Best route for overlapping routes

hi
it says in the ICND1 book of Wendell Odom page 483 that, "when a particular destination IP address matches more than one route in a router's routing table, the router uses the most specific route, in other words, the route with the longest prefix length." which means if an ip address 172.16.1.2 finds 2 routes, 1) 172.16.1.0/24 with hop count 2, and 2)172.16.0.0/22 with hop count 1, it will take the route with the 24 mask, so my question is 1st, what is the logic that it will use with the bigger prefix? and 2nd, why is it choosing the route with the longer prefix mask over the route with the less hop count??

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

solnsusie

MrRyte wrote: »

Remember the functions of a router? To a)determine paths to networks and then to b)forward packets to either a directly connected network or remote network by comparing the destination address of the packet to the routing table. The router will first assemble its table based on administrative distance. As for how to forward the packet, the router will scan through its entries and then select a route based on the following criteria:

1. Prefix Length
2. Administrative Distance (if there is more than one path to the destination network)

Let's look at this example: The router receives a packet destined for 192.168.32.1 and has these routes in its table (taken from this link Route Selection in Cisco Routers - Cisco Systems -
router# show ip route
D 192.168.32.0/26 [90/25789217] via 10.1.1.1
R 192.168.32.0/24 [120/4] via 10.1.1.2
O 192.168.32.0/19 [110/229840] via 10.1.1.3
Although the network address is the same for all three, the longer subnet mask will mean more matching bits for the destination network of the packet.

(Remember 1=MUST MATCH; 0=do not have to match)
192.168.32.0/26=11111111.11111111.11111111.11000000
192.168.32.0/24=11111111.11111111.11111111.00000000
192.168.32.0/19=11111111.11111111.11100000.00000000

The more matching 1's or N bits, the more preferred the route.

Now as for Administrative Distance-the lower the number; the more "trustworthy" the route. So if we have the same 192.168.32.0/26 route learned by OSPF, RIP, EIGRP, IGRP and other routing protocols then it will see which is the lowest AD and select that particular route.

So in summary; the router will choose the best route in this order:

1. Prefix Length
2. Administrative Distance
3. Default Route (if one is configured rather than just dropping the packet)

This is the way I understand it. If there's something incorrect please let me know since I'm not the best at explaining things....

thanks,
so far you had explained it the best, but one more question, why will it choose 1’st the prefix length and then the AD, why not 1’st the AD and then the mask?? let him first choose the way it will take and then see the address it will go on that way?

MrRyte

solnsusie wrote: »

you are 100% right, but what’s bothering me is,

1) when you have 2 routes to the same destination and both routes running only and only RIP, but one route has a bigger mask and more hops and the other route has a smaller mask and less hops, which route will be the winner? again both routes are RIP which usually chooses the metric count,

The router will NEVER have two routes with the same protocol to the same destination listed separately. It will do a route summerization/supernet and have THAT in the routing table.

solnsusie wrote: »

2) when you have 2 routes to the same destination and two AD's let’s say RIP, and EIGRP, the RIP has BIGGER mask MORE hops and is a HIGHER AD, and the second route is EIGRP SMALLER mask and LESS hops and LOWER AD, which route will be the winner?

The entry with the higher/longer matching subnet mask will be the path that the router will search for first.

solnsusie

MrRyte wrote: »

The router will NEVER have two routes with the same protocol to the same destination listed separately. It will do a route summerization/supernet and have THAT in the routing table.

please check out the second page, the example shows 5 routes all using RIP, and my original question was about point #2 on the second page, which is using RIP, bigger mask, more hops,
thanks

ICND1.pdf

MrRyte

solnsusie wrote: »

please check out the second page, the example shows 5 routes all using RIP, and my original question was about point #2 on the second page, which is using RIP, bigger mask, more hops,
thanks

Oops. Let me clarify-
The router will NEVER have two routes with the same exit interface, the same protocol and the same destination listed separately. It will do a route summerization/supernet and have THAT in the routing table.

Now as for the example shown;

Destination address 172.16.1.2 matches four of the routes (all except the host route for 172.16.1.1), but the route to 172.16.1.0/24 has the longest prefix.

It's not a match to that particular route because that route has a /32 mask meaning that it has only one host for that network.

CodeBlox

networker050184 wrote: »

Yes, you are wrong.

How is he wrong? EIGRP routes get put into the routing table over RIP unless you are redistributing. This isn't flame, I honestly want to know why a routing source with a lower AD wouldn't get added to the routing table.

networker050184

Because a longest match is looked at before the AD.

Forsaken_GA

I used this example the other day in the CCNP forum, but I guess I'll break it out again -

The bottom line is that he who has the most information wins (this goes for most things in life, not just routing).

Lets say I want to kill a certain individual in redmond, WA. What method I use is dependant on how good the information on my target's location is. If the only thing someone can tell me is that he's in the city (the least specific route), I blow the entire city off the face of the map. If someone can tell me what street he's on I blow up maybe a 4 block radius. If someone can tell me which window of which office building he's in (the most specific route), I grab my trusty 30.06 and do a modern interpretation of the kennedy assasination.

So before anything else is considered, the route with the best information to your destination is considered. Anything with a shorter prefix is thrown out. So yes, if I have an EIGRP /24 to my destination, but I have /25 RIP route to the same destination, the EIGRP route isn't considered. The RIP route wins.

Now, if I have two /25's to my destinations, one RIP, and one EIGRP, then the EIGRP route wins, because it has a lower AD (the longest prefix check results in a tie, so we move to the next criteria)

Now, if I have two EIGRP /25's to the same destination, well, they're both the same lengths, so that criteria check is a wash, they're both in the running. They're both EIGRP, so they have the same AD, so that criteria is a tie, and they're both still valid, so now I look at the metric of the route. If the first one has a better metric, then it wins and gets installed in the routing table (we're going to ignore things like variance and feasible successors and so on for the purposes of this discussion).

So yes, a RIP route can beat out all the good stuff EIGRP does. If you don't want that to happen, then you need to make sure RIP isn't advertising more specific routes.

The goal of the router is to deliver traffic with as much precision as possible, and it will use whatever tool can give it the best information to get there.

Forsaken_GA

CodeBlox wrote: »

How is he wrong? EIGRP routes get put into the routing table over RIP unless you are redistributing. This isn't flame, I honestly want to know why a routing source with a lower AD wouldn't get added to the routing table.

You're misunderstanding. If they're the same prefix length, the EIGRP route wins via AD.

But if they're of differing lengths, and the RIP route is more specific, theyll BOTH be put in the routing table, but the RIP route will be the preferred route for the prefix it carries because it's more specific.

Forsaken_GA

solnsusie wrote: »

thanks,
so far you had explained it the best, but one more question, why will it choose 1’st the prefix length and then the AD, why not 1’st the AD and then the mask?? let him first choose the way it will take and then see the address it will go on that way?

Because that's not the way it works. Again, the router wants as much precision as possible when it comes to delivering traffic.

Think about this logically - Let's say I have a router in atlanta with a link to seattle, and the routing protocol over that link is EIGRP.

Now let's say I have another router in Chicago. The Chicago router is linked to the Seattle router, and is running EIGRP over it. The Chicago and Atlanta routers are linked, but the routing protocol over them is RIP.

Now, the Atlanta router wants to talk to a network in Chicago. The Chicago router is advetising a summary route (let's say a /16) to seattle. Seattle will also advertise this router to Atlanta over their link.

Now let's say the Chicago router is advertising all the individual routes, say /24's, to Atlanta, over RIP.

If AD was the first thing looked at, then when Atlanta tries to talk to Chicago, it would see the route to Chicago via Seattle first, and use that. So the traffic would go from Atlanta, to Seattle, to Chicago. This is dumb, when we have a DIRECT LINK to Chicago. By looking at longest match first, we would see the routes to the /24's coming out of Chicago, and transit via them instead, thereby saving on transit time and cost (it's cheaper to transit via one circuit than via two)

solnsusie

Forsaken_GA wrote: »

Because that's not the way it works. Again, the router wants as much precision as possible when it comes to delivering traffic.

Think about this logically - Let's say I have a router in atlanta with a link to seattle, and the routing protocol over that link is EIGRP.

Now let's say I have another router in Chicago. The Chicago router is linked to the Seattle router, and is running EIGRP over it. The Chicago and Atlanta routers are linked, but the routing protocol over them is RIP.

Now, the Atlanta router wants to talk to a network in Chicago. The Chicago router is advetising a summary route (let's say a /16) to seattle. Seattle will also advertise this router to Atlanta over their link.

Now let's say the Chicago router is advertising all the individual routes, say /24's, to Atlanta, over RIP.

If AD was the first thing looked at, then when Atlanta tries to talk to Chicago, it would see the route to Chicago via Seattle first, and use that. So the traffic would go from Atlanta, to Seattle, to Chicago. This is dumb, when we have a DIRECT LINK to Chicago. By looking at longest match first, we would see the routes to the /24's coming out of Chicago, and transit via them instead, thereby saving on transit time and cost (it's cheaper to transit via one circuit than via two)

hi
thanks to your great post!!! where was you till now?? you solved all my questions,,, would you be here in the begining, it wouldnt be such a long thread!!!! job well done!!!
thanks a million

, i will keep you r name for later if any questions comes up, hope i will get any response, hope to take CCNA exam in a month from now,

okplaya

Forsaken_GA wrote: »

Lets say I want to kill a certain individual in redmond, WA.

This is plain awesome. I could watch your CBT any day with analogies to routing that start out this way.

Forsaken_GA

solnsusie wrote: »

hi
thanks to your great post!!! where was you till now?? you solved all my questions,,, would you be here in the begining, it wouldnt be such a long thread!!!! job well done!!!
thanks a million, i will keep you r name for later if any questions comes up, hope i will get any response, hope to take CCNA exam in a month from now,

No problem.

Now, if you're thinking carefully about my example, it also shows when longest match prefix routing can be a BAD thing.

So we got how Atlanta talks to Chicago, what happens when Chicago wants to respond? Let's assume Atlanta is advertising it's routes to both Seattle and Chicago.

So Seattle learns atlantas routes via EIGRP, and passes them on to Chicago via EIGRP, so now Chicago has Atlanta's routes via EIGRP. Atlanta will also send it's routes to Chicago, but via RIP. Since they're the same prefix, we go to the next step - AD. So Atlanta might be able to talk directly to Chicago, but because of the bad design in this network, Chicago would reply via Seattle, because the EIGRP routes for Atlanta via Seattle would take precedence over the RIP routes for Atlanta via Atlanta. We've now just created asymmetric routing in our network.

The proper way to fix this would be to remove the summary route from Chicago to Seattle, and flip the link between Chicago and Atlanta to EIGRP. This would remove prefix length and AD from the mix, and make route determination based solely on metric.

You could also 'fix' it by having Atlanta advertise a summary route instead of full routes towards Seattle. This would result in the same situation in reverse, and Atlanta and Chicago would effectively use Seattle as a backup link if the other went down. The problem then is that, unless you redistribute, if the link between Seattle and Atlanta went down, Seattle would have no way to talk to Atlanta, and if the link between Seattle and Chicago went down, Seattle would have no way to talk to Chicago.

The moral of the story is thus - when you involve multiple routing protocols, the complexity of your traffic management increases by an order of magnitude, so learn the rules in order to pass the exam, but keep it simple

Forsaken_GA

okplaya wrote: »

This is plain awesome. I could watch your CBT any day with analogies to routing that start out this way.

That's one of the methods I use to learn things. If I can analogize down to something else, and inject a little bit of humor in the process, it makes the concept more teachable (and in order to teach something, you have to learn it yourself, first!) I try not to go for boring analogies because no one will actually remember them.

In this case, deep down inside every linux nerd there's an urge to bomb the hell out of redmond, so it fit