At first, a routing table might seem intimidating, but it is critically important to understand how to read this table so that you can accurately predict how a router will forward traffic.
Reading this table and determining which path a router will take to a given destination is a huge portion of the Cisco Certified Network Associate (CCNA) exam, and for good reason!
Above you will see the EVE-NG topology that we will be referencing. We will be seeing the network through the perspective of R1.
1.0 Interpreting the Components of a Routing Table>Routing protocol codes are there to indicate how the route was learned. It tells us through what means the route made it’s way onto our routing table. Luckily there is a very handy list of codes and what they mean at the top of the routing table! You will not have this list on the exam.
Each code directly corresponds with the route that is on the same line.
Let’s go over some of the most common routing protocol codes:
Code | Title | Meaning |
---|---|---|
L | Local | Route to an IP address that exists locally on this device. Usually a /32 |
C | Connected | Route to a network that this device is directly connected to with one of it’s interfaces |
S | Static | Route that was manually, explicitly configured by a network admin |
O | OSPF | Route learned dynamically via the Open Shortest Path First (OSPF) routing protocol |
D | EIGRP | Route learned dynamically via the Enhanced Interior Gateway Routing Protocol (EIGRP) |
B | BGP | Route learned dynamically via the Border Gateway Protocol (BGP) |
This is is the portion of routing table entry that tells you for which network this route pertains to. This is what gets compared to each packets layer 3 header, specifically the “Destination IP” portion.
1.3 Next Hop>The next hop, along with the destination network, are arguably the two most important pieces of information you can pull from this table. This is the portion of the entry that indicates what the router will do next with packet whose destination IP address matches the route.
This portion of the entry may contain:
What does your router do when it learns about the exact same subnet via multiple different sources? It can only pick one! Administrative Distance (AD) is a value that Cisco assigned to various sources of routing information to act as a tie-breaker in this common situation.
The lower the Administrative Distance, the better
Here are the most common AD’s that you need to know
Protocol | AD |
---|---|
Connected | 0 |
Static | 1 |
BGP | 20 |
EIGRP | 90 |
OSPF | 110 |
Remember, the routing table only shows the best routes to any given destination
If you’re router learns about 192.168.0.0 /24 from three different sources:
Only the Static route will show on the table, because that source has the lowest, or best AD.
Once again, AD is used to determine which route source takes priority, as the routing table will only show the best path to any destination.
Alright, so if AD is used when we learn about a subnet via different routing sources, what about when we receive multiple routes to the same subnet via the same routing protocol? That is where Metric comes into play.
Metric is a number used internally by each routing protocol to determine the most optimal route
With dynamic routing protocols, you will often be advertised multiple paths to the same destination. Here’s an example of when that would happen
In this situation, the router looks at the metric to determine which route gets installed onto the routing table. Remember, the routing table only shows the best routes.
Remember, lowest metric wins
So, in the example above, R1 would choose R2 as it’s next hop to the 2.2.2.2/32 network, simply because that path has a lower metric value.
1.6 Gateway Of Last Resort>The “Gateway of last resort”, also known as the “default route”, is the place your router will send packets for which it has no other route. The gateway of last resort is a static route that can be configured manually or via DHCP.
You’ll notice it’s destination network, 0.0.0.0/0 , matches ALL networks
Your PC has a default route, it’s “Default Gateway”. Your home router has a default route to the ISP.
It’s basically: “If you don’t know where to send this, you can send it here as a last ditch effort of delivery”
You might be wondering:
“If that route points everything to a certain address, doesn’t that make all the other routes useless?”
Short Answer: No, it doesn’t, but that question perfectly transitions us to the next topic.
2.0 How Forwarding Decisions Are Made>Alright, so now we know how to read the various letters and numbers on the routing table, but how does the router read it?
How does the router choose which route to use?
Lets talk about the various rules and tie-breakers that the router uses to pick its next hop!
2.1 Longest Match>The first thing considered by the router, is how specific the route is. The more specific, the better. This is why having a default route doesn’t take over your whole routing table. Every route is more specific than 0.0.0.0/0, so therefor it only is used when no other route to the destination is present
Here’s an example.
Destination IP: 192.168.1.130 |
---|
0.0.0.0 /0 |
192.168.1.0 /24 |
192.168.1.130 /32 |
192.168.1.128 /25 |
192.168.0.0 /16 |
The destination of 192.168.1.130 matches ALL of these routing table entries. The router has to choose one
The router will always prioritize the most specific match that it has.
Only when a router has two matching entries of the same size/subnet mask does it move onto the next tie-breaker
2.2 Administrative Distance>When two routing table entries of the same specificity exist, the router will choose the path sourced from the protocol with the lowest AD.
Destination IP: 192.168.1.130 |
---|
192.168.1.128 /25 - [90] |
192.168.1.128 /25 - [110] |
192.168.1.128 /25 - [1] |
192.168.1.128 /25 - [20] |
All of these networks have the same specificity, /25, so now the router looks at Admin Distance (AD). We can see that the lowest AD on this table is 1, so that is the path the router will choose.
Click here to review the admin distance table.
2.3 Routing Protocol Metric>Finally, if a router has multiple routes of the same specificity AND the same AD, it uses metric to determine the next hop.
If two routes have the same AD, it can be assumed they are coming from the same routing protocol. Therefor, your router leaves it up to that protocol to present it with the lowest metric route to that destination.
Each protocol has its own way of calculating metric. Some protocols use interface bandwidth, some use hop count, some use a large combination of attributes, but at the end of the day, all of that calculating is to determine which path is the best.
This all happens before the route is installed onto the routing table, but it does happen, and it’s something you need to be very aware about.
click here to review the metric section from earlier in the post.
Practice Questions>Looking at a routing table and determining the next hop is a huge part of the CCNA exam. Take a look at some of these questions below to see if you truly grasp the topics yet.
Re-read any section you don’t fully understand, or feel free to leave a comment at the bottom of the post.
Question 1>Next hop for: 192.168.24.31 ? |
---|
Looking at this table, the IP in question, 192.168.24.31 does not match any statements other than the default route located at the top.
Question 2>Next hop for: 10.1.1.1 ? |
---|
Remember, the most specific route always takes precedence. We have on this table an exact match for this address. This route was learned via OSPF on interface Gig0/3, and has been active in the table for 4 hours, 31 minutes, 12 seconds
Question 3>Outgoing interface for destination: 10.1.1.2 ? |
---|
This is an example of whats known as a recursive route lookup, meaning that the first entry the packet matched did not have an outgoing interface, requiring the router to lookup the next hop IP in the table as well.
Our destination IP, 10.1.1.2, matches the static route entry for network 10.1.1.0 /30, which has a next hop of 192.168.12.2 with no outgoing interface. The router then looks up 192.168.12.2 to see that it is a directly connected network, and it can reach it via GigEth0/2
Conclusion>Hopefully this has answered some questions you’ve had about reading Cisco routing tables and predicting routing decisions. Here is a quick recap
Feel free to leave a comment if you have any questions.
Thanks for reading!