Solved: routing table look up

sarahr202 · ‎03-10-2009

hi everybody!

I have few questions about routing-table's look up.

please consider the following routing table.

R 10.0.0.0/8 via 192.192.192.1 s0

Let say a packet is received with destination 10.10.10.10, then according to cisco book, the longest possible match in routing table is used. since there is only one entry, the packet is forwarded to 192.192.192.1.

=====================================

Please consider the following routing table.

10.0.0.0/8 is subnetted , two subnets, mask 255.255.254.

R 10.0.2.0 via 192.192.192.1 s0

R 10.0.4.0 via 192.192.191.2 s1

Let say a packet with destination 10.0.6.1 is received,but according to book, router will drop this packet. My question is why?because the longest possible match is 10.0.4.0 so packet should have been forwarded to next hop router.

=========================================

Here is my understanding:

How the table is looked up?

take for example the above routing table

R 10.0.2.0/23 via 192.192.192.1 s1

R 10.0.4.0/23 via 192.192.191.1 s2

The packet with destination 10.0.6.1 is matched against the first entry. The mask in the first entry (/23) is used to drive the subnet number from the destination ip address(10.0.6.1). The subnet number is found to be 10.0.6.0 which does not the match the first entry

10.0.4.0

The 2nd entry is checked. The mask from 2nd entry (/23) is used to drive the subnet number from the destination ip aadress which found to be 10.0.6.0. Again not a match, thus the packet is dropped.

Thanks a lot !

adamclarkuk_2 · ‎03-11-2009

Hi Sarah

The router will drop the packet because it does not have a route for the 10.0.6.0 network.

Your mask is a /23 so your "closest" match ends at 10.0.5.255, so there is no entry for this network and if a default route exsited, it would be used.

The longest match is used when multiple entries match a route. So in the examples you have given, if your had a packet destined for 10.0.3.200 and you to two routes in your routing table which where 10.0.0.0 /16 and 10.0.2.0 /23, then the even though both routes cover the address, the longest match is the /23 and would be chosen.

View solution in original post

Giuseppe Larosa · ‎03-11-2009

Hello Sarah,

10.0.6.1 is out of the two /23 prefixes so no match is found for it.

if a less specific route like 10.0.0.0/8 or a default route 0.0.0.0/0 exists the packet would follow that path but if no entry exists in routing table for 10.0.6.1 the packet is dropped.

if there are multiple possible matches the most specific route is used

think of it like matching an ACL statement here each line is a route

Hope to help

Giuseppe

View solution in original post

Jon Marshall · ‎03-11-2009

Sarah

Just to add to Guiseppe and Adam's post. You are using 2500 routers i believe and from one of your previous configs you had "no ip classless" in your configs. This can have a major effect on whether the default route is used when a more specific route is not found eg.

your routing table contains 3 routes for the 172.16.x.x network and a default route.

172.16.10.0/24

172.16.11.0/24

172.16.12.0/24

0.0.0.0 0.0.0.0

If a packet arrives at the router destined for 172.16.14.10 then one of 2 things happen

1) If ip classless is turned on then the router will use the default route to forward the packet

2) if ip classless is turned off then the router will drop the packet. The reason for this is that the router assumes it knows all the 172.16.x.x/24 networks and so if it doesn't have an entry in it's routing table then it should drop it.

On later IOS's ip classless is on by default but you should be aware of it.

Jon

View solution in original post

Jon Marshall · ‎03-11-2009

Sarah

Yes the router uses it's route table entries togther with their subnet masks to work out the longest match.

Jon

View solution in original post

Jon Marshall · ‎03-11-2009

Sarah

Now that is an excellent question :-) and deserves a rating for the thought gone into it.

The answer to which is quite simply i don't know without testing. I would assume it would use the 172.172.0.0/16 route but without testing i can't be sure.

I'll get back to you :-).

Jon

View solution in original post

adamclarkuk_2 · ‎03-12-2009

Hi Jon/Sarah

Sorry to butt in but the packet will be caught by the /16. If you do a show ip route on the device with the route installed, you will see this :-

ip classless is off

Gateway of last resort is not set

172.172.0.0/16 is variably subnetted, 2 subnets, 2 masks

S 172.172.0.0/16 [1/0] via 192.168.1.2

S 172.172.172.0/24 [1/0] via 192.168.2.2

C 192.168.1.0/24 is directly connected, FastEthernet0/0

C 192.168.2.0/24 is directly connected, FastEthernet1/0

Router#sh ip route 172.172.16.0

Routing entry for 172.172.0.0/16

Known via "static", distance 1, metric 0

Routing Descriptor Blocks:

* 192.168.1.2

Route metric is 0, traffic share count is 1

A ping generated from a source does recieve the packets as can be seen from a debug ip icmp

Router#ping ip 172.172.16.1 repeat 1

!

Type escape sequence to abort.

Sending 1, 100-byte ICMP Echos to 172.172.16.1, timeout is 2 seconds:

R1#

*Mar 12 09:28:18.171: CEF: Try to CEF switch 172.172.16.1 from FastEthernet0/0

*Mar 12 09:28:18.175: IP: tableid=0, s=192.168.1.1 (FastEthernet0/0), d=172.172.16.1 (Loopback2), routed via RIB

*Mar 12 09:28:18.175: IP: s=192.168.1.1 (FastEthernet0/0), d=172.172.16.1, len 100, rcvd 4

*Mar 12 09:28:18.179: ICMP: echo reply sent, src 172.172.16.1, dst 192.168.1.1

*Mar 12 09:28:18.179: IP: tableid=0, s=172.172.16.1 (local), d=192.168.1.1 (FastEthernet0/0), routed via FIB

*Mar 12 09:28:18.179: IP: s=172.172.16.1 (local), d=192.168.1.1 (FastEthernet0/0), len 100, sending

IP Classless

Where the ip classless configuration command falls within the routing and forwarding processes is often confusing. In reality, IP classless only affects the operation of the forwarding processes in IOS; it doesn't affect the way the routing table is built. If IP classless isn't configured (using the no ip classless command), the router won't forward packets to supernets.

View solution in original post

viyuan700 · ‎03-12-2009

the router will match it to 172.172.0.0 and forwards it to next hop.?

Though you have answer already it was matched to 172.172.0.0/16 as its range is 172.172.0.1 to 172.172.255.254 and your IP 172.172.16.16 is within the range.

I hope this example will help for the question in first post,

router# show ip route

172.30.0.0/16 is variably subnetted, 2 subnets, 2 masks

172.30.32.0/20 via 10.1.1.2 ( range 172.30.32.0-172.30.47.255)

172.30.32.0/24 via 10.1.1.1 (range 172.30.32.0- 172.30.32.255 )

S* 0.0.0.0/0 [1/0] via 10.1.1.3

A packet destined to 172.30.32.1 is forwarded to 10.1.1.1, since this is the longest prefix match.

A packet destined to 172.30.33.1 is forwarded to 10.1.1.2, since this is the longest prefix match.

A packet destined to 192.168.10.1 is forwarded to 10.1.1.3; since this network doesn't exist in the routing table, this packet is forwarded to the default route.

A packet destined to 172.30.254.1 is dropped as this address was not in range of because its destination,172.30.254.1, is within a known major network, 172.30.0.0/16, but the router doesn't know about this particular subnet within that major network

One more piece of info

"If the supernet or default route is learned via IS-IS or OSPF, the no ip classless configuration command is ignored. In this case, packet switching behavior works as though ip classless were configured."

View solution in original post

adamclarkuk_2 · ‎03-11-2009

Hi Sarah

The router will drop the packet because it does not have a route for the 10.0.6.0 network.

Your mask is a /23 so your "closest" match ends at 10.0.5.255, so there is no entry for this network and if a default route exsited, it would be used.

The longest match is used when multiple entries match a route. So in the examples you have given, if your had a packet destined for 10.0.3.200 and you to two routes in your routing table which where 10.0.0.0 /16 and 10.0.2.0 /23, then the even though both routes cover the address, the longest match is the /23 and would be chosen.

sarahr202 · ‎03-11-2009

Thanks for your reply!

The packet has a destination address in your example 10.0.3.200. This destination ip address is within the subnet 10.0.2.0/23.

The question is when router receives this packet , does router use subnet mask from each entry to drive subnet number from the destination ip address? For example, for destination 10.0.3.200, first mask from 10.0.0.0/16 is used, the subnet number is found to be 10.0.0.0.

Then 2nd entry 10.0.2.0/23 is used, the mask /23 is used to drive subnet number from 10.0.3.200, which is found to be 10.0.2.0. Since there is longest match, this route will be used to forward the packet.

Is this correct concept?

thanks a lot!

Jon Marshall · ‎03-11-2009

Sarah

Yes the router uses it's route table entries togther with their subnet masks to work out the longest match.

Jon

sarahr202 · ‎03-11-2009

Thanks Jon !

Giuseppe Larosa · ‎03-11-2009

Hello Sarah,

10.0.6.1 is out of the two /23 prefixes so no match is found for it.

if a less specific route like 10.0.0.0/8 or a default route 0.0.0.0/0 exists the packet would follow that path but if no entry exists in routing table for 10.0.6.1 the packet is dropped.

if there are multiple possible matches the most specific route is used

think of it like matching an ACL statement here each line is a route

Hope to help

Giuseppe

Jon Marshall · ‎03-11-2009

Sarah

Just to add to Guiseppe and Adam's post. You are using 2500 routers i believe and from one of your previous configs you had "no ip classless" in your configs. This can have a major effect on whether the default route is used when a more specific route is not found eg.

your routing table contains 3 routes for the 172.16.x.x network and a default route.

172.16.10.0/24

172.16.11.0/24

172.16.12.0/24

0.0.0.0 0.0.0.0

If a packet arrives at the router destined for 172.16.14.10 then one of 2 things happen

1) If ip classless is turned on then the router will use the default route to forward the packet

2) if ip classless is turned off then the router will drop the packet. The reason for this is that the router assumes it knows all the 172.16.x.x/24 networks and so if it doesn't have an entry in it's routing table then it should drop it.

On later IOS's ip classless is on by default but you should be aware of it.

Jon

sarahr202 · ‎03-11-2009

Hi Jon!

Just one more question if you don't mind.

I quote you below:

"If ip classless is turned off then the router will drop the packet. The reason for this is that the router assumes it knows all the 172.16.x.x/24 networks and so if it doesn't have an entry in it's routing table then it should drop it"

I understand the " ip classles" purpose which essentially instructs the router if you don't have entry for certain subnet of major net listed in routing table, then don't drop it but forwards it using a default route.

Let say we have a routing table and ip classless is disabled( enabled or disabled, it won't have any effect as there is no default route).

R 172.172.0.0/16 via 192.192.192.1 s1

R 172.172.172.1/24 via 192.192.191.2 s2

A packet with destination 172.172.16.16 is received.

Based on your reply, this packet will be dropped because the router assumes it knows all the subnets of major net 172.172.0.0.

Or the router will match it to 172.172.0.0 and forwards it to next hop.?

Thanks a lot!

Jon Marshall · ‎03-11-2009

Sarah

Now that is an excellent question :-) and deserves a rating for the thought gone into it.

The answer to which is quite simply i don't know without testing. I would assume it would use the 172.172.0.0/16 route but without testing i can't be sure.

I'll get back to you :-).

Jon

sarahr202 · ‎03-11-2009

i will wait.

adamclarkuk_2 · ‎03-12-2009

Hi Jon/Sarah

Sorry to butt in but the packet will be caught by the /16. If you do a show ip route on the device with the route installed, you will see this :-

ip classless is off

Gateway of last resort is not set

172.172.0.0/16 is variably subnetted, 2 subnets, 2 masks

S 172.172.0.0/16 [1/0] via 192.168.1.2

S 172.172.172.0/24 [1/0] via 192.168.2.2

C 192.168.1.0/24 is directly connected, FastEthernet0/0

C 192.168.2.0/24 is directly connected, FastEthernet1/0

Router#sh ip route 172.172.16.0

Routing entry for 172.172.0.0/16

Known via "static", distance 1, metric 0

Routing Descriptor Blocks:

* 192.168.1.2

Route metric is 0, traffic share count is 1

A ping generated from a source does recieve the packets as can be seen from a debug ip icmp

Router#ping ip 172.172.16.1 repeat 1

!

Type escape sequence to abort.

Sending 1, 100-byte ICMP Echos to 172.172.16.1, timeout is 2 seconds:

R1#

*Mar 12 09:28:18.171: CEF: Try to CEF switch 172.172.16.1 from FastEthernet0/0

*Mar 12 09:28:18.175: IP: tableid=0, s=192.168.1.1 (FastEthernet0/0), d=172.172.16.1 (Loopback2), routed via RIB

*Mar 12 09:28:18.175: IP: s=192.168.1.1 (FastEthernet0/0), d=172.172.16.1, len 100, rcvd 4

*Mar 12 09:28:18.179: ICMP: echo reply sent, src 172.172.16.1, dst 192.168.1.1

*Mar 12 09:28:18.179: IP: tableid=0, s=172.172.16.1 (local), d=192.168.1.1 (FastEthernet0/0), routed via FIB

*Mar 12 09:28:18.179: IP: s=172.172.16.1 (local), d=192.168.1.1 (FastEthernet0/0), len 100, sending

IP Classless

Where the ip classless configuration command falls within the routing and forwarding processes is often confusing. In reality, IP classless only affects the operation of the forwarding processes in IOS; it doesn't affect the way the routing table is built. If IP classless isn't configured (using the no ip classless command), the router won't forward packets to supernets.

sarahr202 · ‎03-12-2009

Hi Adam and Jon!

I quote you Adam below;

"If IP classless isn't configured (using the no ip classless command), the router won't forward packets to supernets. "

=============================

I found out " ipclassless" command has no bearing how routing table is looked up.It just tells router not to drop packet for certain subnet not found in the routing table, povided the others subnets of a same major net are also present.

For example:

R 172.172.172.0/24 via 12.12.12.1

S 0.0.0.0 0.0.0.0 s1

If a packet with destination ip 172.172.173.1 is received, then in the presence of ip class command, router will use the default route to forward the packet. With " ipclassless" being disabled, router would have simply dropped the packet.

===============================

For John, you were correct about the your guess that route 172.172.0.0/16 will be used.

I performed a lab . My lab set up was as follows:

Three routers(2500), ra,rb,rd.

ra s0----------(s0)Rb(s1)-------------s1RD

One windows xp host is connected to rb's e0.

Ip addresses:

ra:

s0 192.192.192.1/24

loopback2 172.172.172.1/16

rb:

s0 192.192.192.2/24

s1 172.172.173.1/24

e0 193.193.193.1/24

rd:

s1 172.172.173.2/24

loopback 4 172.172.174.1/24

=========================================

Routing table at RB:(output omitted)

routerB#show ip route

Gateway of last resort is not set

172.172.0.0/16 is variably subnetted, 3 subnets, 2 masks

R 172.172.0.0/16 [120/1] via 192.192.192.1, 00:00:09, Serial0

C 172.172.173.0/24 is directly connected, Serial1

R 172.172.174.0/24 [120/1] via 172.172.173.2, 00:00:10, Serial1

C 192.192.192.0/24 is directly connected, Serial0

C 193.193.193.0/24 is directly connected, Ethernet0

========================

routing table at Ra (output omitted)

routerA# show ip route

C 192.192.192.0/24 is directly connected, Serial0

R 193.193.193.0/24 [120/1] via 192.192.192.2, 00:00:09, Serial0

172.172.0.0/16 is variably subnetted, 3 subnets, 2 masks

C 172.172.0.0/16 is directly connected, Loopback1

R 172.172.173.0/24 [120/1] via 192.192.192.2, 00:00:09, Serial0

R 172.172.174.0/24 [120/2] via 192.192.192.2, 00:00:09, Serial0

==============================

routing table at Rd: (output omitted)

rouuterD#show ip route

c 172.172.0.0/24 is subnetted, 2 subnets

C 172.172.173.0 is directly connected, Serial1

C 172.172.174.0 is directly connected, Loopback4

R 192.192.192.0/24 [120/1] via 172.172.173.1, 00:00:14, Serial1

R 193.193.193.0/24 [120/1] via 172.172.173.1, 00:00:14, Serial1

===========================

Now i use the command "tracert 172.172.175.1 on windows xp host connected to e0 of rb.

:\Documents and Settings\zee>tracert 172.172.175.1

racing route to 172.172.175.1 over a maximum of 30 hops

1 4 ms 2 ms 2 ms 193.193.193.1

2 31 ms 26 ms 26 ms 192.192.192.1

3 * * * Request timed out.

4 * * * Request

Output omitted.

Important thing to note that when rb receives the packet, it finds the match " R 172.172.0.0/16",and forwards the packet to ra.

Ra receives the packet and find the match " C 172.172.0.0" loopback" but loopback has ip address 172.172.172.1, the packet is dropped .

No reply was sent.

===============================

In above setup , RIp v2 was used.

One thing i observed that:

Rb 's routing table lists " R 172.172.0.0/16 via 192.192.192.1"

but rb did not send any update about this route to rd because rb's s1 int uses the different mask.Consequently, rd did not hear about " 172.172.0.0/16 " route .

Is my understanding correct?

=============================

Thanks a lot!

adamclarkuk_2 · ‎03-13-2009

Hi Sarah

Exactly, so any supernets are ignored and as default route is also a supernet, it too is ignored, but classful subnets will be used.

viyuan700 · ‎03-12-2009

the router will match it to 172.172.0.0 and forwards it to next hop.?

Though you have answer already it was matched to 172.172.0.0/16 as its range is 172.172.0.1 to 172.172.255.254 and your IP 172.172.16.16 is within the range.

I hope this example will help for the question in first post,

router# show ip route

172.30.0.0/16 is variably subnetted, 2 subnets, 2 masks

172.30.32.0/20 via 10.1.1.2 ( range 172.30.32.0-172.30.47.255)

172.30.32.0/24 via 10.1.1.1 (range 172.30.32.0- 172.30.32.255 )

S* 0.0.0.0/0 [1/0] via 10.1.1.3

A packet destined to 172.30.32.1 is forwarded to 10.1.1.1, since this is the longest prefix match.

A packet destined to 172.30.33.1 is forwarded to 10.1.1.2, since this is the longest prefix match.

A packet destined to 192.168.10.1 is forwarded to 10.1.1.3; since this network doesn't exist in the routing table, this packet is forwarded to the default route.

A packet destined to 172.30.254.1 is dropped as this address was not in range of because its destination,172.30.254.1, is within a known major network, 172.30.0.0/16, but the router doesn't know about this particular subnet within that major network

One more piece of info

"If the supernet or default route is learned via IS-IS or OSPF, the no ip classless configuration command is ignored. In this case, packet switching behavior works as though ip classless were configured."