Routers (or virtual route forwarders when using vrf) have a single table that it bases forwarding decisions from, most commonly referred to as the route table. There are many potential sources a router uses to insert entries into the route table. Many times when more than one of these sources are actively present, they contain routes to the same destination. Before going into detail on how a router determines which source to use for any given route table insertion, let’s talk about the potential sources for routes:

• Obviously, routing protocol table entries can be sourced from various routing protocols.
• Connected Interfaces
• Static entries contained in the router’s configuration

So let’s say we have a host route of 10.2.101.1/32 on the network which has been learned by multiple routing protocols running on a single router. How does the router decide which source to use for adding the destination into the route table? The decision is made using something called an Administrative distance. Basically, the administrative distance (AD) is a trust value assigned to each potential source. Cisco has pre-assigned these trust values in the router’s operating system. These trust values can be manipulated, but typically are left to the default, since the modification is locally significant to each router. Listed below are the administrative distances for each source:

Source                      Administrative Distance
Connected Interface         0
Static Route                1
EIGRP Summary Route         5
External BGP                20
Internal EIGRP              90
IGRP                        100
OSPF                        110
IS-IS                       115
RIP                         120
Exterior Gateway Protocol   140
On-Demand Routing           160
External EIGRP              170
Internal BGP                200
Unknown                     255

As you can see, not only does each routing source have unique trust values, but also different types inside the same source have unique trust values. For example, there are three different trust values assigned to various EIGRP table entries:

• EIGRP Summary Routes are the most trusted (AD of 5)
• EIGRP Internal Routes are the second most trusted (AD of 90)
• EIGRP External Routes are the least trusted of the three types (AD of 170)

So let’s say our router was running an OSPF process and an EIGRP Process. The OSPF routing process has an established neighbor that knows about the destination 10.2.101.1/32. Our same router has an established EIGRP neighbor who also knows how to reach the 10.2.101.1/32 host. We can view the routing process database containing these entries with the following commands:

show ip eigrp topology

R1#sh ip eigrp topology
IP-EIGRP Topology Table for AS(10)/ID(10.1.101.1)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status

P 10.2.101.1/32, 0 successors, FD is Inaccessible
via 10.1.101.2 (2174976/2172416), FastEthernet1/0
P 192.168.1.4/30, 1 successors, FD is 2172416
via 10.1.101.2 (2172416/2169856), FastEthernet1/0
P 10.1.101.0/24, 1 successors, FD is 28160
via Connected, FastEthernet1/0

show ip ospf database

R1#sh ip ospf databaseOSPF Router with ID (10.1.101.1) (Process ID 10)

Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link coun
10.1.101.1      10.1.101.1      1477        0x80000003 0x0003E7 2
192.168.1.1     192.168.1.1     1501        0x80000003 0x00A4D1 1

Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksu
10.1.100.2      192.168.1.1     1501        0x80000002 0x00DDA1

Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksu
192.168.1.0     192.168.1.1     1501        0x80000002 0x002207

Summary ASB Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksu
192.168.1.6     192.168.1.1     1501        0x80000002 0x00E935

Type-5 AS External Link States

Link ID         ADV Router      Age         Seq#       Checksum Ta
10.2.101.1      192.168.1.6     1191        0x80000003 0x00CF9B 0

Even though the destination host route (10.2.101.1) shows up in the previous route process databases, that is not where the router sources it’s information from when it comes time to forward a packet to the destination. When a new entry appears in any given route source (in this example, it’s the OSPF and EIGRP tables) – the router analyses the entry and decides whether or not to add it to the only source of truth: the route table. The route table is displayed with the following command:

show ip route

R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O E2    10.2.101.1/32 [110/100] via 10.1.100.2, 00:54:19, FastEthernet0/0
C       10.1.101.0/24 is directly connected, FastEthernet1/0
C       10.1.100.0/24 is directly connected, FastEthernet0/0
192.168.1.0/30 is subnetted, 2 subnets
O IA    192.168.1.0 [110/65] via 10.1.100.2, 01:00:52, FastEthernet0/0
D       192.168.1.4 [90/2172416] via 10.1.101.2, 01:05:55, FastEthernet1/0

Notice above that when displaying the route table, each entry has listed which source the route was learned from. Having this information displayed for each route is very useful when diagnosing routing problems.

Let’s focus on the previously mentioned host route 10.2.101.1. This route shows up in both the EIGRP table and the OSPF database. However, in the route table we see the route was installed from the OSPF database. The table above shows EIRGP as a more trusted source for routes, so why did the router believe OSPF over EIGRP? Let’s remove the ‘redistribute static’ under the OSPF process running on R5, this will remove the 10.2.101.1 entry from the OSPF database. Now, let’s look at the route table on R1 again:

R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 mask
D EX    10.2.101.1/32 [170/2174976] via 10.1.101.2, 00:00:08, FastEthernet1/0
C       10.1.101.0/24 is directly connected, FastEthernet1/0
C       10.1.100.0/24 is directly connected, FastEthernet0/0
192.168.1.0/30 is subnetted, 2 subnets
O IA    192.168.1.0 [110/65] via 10.1.100.2, 01:13:45, FastEthernet0/0
D       192.168.1.4 [90/2172416] via 10.1.101.2, 01:18:48, FastEthernet1/0

It’s easy to understand why OSPF is more trusted now that only the EIRGP process knows about the 10.2.101.1/32 route. Look at the routing table, notice now the route has been installed using EIRGP as the source. Look at the letters out to the left of the route, what do they mean? D = EIGRP EX = EIGRP External

Question: What Administrative distance is assigned to EIGRP External routes? The answer: 170 instead of 90 which is only for internal EIGRP routes. Why is this route marked as an External EIGRP route? Because it was redistributed from another source (static routing table) on R4. So, when OSPF knows about this same route, it’s installed into the route table using OSPF because the AD of OSPF is 110 vs. 170 for external EIGRP routes.