Determine how a router makes a forwarding decision by default

Determine how a router makes a forwarding decision by default

Each routing protocol selects the best route using its own metric comparison procedure. If there are more than one candidate routes from different protocols, then administrative distances are compared and only one protocol installs its route into the routing table. In some cases, a routing protocol, instead of preferring a single path, can use multiple next-hops for the same network to split the load between several links.

The forwarding decision is then based only on the longest match, as the routing table is already filtered of all but the best routes. The router looks for the longest match for a destination and prefers more specific IP prefix routes over broader ones. To describe these options we will follow the bottom-up approach, i.e. starting with protocol choice, then moving to inter-protocol choice, and finally performing the longest match comparison.

Sample network

Figure shows a sample topology with a router selecting the best path to forward traffic to a host with the IP address of 10.1.1.25.

Routing Protocol Metric

Dynamic routing protocols calculate and use a numerical value to describe the cost of a path to a destination. This number is called a metric and it is specific to each routing protocol. Metric values of two different routing protocols are not compared with each other. All routing protocols either use different properties of the path or use different calculations.

For example, some protocols use a simple metric like the number of routers or hops that a packet needs to cross to get to the remote network. If two peers advertise routes to such a network, the one that has a smaller number of hops is chosen. Some other protocols can use bandwidth as its path cost.

Table lists different routing protocols and the metric that they use.

Routing ProtocolMetric
RIPNumber of routers in path – hop count.
OSPF, ISISCumulative value that is based on bandwidth with smaller bandwidth accumulating more cost.
EIGPRComposite metric that is based on multiple parameters – delay, bandwidth, utilization and reliability. Only first two parameters are used. Calculated as sum of transit links delays and smallest bandwidth across the path
BGPNumber of Autonomous Systems (or routing domains) to reach a destination can be considered a metric that is visible end to end.

Interior Gateway Protocols (IGP) Metric

IGP metrics with the exception of RIP provide a good measurement of path performance. They are based on static link parameters, such as bandwidth and delay. Only EIGRP metric calculation formula can include dynamic link features, such as utilization and reliability, however, they are not used by default. IGP protocols also prefer routes that were injected into the protocol internally. This mostly comprises of routes which routers have interfaces in. External routes are represented by routes injected by redistribution from another protocol or a static route. For example, OSPF selects intra-area routes, then inter-area routes, and finally external routes. This selection happens before metric comparison.

Exterior Gateway Protocols (EGP) Metric

BGP has a different objective when choosing the best path. As the protocol is used between different organizations, it was designed to include multiple attributes that can be used to influence and communicate the desired traffic flow. The BGP path selection process consists of more than 10 steps. Many of the attributes are configured to influence the selection process and represent an administrative view of path cost, as opposed to IGP’s calculation based on some objective evaluation of the path performance.
The routing domain controlled by a single organization in BGP is called an Autonomous System. As a route propagates from the injecting router it is being updated and includes AS numbers of all routers it has traversed. AS_PATH attribute stores this information. Member AS count in AS_PATH can be used to compare different routes. The shorter AS_PATH is preferred over a longer one. The other attributes that BGP routers exchange and can be used to affect the best path selection include LOCAL_PREF, MED, ORIGIN, and closest IGP metric to the next hop.

Example of the best route selection using routing protocol metric

In the sample topology, router A can see 2 paths to 10.1.1.0/24 in its EIGRP topology table. As shown in Figure 2, the path via D has a cost of 1024 and path via E – 2048. EIGRP process on router A chooses path via D as a candidate route. The next section will describe the process the router goes through to decide if EIGRP should be allowed to install its route.

Administrative Distance

Administrative Distance is a tie-breaker that is used when there are two or more candidate routes of the same length but learned via different routing protocols. Only one version of these routes to the same network will be installed into the routing table. Administrative Distance is a pre-configured numerical value of the trustworthiness of a routing information source. More preferred protocols have smaller administrative distance numbers.

Routing ProtocolAdministrativeNotes
Connected0The networks that router has interface in. Cannot be changed.
Static1Manually created routes. Can be increased to create a floating static routes.
Manually created routes. Can be increased to create a floating static routes.5Manually created routes. Can be increased to create a floating static routes.
BGP (external)20Standard-based Exterior Gateway Protocol. Assigned to routes that are learned from external BGP neighbors.
EIGRP90Cisco proprietary Interior Gateway Protocol.
IGRP100Obsolete Cisco proprietary Interior Gateway Protocol.
OSPF110Standard-based Interior Gateway Protocol.
ISIS115Standard-based Interior Gateway Protocol.
RIP120Standard-based Interior Gateway Protocol.
BGP (internal)200Standard-based Exterior Gateway Protocol. Assigned to routes learned from internal BGP peers.
OMP251Cisco proprietary protocol used in SD-WAN between vEdges. High Administrative Distance value makes the router to prefer routes learned via service (LAN) side.

Directly connected networks and static routes

As table shows, directly connected networks have the lowest administrative distance. A router has an interface in each of the connected networks. Static routes, by default, are more preferred than any dynamically learned route of the same prefix length. By changing a static route’s administrative distance to be numerically higher than dynamic routing protocol is a common way to provide backup connectivity. In this configuration, if a dynamic route is no longer available, a static route replaces it and provides a secondary path. Such a route is called a floating static route.

Interior Gateway Protocols (IGP) Administrative Distance

The default administrative distance values rank IGP protocols in the following order of preference: EIGRP, OSPF, IS-IS, and RIP. With the exception of RIP, the priority doesn’t mean that one protocol is more reliable or accurate than another.
In many networks, there is a single IGP, so having default preference for OSPF over IS-IS doesn’t make a difference. However, in some situations, such as networks merge or transition to different protocol an administrator may run several IGPs at the same time. In such networks, the default distances can be adjusted to make one protocol more preferred than another. It is recommended to test the settings in a lab, as incorrect configuration can cause different issues, such as network loops and non-predictable traffic paths.

Exterior Gateway Protocol (EGP) Administrative Distance

There is only a single non-obsolete Exterior Gateway Protocol – Border Gateway Protocol (BGP). If a router doesn’t run any other dynamic routing protocols, then as with IGPs, its default administrative distance value doesn’t affect the route selection process. However, in enterprise networks, it is common to run BGP along with one of the IGPs. For example, a company can exchange routes via BGP with its Internet or WAN providers. At the same time, internally it can run OSPF or EIGRP. In such scenarios, the routes can be divided into external and internal. BGP is authoritative for the external, and IGP – for the internal routes.

Default Administrative Distance of external BGP routes ensures that a router will not start preferring a route to external networks via adjacent IGP router, which can often advertise such network back if there is more than one router performing redistribution between protocols. Differently, IBGP peers have an administrative distance of 200, which is higher than any IGP’s route AD. This causes a router to use IGP as the source of truth for the internal destinations.

Interestingly, in some cases, internal BGP can overtake external BGP routes even if the latter has a lower administrative distance. The reason for it is that the BGP process performs its own evaluation when selecting the best path before placing the route into the routing table. For example, BGP routes received via internal peer can have a better value of Local Preference and as the result more preferred over the same route learned via external peer, which would be installed with AD of 20. As the best route is from an internal BGP peer, it will be installed into the routing table with AD of 200.

Example of the best router selection based on Administrative Distance

Following our previous example, as shown in Figure below, after EIGRP selected path via D, we left with 3 possible paths, via B, C, and D. Both B and D want to install the same network – 10.1.1.0/24 into the routing table. Administrative distance is used to decide which one is better. As EIGRP has better administrative distance (90) than internal BGP (200), the path via B is selected. This selection happens before any packet forwarding decisions are made as part of router protocol convergence. Both routes (10.0.0.0/8 and 10.1.1.0/24) are now installed into the routing table. The next step for the router is to perform selection based on the longest match.

Longest Match

All unicast routing protocols lookup routes using the destination IP address of a packet. The longest match refers to the process of identifying the route to the most specific network that the packet matches.

For example, the default route or route to 0.0.0.0/0 matches every packet. Next hop of such routes is often called gateway of last resort because it is the least preferred route, which is used only if no other matching routes exist. The most specific route is a host route with a prefix length of 32 (or subnet mask of 255.255.255.255). For example, 192.168.100.25/32 is a host route, and packets sent to that specific host will be always following this route.

The important difference of the longest match from the other two steps is that the router compares two different routes, with one being a superset of another. Both networks will appear in the routing table. Such a situation often exists when there is summarization being performed in the network, which is the process of combining multiple routes into a single one.

Example of the best route selection based on the longest match

In our example network, in Figure below, router A needs to choose between 2 routes: statically configured 10.0.0.0/8 and dynamically learned 10.1.1.0/24. The /24 route is more specific and is a longer match.

Leave a Reply
Your email address will not be published. *

This site uses Akismet to reduce spam. Learn how your comment data is processed.