Source routing is a method that can be used to specify the route that a packet should take through the network. In source routing the path through the network is set by the source or a device that tells the network source the desired path. It is assumed that the source of the packet knows about the layout of the network and can specify the best path for the packet. Usually network routing is used on the internet and most networks rather than source routing. With network routing the knowledge about the network layout is in the network routing devices. Source routing can produce some security problems which is discussed later.
When the packet with source routing specified is going through the network, the network device that makes routing decisions such as a router will look at the path specific information in the network packet to determine where to forward the packet. When source routing is not used, the packet contains only the destination address and the router will automatically determine the best place to forward the packet.
When network routing is used, as a packet travels through the network, each router will look at the destination IP address and determine the next hop to forward the packet to. The next hop is the next router or network switching location where a network routing decision will be made. When source routing is used, the sender of the data makes some or all of the routing decisions.
When the sender determines the exact network route the data packets must take, strict source routing is used. Strict source routing is rarely used. A common form of source routing is called loose source record route (LSRR). When using LSRR the sender will provide one or more hops that the packet must go through. It may specify one or more intermediate roouters that the data must go through.
Source routing can be used to do any of the following:
- Troubleshoot a network
- Map a network
- Increase network performance
- Hack a computer
Source routing can be used for hacking purposes by allowing an attacker to get data to a machine that would not normally be reachable. Some machines are on private internet addresses such as 192.168.1.1 and they are not normally accessable from the internet. If there is a machine on a private network that performs routing and traffic may be routed through it between two other networks, it may be possible for an attacker to specify their data to go through the machine on the private network. The attacker may also fool the machine on the private network into believing it is some other computer using IP spoofing. The best way to prevent this attack is to configure the router on the private network to ignore source routed packets.