Chapter 16. Configuring IPv4 Addresses and Static Routes

This chapter covers the following exam topics:

1.0 Network Fundamentals

1.6 Configure and verify IPv4 addressing and subnetting

3.0 IP Connectivity

3.1 Interpret the components of routing table

3.1.a Routing protocol code

3.1.b Prefix

3.1.c Network mask

3.1.d Next hop

3.1.e Administrative distance

3.1.f Metric

3.1.g Gateway of last resort

3.2 Determine how a router makes a forwarding decision by default

3.2.a Longest match

3.2.b Administrative distance

3.3 Configure and verify IPv4 and IPv6 static routing

3.3.a Default route

3.3.b Network route

3.3.c Host route

3.3.d Floating static

Routers route IPv4 packets. That simple statement actually carries a lot of hidden meaning. For routers to route packets, routers follow a routing process. That routing process relies on information called IP routes. Each IP route lists a destination—an IP network, IP subnet, or some other group of IP addresses. Each route also lists instructions that tell the router where to forward packets sent to addresses in that IP network or subnet. For routers to do a good job of routing packets, routers need to have a detailed, accurate list of IP routes.

Routers use three methods to add IPv4 routes to their IPv4 routing tables. Routers first learn connected routes, which are routes for subnets attached to a router interface. Routers can also use static routes, which are routes created through a configuration command (ip route) that tells the router what route to put in the IPv4 routing table. And routers can use a routing protocol, in which routers tell each other about all their known routes, so that all routers can learn and build routes to all networks and subnets.

This chapter examines IP routing in depth with the most straightforward routes that can be added to a router’s routing table. The router starts with a detailed look at the IP packet routing (forwarding process)—a process that relies on each router having useful IP routes in their routing tables. The second section then examines connected routes, which are routes to subnets that exist on the interfaces connected to the local router. The third section then examines static routes, which are routes the network engineer configures directly. The chapter ends with a section that looks more specifically at the IP routing process in a router, how it matches packets to the routing table, and how to interpret all the details in the output of the show ip route command.

“Do I Know This Already?” Quiz

Take the quiz (either here or use the PTP software) if you want to use the score to help you decide how much time to spend on this chapter. The letter answers are listed at the bottom of the page following the quiz. Appendix C, found both at the end of the book as well as on the companion website, includes both the answers and explanations. You can also find both answers and explanations in the PTP testing software.

Table 16-1 “Do I Know This Already?” Foundation Topics Section-to-Question Mapping

Foundation Topics Section


IP Routing


Configuring Connected Routes


Configuring Static Routes


IP Forwarding with the Longest Prefix Match


1. Router R1 lists a route in its routing table. Which of the following answers list a fact from a route that the router uses when matching the packet’s destination address? (Choose two answers.)

a. Mask

b. Next-hop router

c. Subnet ID

d. Outgoing interface

2. After configuring a working router interface with IP address/mask, which of the following routes would you expect to see in the output of the show ip route command? (Choose two answers.)

a. A connected route for subnet

b. A connected route for subnet

c. A local route for host

d. A local route for host

e. A local route for host

3. An engineer configures a static IPv4 route on Router R1. Which of the following pieces of information should not be listed as a parameter in the configuration command that creates this static IPv4 route?

a. The destination subnet’s subnet ID

b. The next-hop router’s IP address

c. The next-hop router’s neighboring interface

d. The subnet mask

4. Which of the following commands correctly configures a static route?

a. ip route

b. ip route serial 0

c. ip route /24

d. ip route /24 serial 0

5. A network engineer configures the ip route s0/0/0 command on a router and then issues a show ip route command from enable mode. No routes for subnet appear in the output. Which of the following could be true?

a. The ip route command has incorrect syntax and was rejected in config mode.

b. Interface s0/0/0 is down.

c. The router has no up/up interfaces in Class A network

d. The ip route command is missing a next-hop router IP address.

6. A router lists the following partial output from the show ip route command. Out which interface will the router route packets destined to IP address is variably subnetted, 8 subnets, 5 masks
O [110/50] via, 00:00:04, GigabitEthernet0/0/0
O [110/100] via, 00:00:09, GigabitEthernet0/1/0
O [110/65] via, 00:00:04, GigabitEthernet0/2/0
O [110/65] via, 00:00:09, GigabitEthernet0/3/0
O [110/129] via, 00:00:09, GigabitEthernet0/0/0

a. G0/0/0

b. G0/1/0

c. G0/2/0

d. G0/3/0

Answers to the “Do I Know This Already?” quiz:

1 A, C

2 A, D

3 C

4 A

5 B

6 D

Foundation Topics

IP Routing

IP routing—the process of forwarding IP packets—delivers packets across entire TCP/IP networks, from the device that originally builds the IP packet to the device that is supposed to receive the packet. In other words, IP routing delivers IP packets from the sending host to the destination host.

The complete end-to-end routing process relies on network layer logic on hosts and on routers. The sending host uses Layer 3 concepts to create an IP packet, forwarding the IP packet to the host’s default gateway (default router). The process requires Layer 3 logic on the routers as well, by which the routers compare the destination address in the packet to their routing tables, to decide where to forward the IP packet next.

The routing process also relies on data-link and physical details at each link. IP routing relies on serial WAN links, Ethernet WAN links, Ethernet LANs, wireless LANs, and many other networks that implement data-link and physical layer standards. These lower-layer devices and protocols move the IP packets around the TCP/IP network by encapsulating and transmitting the packets inside data-link layer frames.

The previous two paragraphs summarize the key concepts about IP routing as introduced back in Chapter 3, “Fundamentals of WANs and IP Routing.” Next, this section reviews IP routing, while taking the discussion another step or two deeper, taking advantage of the additional depth of knowledge discussed in all the earlier chapters in this book.

IPv4 Routing Process Reference

Because you already saw the basics back in Chapter 3, this section collects the routing process into steps for reference. The steps use many specific Ethernet LAN terms discussed in Parts II and III of this book and some IP addressing terms discussed in Part IV. The upcoming descriptions and example then discuss these summaries of routing logic to make sure that each step is clear.

The routing process starts with the host that creates the IP packet. First, the host asks the question: Is the destination IP address of this new packet in my local subnet? The host uses its own IP address/mask to determine the range of addresses in the local subnet. Based on its own opinion of the range of addresses in the local subnet, a LAN-based host acts as follows:

Key Topic.

Step 1. If the destination is local, send directly:

A. Find the destination host’s MAC address. Use the already-known Address Resolution Protocol (ARP) table entry, or use ARP messages to learn the information.

B. Encapsulate the IP packet in a data-link frame, with the destination data-link address of the destination host.

Step 2. If the destination is not local, send to the default gateway:

A. Find the default gateway’s MAC address. Use the already-known Address Resolution Protocol (ARP) table entry, or use ARP messages to learn the information.

B. Encapsulate the IP packet in a data-link frame, with the destination data-link address of the default gateway.

Figure 16-1 summarizes these same concepts. In the figure, host A sends a local packet directly to host D. However, for packets to host B, on the other side of a router and therefore in a different subnet, host A sends the packet to its default router (R1). (As a reminder, the terms default gateway and default router are synonyms.)

A network topology depicts a switch SW1 in the center that is connected to router R1 and host D on the right. SW1 has a connection to host A on the left. Host A forwards the local packets to host D through SW1. The router R1 responds to the remote packets from host A. The rest of the IPV4 cloud network is indicated beside the server.

Figure 16-1 Host Routing Logic Summary

Routers have a little more routing work to do as compared with hosts. While the host logic began with an IP packet sitting in memory, a router has some work to do before getting to that point. With the following five-step summary of a router’s routing logic, the router takes the first two steps just to receive the frame and extract the IP packet, before thinking about the packet’s destination address at Step 3. The steps are as follows:

Key Topic.
  1. For each received data-link frame, choose whether or not to process the frame. Process it if

    1. The frame has no errors (per the data-link trailer Frame Check Sequence [FCS] field).

    2. The frame’s destination data-link address is the router’s address (or an appropriate multicast or broadcast address).

  2. If choosing to process the frame at Step 1, de-encapsulate the packet from inside the data-link frame.

  3. Make a routing decision. To do so, compare the packet’s destination IP address to the routing table and find the route that matches the destination address. This route identifies the outgoing interface of the router and possibly the next-hop router.

  4. Encapsulate the packet into a data-link frame appropriate for the outgoing interface. When forwarding out LAN interfaces, use ARP as needed to find the next device’s MAC address.

  5. Transmit the frame out the outgoing interface, as listed in the matched IP route.

This routing process summary lists many details, but sometimes you can think about the routing process in simpler terms. For example, leaving out some details, this paraphrase of the step list details the same big concepts:

The router receives a frame, removes the packet from inside the frame, decides where to forward the packet, puts the packet into another frame, and sends the frame.

To give you a little more perspective on these steps, Figure 16-2 breaks down the same five-step routing process as a diagram. The figure shows a packet arriving from the left, entering a router Ethernet interface, with an IP destination of host C. The figure shows the packet arriving, encapsulated inside an Ethernet frame (both header and trailer).

Key Topic.
A figure illustrates the five steps in the routing process.

Figure 16-2 Router Routing Logic Summary

Router R1 processes the frame and packet as shown with the numbers in the figure, matching the same five-step process described just before the figure, as follows:

  1. Router R1 notes that the received Ethernet frame passes the FCS check and that the destination Ethernet MAC address is R1’s MAC address, so R1 processes the frame.

  2. R1 de-encapsulates the IP packet from inside the Ethernet frame’s header and trailer.

  3. R1 compares the IP packet’s destination IP address to R1’s IP routing table.

  4. R1 encapsulates the IP packet inside a new data-link frame, in this case, inside a High-Level Data Link Control (HDLC) header and trailer.

  5. R1 transmits the IP packet, inside the new HDLC frame, out the serial link on the right.


This chapter uses several figures that show an IP packet encapsulated inside a data-link layer frame. These figures often show both the data-link header as well as the data-link trailer, with the IP packet in the middle. The IP packets all include the IP header, plus any encapsulated data.

An Example of IP Routing

The next several pages walk you through an example that discusses each routing step, in order, through multiple devices. The example uses a case in which host A ( sends a packet to host B (, with host routing logic and the five steps showing how R1 forwards the packet.

Figure 16-3 shows a typical IP addressing diagram for an IPv4 network with typical address abbreviations. The diagram can get a little too messy if it lists the full IP address for every router interface. When possible, these diagrams usually list the subnet and then the last octet or two of the individual IP addresses—just enough so that you know the IP address but with less clutter. For example, host A uses IP address, taking from subnet (in which all addresses begin 172.16.1) and the .9 beside the host A icon. As another example, R1 uses address on its LAN interface, on one serial interface, and on an Ethernet WAN interface.

Illustration of five-step routing example in the IPv4 network.

Figure 16-3 IPv4 Network Used to Show Five-Step Routing Example

Now on to the example, with host A ( sending a packet to host B (

Host Forwards the IP Packet to the Default Router (Gateway)

In this example, host A uses some application that sends data to host B ( After host A has the IP packet sitting in memory, host A’s logic reduces to the following:

  • My IP address/mask is, so my local subnet contains numbers– (including the subnet ID and subnet broadcast address).

  • The destination address is, which is clearly not in my local subnet.

  • Send the packet to my default gateway, which is set to

  • To send the packet, encapsulate it in an Ethernet frame. Make the destination MAC address be R1’s G0/0 MAC address (host A’s default gateway).

Figure 16-4 pulls these concepts together, showing the destination IP address and destination MAC address in the frame and packet sent by host A in this case. Note that the figure uses a common drawing convention in networking, showing an Ethernet as a few lines, hiding all the detail of the Layer 2 switches.

Host to host communication is illustrated.

Figure 16-4 Host A Sends Packet to Host B

Routing Step 1: Decide Whether to Process the Incoming Frame

Routers receive many frames in an interface, particularly LAN interfaces. However, a router can and should ignore some of those frames. So, the first step in the routing process begins with a decision of whether a router should process the frame or silently discard (ignore) the frame.

First, the router does a simple but important check (Step 1A in the process summary) so that the router ignores all frames that had bit errors during transmission. The router uses the data-link trailer’s FCS field to check the frame, and if errors occurred in transmission, the router discards the frame. (The router makes no attempt at error recovery; that is, the router does not ask the sender to retransmit the data.)

The router also checks the destination data-link address (Step 1B in the summary) to decide whether the frame is intended for the router. For example, frames sent to the router’s unicast MAC address for that interface are clearly sent to that router. However, a router can actually receive a frame sent to some other unicast MAC address, and routers should ignore these frames.

For example, routers will receive some unicast frames sent to other devices in the VLAN just because of how LAN switches work. Think back to how LAN switches forward unknown unicast frames—frames for which the switch does not list the destination MAC address in the MAC address table. The LAN switch floods those frames. The result? Routers sometimes receive frames destined for some other device, with some other device’s MAC address listed as the destination MAC address. Routers should ignore those frames.

In this example, host A sends a frame destined for R1’s MAC address. So, after the frame is received, and after R1 confirms with the FCS that no errors occurred, R1 confirms that the frame is destined for R1’s MAC address (0200.0101.0101 in this case). All checks have been passed, so R1 will process the frame, as shown in Figure 16-5. (Note that the large rectangle in the figure represents the internals of Router R1.)

The first step of the routing process on router R1 is explained.

Figure 16-5 Routing Step 1, on Router R1: Checking FCS and Destination MAC

Routing Step 2: De-encapsulation of the IP Packet

After the router knows that it ought to process the received frame (per Step 1), the next step is relatively simple: de-encapsulating the packet. In router memory, the router no longer needs the original frame’s data-link header and trailer, so the router removes and discards them, leaving the IP packet, as shown in Figure 16-6. Note that the destination IP address remains unchanged (

The second step of the routing process on router R1 is explained.

Figure 16-6 Routing Step 2 on Router R1: De-encapsulating the Packet

Routing Step 3: Choosing Where to Forward the Packet

While routing Step 2 required little thought, Step 3 requires the most thought of all the steps. At this point, the router needs to make a choice about where to forward the packet next. That process uses the router’s IP routing table, with some matching logic to compare the packet’s destination address with the table.

First, an IP routing table lists multiple routes. Each individual route contains several facts, which in turn can be grouped as shown in Figure 16-7. Part of each route is used to match the destination address of the packet, while the rest of the route lists forwarding instructions: where to send the packet next.

Key Topic.
The third step of the routing process on router R1 is explained.

Figure 16-7 Routing Step 3 on Router R1: Matching the Routing Table

Focus on the entire routing table for a moment, and notice the fact that it lists five routes. Earlier, Figure 16-3 showed the entire example network, with five subnets, so R1 has a route for each of the five subnets.

Next, look at the part of the five routes that Router R1 will use to match packets. To fully define each subnet, each route lists both the subnet ID and the subnet mask. When matching the IP packet’s destination with the routing table, the router looks at the packet’s destination IP address ( and compares it to the range of addresses defined by each subnet. Specifically, the router looks at the subnet and mask information; with a little math, the router can figure out in which of these subnets resides (the route for subnet

Finally, look to the right side of the figure, to the forwarding instructions for these five routes. After the router matches a specific route, the router uses the forwarding information in the route to tell the router where to send the packet next. In this case, the router matched the route for subnet, so R1 will forward the packet out its own interface S0/0/0, to Router R2 next, listed with its next-hop router IP address of


Routes for remote subnets typically list both an outgoing interface and next-hop router IP address. Routes for subnets that connect directly to the router list only the outgoing interface because packets to these destinations do not need to be sent to another router.

Routing Step 4: Encapsulating the Packet in a New Frame

At this point, the router knows how it will forward the packet. However, routers cannot forward a packet without first wrapping a data-link header and trailer around it (encapsulation).

Encapsulating packets for serial links does not require a lot of thought, but the current CCNA 200-301 exam does not require a lot from us. Point-to-point serial WAN links use either HDLC (the default) or PPP as the data-link protocol. However, we can ignore any data-link logic, even ignoring data-link addressing, because serial links have only two devices on the link: the sender and the then-obvious receiver; the data-link addressing does not matter. In this example, R1 forwards the packet out S0/0/0, after encapsulating the packet inside an HDLC frame, as shown in Figure 16-8.

Encapsulation of the packet in a new frame is the fourth step in the process of routing. The internals of router R1 is represented in the form of a rectangle. The interface of R1 is G0/0.At this point in the process, the IP packets are encapsulated inside the HDLC frame to transmit the packets outside the interface S0/0/1.

Figure 16-8 Routing Step 4 on Router R1: Encapsulating the Packet

Note that with some other types of data links, the router has a little more work to do at this routing step. For example, sometimes a router forwards packets out an Ethernet interface. To encapsulate the IP packet, the router would need to build an Ethernet header, and that Ethernet header’s destination MAC address would need to list the correct value.

For example, consider a packet sent by that same PC A ( in Figure 16-3 but with a destination of PC C ( When R1 processes the packet, R1 matches a route that tells R1 to forward the packet out R1’s G0/1/0 Ethernet interface to (R3) next. R1 needs to put R3’s MAC address in the header, and to do that, R1 uses its IP ARP table information, as shown in Figure 16-9. If R1 did not have an ARP table entry for, R1 would first have to use ARP to learn the matching MAC address.

A network diagram illustrates the fourth step in the process of routing on router R1 with a LAN outgoing interface.

Figure 16-9 Routing Step 4 on Router R1 with a LAN Outgoing Interface

Routing Step 5: Transmitting the Frame

After the frame has been prepared, the router simply needs to transmit the frame. The router might have to wait, particularly if other frames are already waiting their turn to exit the interface.

Configuring IP Addresses and Connected Routes

Cisco routers enable IPv4 routing globally, by default. Then, to make the router be ready to route packets on a particular interface, the interface must be configured with an IP address and the interface must be configured such that it comes up, reaching a “line status up, line protocol up” state. Only at that point can routers route IP packets in and out a particular interface.

After a router can route IP packets out one or more interfaces, the router needs some routes. Routers can add routes to their routing tables through three methods:

Key Topic.

Connected routes: Added because of the configuration of the ip address interface subcommand on the local router

Static routes: Added because of the configuration of the ip route global command on the local router

Routing protocols: Added as a function by configuration on all routers, resulting in a process by which routers dynamically tell each other about the network so that they all learn routes

This second of three sections discusses several variations on how to configure connected routes, while the next major section discusses static routes.

Connected Routes and the ip address Command

A Cisco router automatically adds a route to its routing table for the subnet connected to each interface, assuming that the following two facts are true:

Key Topic.
  • The interface is in a working state. In other words, the interface status in the show interfaces command lists a line status of up and a protocol status of up.

  • The interface has an IP address assigned through the ip address interface subcommand.

The concept of connected routes is relatively basic. The router, of course, needs to know the subnet number connected to each of its interfaces, so the router can route packets to that subnet. The router does the math, taking the interface IP address and mask and calculating the subnet ID. However, the router only needs that route when the interface is up and working, so the router includes a connected route in the routing table only when the interface is working.

Example 16-1 shows the connected routes on Router R1 in Figure 16-10. The first part of the example shows the configuration of IP addresses on all three of R1’s interfaces. The end of the example lists the output from the show ip route command, which lists these routes with a c as the route code, meaning connected.

A network diagram showing the connected routes.

Figure 16-10 Sample Network to Show Connected Routes

Example 16-1 Connected and Local Routes on Router R1

! Excerpt from show running-config follows...
interface GigabitEthernet0/0
 ip address
interface Serial0/0/0
 ip address
interface GigabitEthernet0/1/0
 ip address

R1# show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set is variably subnetted, 6 subnets, 2 masks
C is directly connected, GigabitEthernet0/0
L is directly connected, GigabitEthernet0/0
C is directly connected, Serial0/0/0
L is directly connected, Serial0/0/0
C is directly connected, GigabitEthernet0/1/0
L is directly connected, GigabitEthernet0/1/0

Take a moment to look closely at each of the three highlighted routes in the output of show ip route. Each lists a C in the first column, and each has text that says “directly connected”; both identify the route as connected to the router. The early part of each route lists the matching parameters (subnet ID and mask), as shown in the earlier example in Figure 16-7. The end of each of these routes lists the outgoing interface.

Note that the router also automatically produces a different kind of route, called a local route. The local routes define a route for the one specific IP address configured on the router interface. Each local route has a /32 prefix length, defining a host route, which defines a route just for that one IP address. For example, the last local route, for, defines a route that matches only the IP address of Routers use these local routes that list their own local IP addresses to more efficiently forward packets sent to the router itself.

For the CCNA 200-301 exam, note that this example of the show ip route command reveals a few of the specific subitems within exam topic 3.1, with later examples revealing even more details. This section shows details related to the following terms from the exam topics:

  • Routing Protocol Code: The legend at the top of the show ip route output (about nine lines) lists all the routing protocol codes (exam topic 3.1.a). This book references the codes for connected routes (C), local (L), static (S), and OSPF (O).

  • Prefix: The word prefix (exam topic 3.1.b) is just another name for subnet ID.

  • Mask: Each route lists a prefix (subnet ID) and network mask (exam topic 3.1.c) in prefix format, for example, /24.

The ARP Table on a Cisco Router

After a router has added these connected routes, the router can route IPv4 packets between those subnets. To do so, the router makes use of its IP ARP table.

The IPv4 ARP table lists the IPv4 address and matching MAC address of hosts connected to the same subnet as the router. When forwarding a packet to a host on the same subnet, the router encapsulates the packet, with a destination MAC address as found in the ARP table. If the router wants to forward a packet to an IP address on the same subnet as the router but does not find an ARP table entry for that IP address, the router will use ARP messages to learn that device’s MAC address.

Example 16-2 shows R1’s ARP table based on the previous example. The output lists R1’s own IP address of, with an age of -, meaning that this entry does not time out. Dynamically learned ARP table entries have an upward counter, like the 35-minute value for the ARP table entry for IP address By default, IOS will time out (remove) an ARP table entry after 240 minutes in which the entry is not used. (IOS resets the timer to 0 when an ARP table entry is used.) Note that to experiment in the lab, you might want to empty all dynamic entries (or a single entry for one IP address) using the clear ip arp [ip-address] EXEC command.

Example 16-2 Displaying a Router’s IP ARP Table

R2# show ip arp
Protocol  Address        Age (min) Hardware Addr   Type   Interface
Internet            -  0200.2222.2222  ARPA   GigabitEthernet0/0
Internet           35  0200.3333.3333  ARPA   GigabitEthernet0/0

Thinking about how Router R1 forwards a packet to host A (, over that final subnet, R1 does the following:

  1. R1 looks in its ARP table for an entry for

  2. R1 encapsulates the IP packet in an Ethernet frame, adding destination 0200.3333.3333 to the Ethernet header (as taken from the ARP table).

  3. R1 transmits the frame out interface G0/0.

Configuring Static Routes

All routers add connected routes, as discussed in the previous section. Then, most networks use dynamic routing protocols to cause each router to learn the rest of the routes in an internetwork. Networks use static routes—routes added to a routing table through direct configuration—much less often than dynamic routing. However, static routes can be useful at times, and they happen to be useful learning tools as well. This next major section in the chapter discusses static routes.


The CCNA 200-301 exam topic 3.2 breaks IPv4 (and IPv6) static routes into four subtopics: network routes, host routes, floating static routes, and default routes. This section explains all four types as noted in the upcoming headings.

Static Network Routes

IOS allows the definition of individual static routes using the ip route global configuration command. Every ip route command defines a destination that can be matched, usually with a subnet ID and mask. The command also lists the forwarding instructions, typically listing either the outgoing interface or the next-hop router’s IP address. IOS then takes that information and adds that route to the IP routing table.

The static route is considered a network route when the destination listed in the ip route command defines a subnet, or an entire Class A, B, or C network. In contrast, a default route matches all destination IP addresses, while a host route matches a single IP address (that is, an address of one host.)

As an example of a network route, Figure 16-11 shows a subset of the figure used throughout this chapter so far, with some unrelated details removed. The figure shows only the details related to a static network route on R1, for destination subnet, which sits on the far right. To create that static network route on R1, R1 will configure the subnet ID and mask, and either R1’s outgoing interface (S0/0/0) or R2 as the next-hop router IP address (

Key Topic.
A network diagram presents the static route configuration concept on router R1.

Figure 16-11 Static Route Configuration Concept

Example 16-3 shows the configuration of a couple of sample static routes. In particular, it shows routes on Router R1 in Figure 16-12, for the two subnets on the right side of the figure.

An example of a static route configuration network is shown.

Figure 16-12 Sample Network Used in Static Route Configuration Examples

Example 16-3 Static Routes Added to R1

ip route S0/0/0
ip route

The two example ip route commands show the two different styles of forwarding instructions. The first command shows subnet, mask, which sits on a LAN near Router R2. That same first command lists R1’s S0/0/0 interface as the outgoing interface. This route basically states: To send packets to the subnet off Router R2, send them out my own local S0/0/0 interface (which happens to connect to R2).

The second route has the same kind of logic, except for using different forwarding instructions. Instead of referencing R1’s outgoing interface, it instead lists the neighboring router’s IP address on the WAN link as the next-hop router. This route basically says this: To send packets to the subnet off Router R3, send them to R3—specifically, R3’s WAN IP address next.

The routes created by these two ip route commands actually look a little different in the IP routing table compared to each other. Both are static routes. However, the route that used the outgoing interface configuration is also noted as a connected route; this is just a quirk of the output of the show ip route command.

Example 16-4 lists these two routes using the show ip route static command. This command lists the details of static routes only, but it also lists a few statistics about all IPv4 routes. For example, the example shows two lines, for the two static routes configured in Example 16-4, but statistics state that this router has routes for eight subnets.

Example 16-4 Static Routes Added to R1

R1# show ip route static
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
! lines omitted for brevity

Gateway of last resort is not set is variably subnetted, 8 subnets, 2 masks
S is directly connected, Serial0/0/0
S [1/0] via

IOS adds and removes these static routes dynamically over time, based on whether the outgoing interface is working or not. For example, in this case, if R1’s S0/0/0 interface fails, R1 removes the static route to from the IPv4 routing table. Later, when the interface comes up again, IOS adds the route back to the routing table.

Note that most sites use a dynamic routing protocol to learn all the routes to remote subnets rather than using static routes. However, when not using a dynamic routing protocol, the engineer would need to configure static routes to each subnet on each router. For example, if the routers had only the configuration shown in the examples so far, PC A (from Figure 16-12) would not be able to receive packets back from PC B because Router R2 does not have a route for PC A’s subnet. R2 would need static routes for other subnets, as would R3.

Finally, note that static routes that will send packets out an Ethernet interface—LAN or WAN—should use the next-hop IP address option on the ip address command, as shown in Example 16-4. Routers expect their Ethernet interfaces to be able to reach any number of other IP addresses in the connected subnet. Referencing the next-hop router identifies the specific device in the connected subnet, while referencing the local router’s outgoing interface does not identify the specific neighboring router.

Static Host Routes

Earlier, this chapter defined a host route as a route to a single host address. To configure such a static route, the ip route command uses an IP address plus a mask of so that the matching logic matches just that one address.

An engineer might use host routes to direct packets sent to one host over one path, with all other traffic to that host’s subnet over some other path. For instance, you could define these two static routes for subnet and host, with two different next-hop addresses, as follows:

ip route
ip route

Note that these two routes overlap: a packet sent to that arrives at the router would match both routes. When that happens, routers use the most specific route (that is, the route with the longest prefix length). So, a packet sent to would be forwarded to next-hop router, and packets sent to other destinations in subnet would be sent to next-hop router

Note that the section “IP Forwarding with the Longest Prefix Match” later in this chapter gets into this topic in more detail.

Floating Static Routes

Next, consider the case in which a static route competes with other static routes or routes learned by a routing protocol. That is, the ip route command defines a route to a subnet, but the router also knows of other static or dynamically learned routes to reach that same subnet. In these cases, the router must first decide which routing source has the better administrative distance, with lower being better, and then use the route learned from the better source.

To see how that works, consider the example illustrated in Figure 16-13, which shows a different design than in the previous examples, this time with a branch office with two WAN links: one very fast Gigabit Ethernet link and one rather slow (but cheap) T1. In this design, the network uses Open Shortest Path First Version 2 (OSPFv2) over the primary link, learning a route for subnet R1 also defines a static route over the backup link to that exact same subnet, so R1 must choose whether to use the static route or the OSPF-learned route.

Configuring a floating static route to reach the key subnet of is shown.

Figure 16-13 Using a Floating Static Route to Key Subnet

By default, IOS considers static routes better than OSPF-learned routes. By default, IOS gives static routes an administrative distance of 1 and OSPF routes an administrative distance of 110. Using these defaults in Figure 16-13, R1 would use the T1 to reach subnet in this case, which is not the intended design. Instead, the engineer prefers to use the OSPF-learned routes over the much-faster primary link and use the static route over the backup link only as needed when the primary link fails.

To instead prefer the OSPF routes, the configuration would need to change the administrative distance settings and use what many networkers call a floating static route. A floating static route floats or moves into and out of the IP routing table depending on whether the better (lower) administrative distance route learned by the routing protocol happens to exist currently. Basically, the router ignores the static route during times when the better routing protocol route is known.

To implement a floating static route, you need to use a parameter on the ip route command that sets the administrative distance for just that route, making the value larger than the default administrative distance of the routing protocol. For example, the ip route 130 command on R1 would do exactly that—setting the static route’s administrative distance to 130. As long as the primary link stays up, and OSPF on R1 learns a route for, with a default administrative distance of 110, R1 ignores the static route.

Finally, note that while the show ip route command lists the administrative distance of most routes, as the first of two numbers inside two brackets, the show ip route subnet command plainly lists the administrative distance. Example 16-5 shows a sample, matching this most recent example.

Example 16-5 Displaying the Administrative Distance of the Static Route

R1# show ip route static
! Legend omitted for brevity is variably subnetted, 6 subnets, 2 masks
S is directly connected, Serial0/0/1

R1# show ip route
Routing entry for
  Known via "static", distance 130, metric 0 (connected)
  Routing Descriptor Blocks:
  * directly connected, via Serial0/0/1
      Route metric is 0, traffic share count is 1

Static Default Routes

When a router tries to route a packet, the router might not match the packet’s destination IP address with any route. When that happens, the router normally just discards the packet.

Routers can be configured so that they use either a statically configured or dynamically learned default route. The default route matches all packets, so that if a packet does not match any other more specific route in the routing table, the router can at least forward the packet based on the default route.

One classic example in which companies might use static default routes in their enterprise TCP/IP networks is when the company has many remote sites, each with a single, relatively slow WAN connection. Each remote site has only one possible physical route to use to send packets to the rest of the network. So, rather than use a routing protocol, which sends messages over the WAN and uses precious WAN bandwidth, each remote router might use a default route that sends all traffic to the central site, as shown in Figure 16-14.

A figure shows the connection between three routers.

Figure 16-14 Example Use of Static Default Routes at 1000 Low-Speed Remote Sites

IOS allows the configuration of a static default route by using special values for the subnet and mask fields in the ip route command: and For example, the command ip route S0/0/1 creates a static default route on Router B1—a route that matches all IP packets—and sends those packets out interface S0/0/1.

Example 16-6 shows an example of a static default route, using Router R2 from Figure 16-13. Earlier, that figure, along with Example 16-5, showed R1 with static routes to the two subnets on the right side of the figure. Example 16-6 completes the configuration of static IP routes by configuring R2, on the right side of Figure 16-13, with a static default route to route packets back to the routers on the left side of the figure.

Example 16-6 Adding a Static Default Route on R2 (Figure 16-13)

R2# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)# ip route s0/0/1
R2(config)# ^Z
R2# show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is to network

S* is directly connected, Serial0/0/1 is variably subnetted, 4 subnets, 2 masks
C is directly connected, GigabitEthernet0/0
L is directly connected, GigabitEthernet0/0
C is directly connected, Serial0/0/1
L is directly connected, Serial0/0/1

The output of the show ip route command lists a few new and interesting facts. First, it lists the route with a code of S, meaning static, but also with a *, meaning it is a candidate default route. A router can learn about more than one default route, and the router then has to choose which one to use; the * means that it is at least a candidate to become the default route. Just above, the “Gateway of Last Resort” refers to the chosen default route, which in this case is the just-configured static route with outgoing interface S0/0/1.

Troubleshooting Static Routes

These final few pages about IPv4 static routes examine some issues that can occur with static routes, both reviewing some reasons mentioned over the last few pages, while adding more detail. This topic breaks static route troubleshooting into three perspectives:

  • The route is in the routing table but is incorrect.

  • The route is not in the routing table.

  • The route is in the routing table and is correct, but the packets do not arrive at the destination host.

Troubleshooting Incorrect Static Routes That Appear in the IP Routing Table

This first troubleshooting item can be obvious, but it is worth pausing to think about. A static route is only as good as the input typed into the ip route command. IOS checks the syntax, and as mentioned earlier, makes a few other checks that this section reviews in the next heading. But once those checks are passed, IOS puts the route into the IP routing table, even if the route had poorly chosen parameters.

For instance, the route might use a subnet and mask that implies a different range of addresses than the addresses in the destination subnet. Or, for a router sitting in the middle of a diagram, the next-hop address might be a router to the left, while the destination subnet is to the right. Or the next-hop address could be an IP address in a connected subnet, but it might be a typo and be an address of a PC or even a currently unused IP address.

When you see an exam question that has static routes, and you see them in the output of show ip route, remember to check on these items:

Key Topic.
  • Is there a subnetting math error in the subnet ID and mask?

  • Is the next-hop IP address correct and referencing an IP address on a neighboring router?

  • Does the next-hop IP address identify the correct router?

  • Is the outgoing interface correct, and referencing an interface on the local router (that is, the same router where the static route is configured)?

The Static Route Does Not Appear in the IP Routing Table

After configuring an ip route command, IOS might or might not add the route to the IP routing table. IOS also considers the following before adding the route to its routing table:

Key Topic.
  • For ip route commands that list an outgoing interface, that interface must be in an up/up state.

  • For ip route commands that list a next-hop IP address, the local router must have a route to reach that next-hop address.

For example, earlier in Example 16-3, R1’s command ip route defines a static route. Before adding the route to the IP routing table, R1 looks for an existing IP route to reach In that case, R1 will find a connected route for subnet as long as its Ethernet WAN link is up. As a result, R1 adds the static route to subnet Later, if R1’s G0/1/0 were to fail, R1 would remove its connected route to from the IP routing table—an action that would also then cause R1 to remove its static route to

You can configure a static route so that IOS ignores these basic checks, always putting the IP route in the routing table. To do so, just use the permanent keyword on the ip route command. For example, by adding the permanent keyword to the end of the two commands as demonstrated in Example 16-7, R1 would now add these routes, regardless of whether the two WAN links were up.

Example 16-7 Permanently Adding Static Routes to the IP Routing Table (Router R1)

ip route S0/0/0 permanent
ip route permanent

Note that although the permanent keyword lets the router keep the route in the routing table without checking the outgoing interface or route to the next-hop address, it does not magically fix a broken route. For example, if the outgoing interface fails, the route will remain in the routing table, but the router cannot forward packets because the outgoing interface is down.

The Correct Static Route Appears but Works Poorly

This last section is a place to make two points—one mainstream and one point to review a bit of trivia.

First, on the mainstream point, the static route can be perfect, but the packets from one host to the next still might not arrive because of other problems. An incorrect static route is just one of many items to check when you’re troubleshooting problems like “host A cannot connect to server B.” The root cause may be the static route, or it may be something else. Chapter 18, “Troubleshooting IPv4 Routing,” goes into some depth about troubleshooting these types of problems.

On the more specific point, be wary of any ip route command with the permanent keyword. IOS puts these routes in the routing table with no checks for accuracy. You should check whether the outgoing interface is down and/or whether the router has a route to reach the next-hop address.

IP Forwarding with the Longest Prefix Match

A router’s IP routing process requires that the router compare the destination IP address of each packet with the existing contents of that router’s IP routing table. Often, only one route matches a particular destination address. When only one route matches the packet’s destination, the action is obvious: forward the packet based on the details listed in that route.

In some cases, a particular destination address matches more than one of the router’s routes. For instance, one route might list subnet, another, and another All would match packets sent to IP address Many legitimate router features can cause these multiple routes to appear in a router’s routing table, including

  • Static routes

  • Route autosummarization

  • Manual route summarization

This fourth of four major sections of this chapter explains how a router makes its routing decisions when a packet matches multiple routes. When more than one route matches a packet’s destination address, the router uses the “best” route, defined as follows:

Key Topic.

When a particular destination IP address matches more than one route in a router’s IPv4 routing table, the router uses the most specific route—in other words, the route with the longest prefix length mask.

Using show ip route to Find the Best Route

We humans have a couple of ways to figure out what choice a router makes for choosing the best route. One way uses the show ip route command, plus some subnetting math, to decide the route the router will choose. To let you see how to use this option, Example 16-8 shows a series of overlapping routes, all created with OSPF, so the output lists only OSPF-learned routes.

Example 16-8 show ip route Command with Overlapping Routes

R1# show ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is to network is variably subnetted, 9 subnets, 5 masks
O [110/50] via, 00:00:04, GigabitEthernet0/0/0
O [110/100] via, 00:00:09, GigabitEthernet0/1/0
O [110/65] via, 00:00:04, GigabitEthernet0/2/0
O [110/65] via, 00:00:09, GigabitEthernet0/3/0
O [110/129] via, 00:00:09, GigabitEthernet0/0/0

To predict which of its routes a router will match, two pieces of information are required: the destination IP address of the packet and the contents of the router’s routing table. The subnet ID and mask listed for a route define the range of addresses matched by that route. With a little subnetting math, a network engineer can find the range of addresses matched by each route. For instance, Table 16-2 lists the five subnets listed in Example 16-8 and the address ranges implied by each.

Table 16-2 Analysis of Address Ranges for the Subnets in Example 16-8


Address Range (just this one address) – – – – (all addresses)


The route listed as is the default route.

As you can see from these ranges, several of the routes’ address ranges overlap. When matching more than one route, the route with the longer prefix length is used. That is, a route with /16 is better than a route with /10; a route with a /25 prefix is better than a route with a /20 prefix; and so on.

For example, a packet sent to actually matches all five routes listed in the routing table in Example 16-8. The various prefix lengths range from /0 to /32. The longest prefix (largest /P value, meaning the best and most specific route) is /32. So, a packet sent to uses the route to, and not the other routes.

The following list gives some examples of destination IP addresses. For each address, the list describes the routes from Table 16-2 that the router would match, and which specific route the router would use. Matches all five routes; the longest prefix is /32, the route to Matches the last four routes; the longest prefix is /24, the route to Matches the last three routes; the longest prefix is /22, the route to Matches the last two routes; the longest prefix is /16, the route to

Using show ip route address to Find the Best Route

A second way to identify the route a router will use, one that does not require any subnetting math, is the show ip route address command. The last parameter on this command is the IP address of an assumed IP packet. The router replies by listing the route it would use to route a packet sent to that address.

For example, Example 16-9 lists the output of the show ip route command on the same router used in Example 24-4. The first line of (highlighted) output lists the matched route: the route to The rest of the output lists the details of that particular route, like the outgoing interface of GigabitEthernet0/1/0 and the next-hop router of

Example 16-9 show ip route Command with Overlapping Routes

R1# show ip route
Routing entry for
  Known via "ospf 1", distance 110, metric 65, type intra area
  Last update from on GigabitEthernet0/2/0, 14:22:06 ago
  Routing Descriptor Blocks:
  *, from, 14:22:05 ago, via GigabitEthernet0/1/0
      Route metric is 65, traffic share count is 1

Certainly, if you have an option, just using a command to check what the router actually chooses is a much quicker option than doing the subnetting math.

Interpreting the IP Routing Table

The show ip route command plays a huge role in verifying and troubleshooting IP routing and addressing. This final topic of the chapter pulls the concepts together in one place for easier reference and study.

Figure 16-15 shows the output of a sample show ip route command. The figure numbers various parts of the command output for easier reference, with Table 16-3 describing the output noted by each number.

An illustration shows ip route command outputs.

Figure 16-15 show ip route Command Output Reference

Key Topic.

Table 16-3 Descriptions of the show ip route Command Output



Value in the Figure



Classful network

The routing table is organized by classful network. This line is the heading line for classful network; it lists the default mask for Class A networks (/8).


Number of subnets

13 subnets

The number of routes for subnets of the classful network known to this router, from all sources, including local routes—the /32 routes that match each router interface IP address.


Number of masks

5 masks

The number of different masks used in all routes known to this router inside this classful network.


Legend code

C, L, O

A short code that identifies the source of the routing information. O is for OSPF, D for EIGRP, C for Connected, S for static, and L for local. (See Example 16-8 for a sample of the legend.)


Prefix (Subnet ID)

The subnet number of this particular route.


Prefix length (Mask)


The prefix mask used with this subnet.


Administrative distance


If a router learns routes for the listed subnet from more than one source of routing information, the router uses the source with the lowest administrative distance (AD).




The metric for this route.


Next-hop router

For packets matching this route, the IP address of the next router to which the packet should be forwarded.




For OSPF and EIGRP routes, this is the time since the route was first learned.


Outgoing interface


For packets matching this route, the interface out which the packet should be forwarded.

Chapter Review

One key to doing well on the exams is to perform repetitive spaced review sessions. Review this chapter’s material using either the tools in the book or interactive tools for the same material found on the book’s companion website. Refer to the “Your Study Plan” element for more details. Table 16-4 outlines the key review elements and where you can find them. To better track your study progress, record when you completed these activities in the second column.

Table 16-4 Chapter Review Tracking

Review Element

Review Date(s)

Resource Used

Review key topics


Book, website

Review key terms


Book, website

Answer DIKTA questions


Book, PTP

Review command tables



Do labs



Review All the Key Topics

Key Topic.

Table 16-5 Key Topics for Chapter 16

Key Topic Element


Page Number


Steps taken by a host when forwarding IP packets



Steps taken by a router when forwarding IP packets


Figure 16-2

Diagram of five routing steps taken by a router


Figure 16-7

Breakdown of IP routing table with matching and forwarding details



Three common sources from which routers build IP routes



Rules regarding when a router creates a connected route


Figure 16-11

Static route configuration concept



Troubleshooting checklist for routes that do appear in the IP routing table



Troubleshooting checklist for static routes that do not appear in the IP routing table



A description of how a router makes a longest prefix decision to match the routing table


Table 16-3

List of items found in a Cisco router IP routing table


Key Terms You Should Know

ARP table

routing table

next-hop router

outgoing interface

connected route

static route

default route

host route

floating static route

network route

administrative distance

Command References

Tables 16-6 and 16-7 list configuration and verification commands used in this chapter. As an easy review exercise, cover the left column in a table, read the right column, and try to recall the command without looking. Then repeat the exercise, covering the right column, and try to recall what the command does.

Table 16-6 Chapter 16 Configuration Command Reference



ip address ip-address mask

Interface subcommand that assigns the interface’s IP address

interface type number.subint

Global command to create a subinterface and to enter configuration mode for that subinterface

[no] ip routing

Global command that enables (ip routing) or disables (no ip routing) the routing of IPv4 packets on a router or Layer 3 switch

ip route prefix mask {ip-address | interface-type interface-number} [distance][permanent]

Global configuration command that creates a static route

Table 16-7 Chapter 16 EXEC Command Reference



show ip route

Lists the router’s entire routing table

show ip route [connected | static | ospf]

Lists a subset of the IP routing table

show ip route ip-address

Lists detailed information about the route that a router matches for the listed IP address

show arp, show ip arp

Lists the router’s IPv4 ARP table

clear ip arp [ip-address]

Removes all dynamically learned ARP table entries, or if the command lists an IP address, removes the entry for that IP address only

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.