Source routing
Source routing is a technique in computer networks where the sender of a data packet partially or completely specifies the route the packet takes through the network to its destination, contrasting with traditional hop-by-hop routing where each intermediate device independently determines the next hop.[1] In the Internet Protocol (IP), source routing is implemented as an optional field in the IP header, allowing the originating host to list intermediate IP addresses that the packet must traverse.[1] This feature was defined in the original IP specification and supports two variants: loose source routing, where intermediate gateways may use any path to reach the next specified address, and strict source routing, where the packet must be forwarded directly to the next address without deviation.[1] The route data is encoded in the options field, with a pointer indicating the current position in the route list, and gateways update the destination address and record their own address as the packet progresses.[1] Similar source routing in IPv6 using the Type 0 Routing Header has been deprecated due to security concerns.[2] Historically, source routing played a key role in environments like Token Ring networks through source-route bridging (SRB), where the source station embeds a Route Information Field (RIF) in the frame header to define the path across multiple rings and bridges, supporting up to seven bridge hops for efficient frame forwarding at the MAC layer.[3] In modern networking, source routing has evolved into paradigms like Segment Routing (SR), which leverages the source routing concept to steer packets via an ordered list of segments—such as IP addresses, node identifiers, or MPLS labels—encoded in packet headers for scalable traffic engineering in software-defined networks (SDNs) and data centers. SR enables flexible path control without per-flow state in the network, supporting applications like fast reroute and service function chaining.[4] Additionally, protocols like Dynamic Source Routing (DSR) adapt source routing for mobile ad hoc networks by dynamically discovering and caching routes in packet headers.[5] Despite its advantages in path control and diagnostics, source routing's use in core IP networks has diminished due to security risks, such as the potential to bypass controls and enable denial-of-service attacks.[6]Fundamentals
Definition and Principles
Source routing is a routing technique in computer networking in which the source node determines and specifies the complete or partial path that packets must follow to reach the destination, embedding this route information directly into the packet headers. This approach enables the source to exert control over the packet's trajectory through the network, differing from conventional destination-based routing where intermediate routers independently compute the next hop using their local routing tables and destination addresses.[7][8] The core principles of source routing revolve around the encoding and processing of route data within packets. Route information is typically represented as a sequence of intermediate node identifiers or next-hop addresses stored in dedicated header fields, allowing for variable-length lists to accommodate different path complexities. Upon receipt, routers parse this embedded route and forward the packet to the specified next node without relying on their own routing computations or tables, ensuring the packet adheres strictly to the predefined path unless otherwise configured. This mechanism reduces decision-making overhead at intermediate nodes but places the burden of path selection on the source.[7][9] Key components of source routing include route computation at the source, header storage mechanisms, and provisions for error handling. The source node computes the route using its knowledge of the network topology, often applying algorithms such as shortest-path methods to optimize for metrics like latency or bandwidth. These routes are then inserted into header fields designed for route data, which can expand or contract as the packet progresses. If an intermediate node in the route is unreachable or the route data becomes invalid (e.g., pointer exceeds the list length), the packet is typically discarded, and an error notification, such as an Internet Control Message Protocol (ICMP) message, is returned to the source to inform it of the failure.[8][9][7] To illustrate, consider a basic network topology with source node S connected to intermediate nodes A, B, and C, ultimately reaching destination D, where alternative paths exist (e.g., S directly to C). In source routing, S embeds the explicit path S → A → B → C → D in the packet header; each router (A, B, C) then forwards solely based on this list, bypassing local decisions. By comparison, in hop-by-hop routing, S addresses the packet only to D, and A might forward to B (or C) based on its routing table entry for D, potentially selecting a different path. This example highlights how source routing enforces a predetermined trajectory for reliability or policy enforcement.[7]Strict vs. Loose Source Routing
Source routing operates in two primary modes: strict and loose, each providing different levels of control over packet paths in a network. Strict source routing requires the source to specify the complete sequence of intermediate nodes that a packet must traverse exactly as listed, with no deviations permitted; each forwarding device must send the packet directly to the very next specified hop via a directly connected network, ensuring precise path adherence.[1] This mode is particularly suited to environments where the network topology is fully known and controlled, such as local area networks, allowing for deterministic routing without reliance on intermediate routing tables.[1] In contrast, loose source routing enables the source to designate only key waypoints or intermediate nodes that the packet must visit, while permitting forwarding devices to select any valid route between these points, including multiple hops if necessary.[1] This flexibility accommodates intermediate routing decisions based on local conditions, making it more adaptable to dynamic or partially unknown topologies. As seen in protocols like IPv4, loose source routing allows packets to reach specified nodes without mandating the exact path segments in between.[1] The key differences between strict and loose source routing lie in their path enforcement, processing requirements, and resilience to network changes, as summarized below:| Aspect | Strict Source Routing | Loose Source Routing |
|---|---|---|
| Path Specification | Complete, exact sequence of all hops provided by source; no intermediate choices allowed. | Partial list of waypoints; routes between waypoints determined by intermediate nodes. |
| Header Encoding | Route data as a full ordered list of IP addresses, with a pointer indicating current position; type 137 in IPv4 options. | Similar encoding with ordered list and pointer, but subsets (waypoints) used; type 131 in IPv4 options. |
| Error Conditions | Packet discarded if next hop is not directly adjacent to current node, leading to failure on topology changes. | Packet can be rerouted via alternative paths to reach next waypoint, increasing delivery success. |
| Computational Overhead | Lower processing at intermediates (simple next-hop forwarding), but source must compute and embed full path, limiting scalability for long routes. | Higher potential overhead due to routing computations between waypoints, but easier for sources to specify partial paths in large networks. |
Historical Development
Origins in Early Networks
The concept of source routing originated in the late 1960s and 1970s amid foundational research on packet-switched networks, where explicit path specification was proposed to handle dynamic topologies and mitigate issues like frequent link failures. These early ideas drew inspiration from circuit-switched telephony systems, which established dedicated end-to-end paths for reliable communication, adapting similar principles of sender-controlled routing to the more flexible but unpredictable environment of datagram networks.[10] Carl Sunshine's 1977 paper provided a seminal theoretical foundation, describing source routing as a technique where the packet source specifies the full route to minimize intermediate gateway computations and support efficient traversal in multi-network environments.[11] These efforts highlighted source routing's potential for sender autonomy in early distributed systems.Evolution and Standardization
Source routing was formally incorporated into the Internet Protocol as an optional feature in IPv4 through RFC 791, published in 1981 by the Internet Engineering Task Force (IETF), allowing senders to specify explicit paths via strict or loose options in the IP header.[1] This standardization aimed to support flexible routing in early internetworks while maintaining compatibility with hop-by-hop forwarding. In IPv6, introduced in RFC 2460 in 1998, source routing was enabled through the Type 0 Routing Header, which permitted intermediate nodes to be listed for packet traversal.[12] However, vulnerabilities emerged, leading to its deprecation in RFC 5095 in 2007, primarily due to the potential for traffic amplification attacks that could loop packets between routers and overwhelm networks in denial-of-service scenarios.[13] During the 1990s, as internet growth strained traditional models, source routing influenced hybrid approaches in Asynchronous Transfer Mode (ATM) networks, where connection-oriented virtual circuits integrated with IP routing to balance explicit path control and scalability in broadband environments.[14] Similarly, Multiprotocol Label Switching (MPLS), standardized in the late 1990s via RFC 3031, introduced label stacking as a partial analog to source routing, enabling explicit path engineering through stacked labels that guide packets along predefined segments without full header options. These evolutions addressed limitations in pure source routing by combining it with label-based forwarding for better performance in large-scale, multi-service networks. Following security-driven deprecations, loose source routing in IPv4 was disabled by default in many commercial routers after 2000 to mitigate risks like unauthorized path manipulation, reflecting broader industry shifts toward secure, default-deny configurations. In modern contexts, source routing has seen revival through Software-Defined Networking (SDN), particularly with OpenFlow's introduction in 2008, which enables centralized controllers to install source-routed flows for dynamic path selection and traffic engineering.[15] This approach leverages programmable switches to implement explicit routing without per-packet overhead, enhancing control in data centers and wide-area networks. Recent IETF efforts in the 2020s, including Segment Routing over IPv6 (SRv6) standardized in RFC 8754 (2020), explore secure source routing adaptations for 5G and emerging 6G architectures, with deployments in 5G networks as of 2025 focusing on encrypted path segments and policy-based steering to support network slicing while addressing amplification and hijacking threats.[16] In specialized domains, the European Cooperation for Space Standardization (ECSS) formalized SpaceWire in 2003 under ECSS-E-50-12A, incorporating source routing principles for deterministic, high-reliability data links in aerospace systems.[17]Implementations in Protocols
Internet Protocol
In the Internet Protocol version 4 (IPv4), source routing is implemented through optional fields in the IP header, specifically the Loose Source and Record Route (LSRR) option with code 131 and the Strict Source and Record Route (SSRR) option with code 137. These options allow the source host to specify a sequence of IP addresses that the packet must traverse, with LSRR permitting intermediate routers not listed in the route and SSRR requiring the packet to follow the exact path without deviations.[18] The format of these options includes an 8-bit code, an 8-bit length field indicating the total option size in octets, an 8-bit pointer specifying the offset to the next address to process (starting at 4), followed by variable-length route data consisting of 32-bit IPv4 addresses.[18] As the packet travels, each router inserts its own IPv4 address into the record route portion at the current pointer position before forwarding, enabling the sender to reconstruct the actual path taken upon receipt.[18] For IPv6, the original source routing mechanism used a Type 0 Routing Header as an extension header, identified by a Next Header value of 43 and Routing Type 0, which carried an ordered list of up to 127 IPv6 addresses forming an address vector.[19] This header's structure comprised an 8-bit Next Header field, an 8-bit Header Extension Length (in 8-octet units minus 1), the 8-bit Routing Type (0), an 8-bit Segments Left field indicating remaining addresses to visit, a 32-bit Reserved field, and the address vector of 128-bit IPv6 addresses.[19] During processing, an intermediate router decrements the Segments Left field; if it reaches zero, the router treats the packet as destined for itself, otherwise, it copies the next address from the vector into the packet's IPv6 Destination Address field, increments the implicit pointer, and forwards accordingly.[19] However, the Type 0 Routing Header was deprecated in 2007 due to vulnerabilities enabling denial-of-service attacks through traffic amplification, such as packet loops between routers.[2] Modern IPv6 source routing has been replaced by Segment Routing over IPv6 (SRv6), defined in RFC 8754, which introduces a new Type 4 Routing Header (Segment Routing Header, SRH) for programmable paths using segment identifiers encoded as IPv6 addresses.[16] The SRH structure includes fields for Segments Left, Last Entry (indicating the final segment index), Flags, a Tag, and an optional metadata area, followed by a list of segment IPv6 addresses, allowing fine-grained path control while addressing prior security issues.[20] In operational environments, IPv4 routers process source-routed packets by examining the options field; if the pointer exceeds the route length, the packet is forwarded normally using destination-based routing, but otherwise, the next hop is set to the specified address.[18] For IPv6, similar logic applies to the Routing Header, with the current destination updated from the segments list until Segments Left is zero.[19] Configuration to enable processing of source-routed packets, which is disabled by default for security, can be done in Linux via sysctl settings such asnet.ipv4.conf.all.accept_source_route = 1 for IPv4 interfaces.[21]
Source routing in both IPv4 and IPv6 is deprecated for production networks primarily due to security risks, including potential for reconnaissance of network topology and exploitation in amplification attacks, with RFC 1812 explicitly recommending that IPv4 routers not forward source-routed packets unless from trusted sources.[22] Its use is now limited to laboratory, testing, or diagnostic environments where controlled path tracing is needed.[6]