Routers (or virtual route forwarders when using vrf) have a single table that it bases forwarding decisions from, most commonly referred to as the route table. There are many potential sources a router uses to insert entries into the route table. Many times when more than one of these sources are actively present, they contain routes to the same destination. Before going into detail on how a router determines which source to use for any given route table insertion, let’s talk about the potential sources for routes:
- Obviously, routing protocol table entries can be sourced from various routing protocols.
- Connected Interfaces
- Static entries contained in the router’s configuration
So let’s say we have a host route of 10.2.101.1/32 on the network which has been learned by multiple routing protocols running on a single router. How does the router decide which source to use for adding the destination into the route table? The decision is made using something called an Administrative distance. Basically, the administrative distance (AD) is a trust value assigned to each potential source. Cisco has pre-assigned these trust values in the router’s operating system. These trust values can be manipulated, but typically are left to the default, since the modification is locally significant to each router. Listed below are the administrative distances for each source:
Source Administrative Distance Connected Interface 0 Static Route 1 EIGRP Summary Route 5 External BGP 20 Internal EIGRP 90 IGRP 100 OSPF 110 IS-IS 115 RIP 120 Exterior Gateway Protocol 140 On-Demand Routing 160 External EIGRP 170 Internal BGP 200 Unknown 255
As you can see, not only does each routing source have unique trust values, but also different types inside the same source have unique trust values. For example, there are three different trust values assigned to various EIGRP table entries:
- EIGRP Summary Routes are the most trusted (AD of 5)
- EIGRP Internal Routes are the second most trusted (AD of 90)
- EIGRP External Routes are the least trusted of the three types (AD of 170)
So let’s say our router was running an OSPF process and an EIGRP Process. The OSPF routing process has an established neighbor that knows about the destination 10.2.101.1/32. Our same router has an established EIGRP neighbor who also knows how to reach the 10.2.101.1/32 host. We can view the routing process database containing these entries with the following commands:
show ip eigrp topology
R1#sh ip eigrp topology IP-EIGRP Topology Table for AS(10)/ID(10.1.101.1) Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - reply Status, s - sia Status P 10.2.101.1/32, 0 successors, FD is Inaccessible via 10.1.101.2 (2174976/2172416), FastEthernet1/0 P 192.168.1.4/30, 1 successors, FD is 2172416 via 10.1.101.2 (2172416/2169856), FastEthernet1/0 P 10.1.101.0/24, 1 successors, FD is 28160 via Connected, FastEthernet1/0
show ip ospf database
R1#sh ip ospf databaseOSPF Router with ID (10.1.101.1) (Process ID 10) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link coun 10.1.101.1 10.1.101.1 1477 0x80000003 0x0003E7 2 192.168.1.1 192.168.1.1 1501 0x80000003 0x00A4D1 1 Net Link States (Area 0) Link ID ADV Router Age Seq# Checksu 10.1.100.2 192.168.1.1 1501 0x80000002 0x00DDA1 Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksu 192.168.1.0 192.168.1.1 1501 0x80000002 0x002207 Summary ASB Link States (Area 0) Link ID ADV Router Age Seq# Checksu 192.168.1.6 192.168.1.1 1501 0x80000002 0x00E935 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Ta 10.2.101.1 192.168.1.6 1191 0x80000003 0x00CF9B 0
Even though the destination host route (10.2.101.1) shows up in the previous route process databases, that is not where the router sources it’s information from when it comes time to forward a packet to the destination. When a new entry appears in any given route source (in this example, it’s the OSPF and EIGRP tables) – the router analyses the entry and decides whether or not to add it to the only source of truth: the route table. The route table is displayed with the following command:
show ip route
R1#sh ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks O E2 10.2.101.1/32 [110/100] via 10.1.100.2, 00:54:19, FastEthernet0/0 C 10.1.101.0/24 is directly connected, FastEthernet1/0 C 10.1.100.0/24 is directly connected, FastEthernet0/0 192.168.1.0/30 is subnetted, 2 subnets O IA 192.168.1.0 [110/65] via 10.1.100.2, 01:00:52, FastEthernet0/0 D 192.168.1.4 [90/2172416] via 10.1.101.2, 01:05:55, FastEthernet1/0
Notice above that when displaying the route table, each entry has listed which source the route was learned from. Having this information displayed for each route is very useful when diagnosing routing problems.
Let’s focus on the previously mentioned host route 10.2.101.1. This route shows up in both the EIGRP table and the OSPF database. However, in the route table we see the route was installed from the OSPF database. The table above shows EIRGP as a more trusted source for routes, so why did the router believe OSPF over EIGRP? Let’s remove the ‘redistribute static’ under the OSPF process running on R5, this will remove the 10.2.101.1 entry from the OSPF database. Now, let’s look at the route table on R1 again:
R1#sh ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 3 subnets, 2 mask D EX 10.2.101.1/32 [170/2174976] via 10.1.101.2, 00:00:08, FastEthernet1/0 C 10.1.101.0/24 is directly connected, FastEthernet1/0 C 10.1.100.0/24 is directly connected, FastEthernet0/0 192.168.1.0/30 is subnetted, 2 subnets O IA 192.168.1.0 [110/65] via 10.1.100.2, 01:13:45, FastEthernet0/0 D 192.168.1.4 [90/2172416] via 10.1.101.2, 01:18:48, FastEthernet1/0
It’s easy to understand why OSPF is more trusted now that only the EIRGP process knows about the 10.2.101.1/32 route. Look at the routing table, notice now the route has been installed using EIRGP as the source. Look at the letters out to the left of the route, what do they mean? D = EIGRP EX = EIGRP External
Question: What Administrative distance is assigned to EIGRP External routes? The answer: 170 instead of 90 which is only for internal EIGRP routes. Why is this route marked as an External EIGRP route? Because it was redistributed from another source (static routing table) on R4. So, when OSPF knows about this same route, it’s installed into the route table using OSPF because the AD of OSPF is 110 vs. 170 for external EIGRP routes.