete due to switched Ethernet/full-duplex. Broadcast domain is the primary focus in CCNA.
5. Advanced Functions of Router
Beyond basic routing functionality, modern routers integrate many important advanced features.
a) NAT (Network Address Translation)
Allows multiple private devices to share one or fewer public addresses.
Example: 192.168.1.x → 203.x.x.x
b) ACL (Access Control List)
Router can filter traffic based on Source IP, Destination IP, Protocol, Port. Example: Deny TCP port 23 (Telnet), Permit HTTPS.
c) Inter-VLAN Routing
Router can enable communication between VLANs through:
- Router-on-a-stick (Subinterfaces)
- 802.1Q trunk Example: VLAN 10 ↔ VLAN 20.
d) WAN Connectivity
Router typically connects:
- LAN ↔ ISP
- Branch ↔ HQ
- Site ↔ Site VPN
Advanced Features Summary Table (According to CCNA 200-301 v1.1 Standard)
Below is a comprehensive table of advanced features commonly configured on Routers, corresponding to the domains in the CCNA exam:
| Advanced Feature | CCNA Domain | Purpose and Primary Application |
|---|---|---|
| NAT | 4.0 IP Services | Convert Private IP to Public IP, enabling internal devices to access the Internet and saving IPv4 address space. |
| DHCP & DNS | 4.0 IP Services | Automatically assign IP configuration (DHCP) and resolve domain names (DNS) for clients in the network. |
| NTP | 4.0 IP Services | Synchronize accurate time across network devices, critical for log analysis and authentication. |
| ACL | 5.0 Security Fundamentals | Filter data flow (Packet filtering) based on Source/Destination IP and Port to control access and enhance security. |
| VPN (IPsec) | 5.0 Security Fundamentals | Establish encrypted tunnel connections (Site-to-Site or Remote Access) for secure communication over WAN/Internet. |
6. Common CCNA Exam Concepts
- Router operates based on logical address: Router forwards packets using IP address, not MAC address. MAC is only used locally within each Layer 2 segment.
- Router has multiple interfaces: Each interface belongs to a different subnet, has its own IP, and serves as a separate gateway.
- Routers build the Internet: The Internet is essentially a vast network of countless routers exchanging routes using BGP, OSPF, IS-IS, and Static routing.
Practical Real-World Perspective (Very Important)
Many CCNA materials make routers look “classical.” But modern routers are actually multi-purpose devices:
- Lightweight Firewall
- VPN concentrator
- QoS engine
- NAT device
- WAN edge device
- Policy controller
A Cisco ISR (Integrated Services Router) can handle routing, firewall, IPSec VPN, DHCP, QoS, NAT, voice, and SD-WAN in a single device. The line between router/firewall/L3 switch is becoming blurred.
Ultra-Quick Summary for Review
Router:
- Operates at Layer 3
- Connects different networks
- Forwards packets based on IP
- Uses routing table
- Blocks broadcast by default
- Acts as default gateway
- Supports NAT, ACL, VPN, inter-VLAN routing
Simulation: Cisco IOS CLI cơ bản trên Router R1