IP Routing Configuration

Assigning a unique IP address to every device in the network is necessary but not sufficient to enable them to communicate with one another. Devices in an IP network must also know the path or the route to other devices within the same autonomous network or within the Internet to send data packets between one another. Rather than every device in a network having a complete list of all other devices and where they reside on that network, the router acts as a sort of traffic director, performing two functions for the IP network.

First, the router receives packets from a station, determines the optimal path to the destination, and then places the packet on the next LAN or WAN segment that leads to that destination. This process may be repeated several times as a data packet moves from one router to the next in a complex intranetwork or in the Internet itself. This process is described as routing or switching packets. Second, a router must learn where other IP network and subnetworks are, both within the same autonomous network and outside that network ”such as within the Internet. To determine where other networks are, routers employ the use of a routing table, which is created by routing algorithms or routing protocols.

Routing protocols can be either static or dynamic in nature. In static protocols, a network administrator manually configures the routing table with the network path information. Static protocols are not robust because they are incapable of reacting to changes in the network and must be reconfigured manually for every change. Dynamic routing protocols rely on the routers themselves to advertise information about the different networks and subnetworks to which they are attached. The numerous different dynamic routing protocols are examined in the section "Configuring IP Routing Protocols," later in this chapter.

Before delving into dynamic routing protocols, however, we examine several more general aspects of IP routing configuration and static routing configuration.

Configuring IP Routing Commands

To enable IP routing, the IOS global configuration command ip routing is used. By default, the IOS software is configured for IP routing on devices such as standalone routers. However, if the IP routing has been disabled on such a device, you must re-enable it before switching packets and enabling routing protocols. Some Cisco-integrated router devices do not have IP routing enabled by default. Again, you must use the ip routing command to perform the packet switching and routing protocol processes on these devices. In this example, IP routing is enabled on the ZIP router Seoul-1:

 Seoul-1#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. Seoul-1(config)#  ip routing  Seoul-1(config)#  ^Z  

After IP routing is enabled, the routing table used for switching packets can be built. By default, when an IP address is configured on an interface and that interface is placed in an operational state, the network address for that interface is placed in the routing table. All operational interfaces connected to the router are placed in the routing table. Therefore, if only one router is in your network, it has information about all the different networks or subnets, and there is no need to configure static or dynamic routing. Only when two or more routers exist in the network are static or dynamic routing table entries needed.

To view the IP routing table, use the IOS EXEC command show ip route . When entered with no parameters, the entire routing table is displayed. The following is an example of the routing table on the ZIP Seoul-1 router with only the connected interfaces operational and no additional routing table entries configured or learned:

 Seoul-1#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is not set 131.108.0.0/16 is variably subnetted, 4 subnets, 2 masks C       131.108.3.0/25 is directly connected, Ethernet0 C       131.108.242.0/30 is directly connected, Serial0.16 C       131.108.242.4/30 is directly connected, Serial0.17 C       131.108.241.0/30 is directly connected, Serial1 

The show ip route command provides an immense amount of data to the network administrator. It is the key tool used to determine what path a packet follows through the network. The first section of output is the legend for the first column of the table itself. It tells us where a route was derived from. In this example, a C tells us that the route is from a directly connected operational interface. The gateway of last resort is the network address of the router to which packets destined for outside this network should be sent when there is no specific routing information on how to reach the destination. In this example, the router has not learned a gateway of last resort because no static routes have been configured and no dynamic routing protocols are running.

The last section of output is the routing table itself. From the notation variably subnetted in this example, we can see that the ZIP Class B network 131.108.0.0 has been configured with multiple network masks. The output also shows that this router has learned four subnet routes and that those four subnet routes have only two different network masks associated with them. Each of the network numbers associated with the IP addresses that were entered on the respective interfaces is listed, along with the bit-count network mask and the associated interface name . It is important to note that the network and subnetwork addresses, not the IP addresses of the individual devices, are listed in the routing table. The network address may represent the route to as few as two hosts (as with a network that has a /30 network mask) or to as many 65536 hosts (as with a network that has a /16 network mask), or to even greater numbers of hosts, depending on the network mask.

The show ip route command also has optional parameters that can be used to request only certain types of routes. For example, if the routing table is fully populated with connected, static, and dynamically learned routes, the IOS EXEC command show ip route connected can be used to show only those routes learned from operational directly connected interfaces. Likewise, the show ip route static command displays only those routes derived from manually configured network path commands. By entering a specific network address as a parameter to the command, only information regarding that specific route is displayed. The following is an example of entering a specific route parameter via the show ip route 131.108.3.0 command on the ZIP Seoul-1 router:

 Seoul-1#  show ip route 131.108.3.0  Routing entry for 131.108.3.0/25   Known via "connected", distance 0, metric 0 (connected) Routing Descriptor Blocks:   * directly connected, via Ethernet0       Route metric is 0, traffic share count is 1 

We explore more optional parameters of the show ip route command and explain the meaning of the route metric in the section "Configuring IP Routing Protocols," later in this chapter.

Configuring Static Routing

As noted previously, both static and dynamic routing information can be used to build up the routing table and, therefore, the network path information. Historically, static routes were the first available way for network administrators to build network path tables for routers and some end devices. Static routes do have drawbacks, such as the inability to adapt when a data circuit goes down or when the network topology changes. However, many situations still exist in which the static route is needed and desired. The following are a few examples in which static routes are appropriate:

• A data circuit is particularly unreliable and constantly flaps. In these circumstances, a dynamic routing protocol may inject too much instability, whereas a static route does not change.

• A network is reachable over a dialup connection. Such a network is not capable of providing the constant updates required by a dynamic routing protocol.

• A single connection exists to a single ISP. Rather than learning all the global Internet routes, a single static default route is used. The same is true of a corporate remote office with a single connection back to the corporate intranet.

• A customer or other attached network does not want to exchange dynamic routing information. A static route can be used to provide reachability information for that network.

Configuring static routes is performed by the IOS global configuration command ip route . The command takes several parameters, including the network address and the associated network mask, as well as information on where the router should send packets destined for that network. The destination information can take one of several forms:

• A specific IP address of the next router in the path

• The network address of another route in the routing table to which packets should be forwarded

• A directly connected interface where the destination network resides

The first option is fairly straightforward, and it is the predominant way in which static routes are entered. The following is an example of entering a static route on the ZIP SF- Core -1 router. This route directs packets destined to the network address 131.108.230.0/24 over the serial connection to the San-Jose router, which has an address of 131.108.240.2:

 SF-Core-1#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. SF-Core-1(config)#  ip route 131.108.230.0 255.255.255.0 131.108.240.2  SF-Core-1(config)#  ^Z  

The second option, specifying another network route as the destination, is useful when there are multiple paths for reaching the desired network address. One benefit is the load sharing of traffic across multiple equal-cost paths. Another benefit is that a failure of one of the paths results in traffic being rerouted onto one of the alternative paths. The following is an example on the ZIP SF-Core-1 router. Packets destined to the network address 131.108.231.0/24 are directed to follow the route to the San Jose network 131.108.100.0/24:

 SF-Core-1#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. SF-Core-1(config)#  ip route 131.108.231.0 255.255.255.0 131.108.100.0  SF-Core-1(config)#  ^Z  

Note that for packets to reach the 131.108.231.0/24 network, a route to the 131.108.100.0/24 network must be in the routing table. Packets for 131.108.231.0/24 are forwarded out the same interface from which packets destined to 131.108.100.0/24 are forwarded.

The last option for specifying a destination ”a directly connected interface ”is perhaps the least used of the various options. By specifying a directly connected interface as the destination for a route, the network administrator is in effect saying that devices addressed with IP addresses from that network reside on the specified interface. The result is that packets destined to IP addresses for that network must have their IP addresses resolved to the data link layer address for that particular interface type (and the route will appear directly connected in the routing table). In the case of Ethernet, an IP address would have to resolve to a MAC address. In the case of Frame Relay, there would have to be a static Frame Relay map or Inverse ARP mapping that provided DLCI information to IP address mapping. In the case of ISDN, there would have to be a dialer map that maps the IP address to a system name and a phone number.

The following is an example of specifying a directly connected interface as the destination in the ip route command. In this example, the network address 131.108.232.0/24 is configured to be reachable directly on the Fast Ethernet interface of the ZIP SF-Core-1 router:

 SF-Core-1#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. SF-Core-1(config)#  ip route 131.108.232.0 255.255.255.0 fastethernet 0/0  SF-Core-1(config)#  ^Z  

Let's verify the routing table on the SF-Core-1 router with the directly connected interfaces and the new static route entries:

 SF-Core-1#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is not set 131.108.0.0/16 is variably subnetted, 5 subnets, 3 masks C       131.108.20.0/22 is directly connected, FastEthernet0/0 C       131.108.240.0/30 is directly connected, Serial1/0 S       131.108.230.0/24 [1/0] via 131.108.240.2 S       131.108.231.0/24 [1/0] via 131.108.100.0 S       131.108.232.0/24 [1/0] is directly connected, FastEthernet0/0 

As packets traverse the router and the destination networks are looked up in the routing table, the router's default behavior matches the most specific network address/network mask pair within the network class for the destination IP address. For example, if a packet is destined to IP address 131.108.21.6 and there is a route to network 131.108.20.0/22, the packet is forwarded out the interface for this route. If for the same destination there are routes to 131.108.20.0/22 and 131.108.21.0/24, the packet is forwarded out the interface for the route to 131.108.21.0/24 because it is a more specific route (with a longer network mask) than the 131.108.20.0/22 route. In the case of the ZIP network, the least-specific route is 131.108.0.0/16; the most-specific routes are the network addresses that are /30.

Configuring for Classless Routing

The ZIP network was assigned a Class B network, as specified by the legacy classful addressing system. However, if it had been assigned a CIDR block of addresses, additional commands would be required to allow the router to match routes in the routing table that are beyond the classful boundaries. Assume that a network was assigned the CIDR block 206.220.224.0/22 (which is composed of the Class C addresses 206.220.224.0/24 through 206.220.227.0/24) and was subnetted and allocated on a router's interface as follows:

• Ethernet 0 is assigned address 206.220.224.0/24.

• Ethernet 1 is assigned address 206.220.225.0/24.

• Ethernet 2 is assigned address 206.220.226.0/23.

The router operates in classful mode by default. Packets destined to 206.220.224.5 are properly routed to Ethernet 0 because the network address is a Class C address and matches the destination IP address. The same is true of Ethernet 1 and a packet destined to 206.220.225.9. However, a packet that is destined to 206.220.226.8 or 206.220.227.12 does not match the route 206.220.226.0/23 for Ethernet 2, and those destination addresses are unreachable. This occurs because the network address of Ethernet 2 is a CIDR block of two Class C addresses. For the router to operate in a classless manner and match destination IP addresses to this CIDR network address, the IOS global configuration command ip classless must first be configured. The following is an example of configuring the ip classless command on the ZIP SF-Core-1 router:

 SF-Core-1#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. SF-Core-1(config)#  ip classless  SF-Core-1(config)#  ^Z  

Configuring Summary and Default Routes

In many situations, it is undesirable to carry the entire routing table for an intranet or for the Internet. These situations include a small office with a single connection to the corporate intranet, a router that is configured with insufficient memory, or a single connection to a single ISP. In these situations, end users want to reach certain destination addresses that are not specifically found in the routing table. Under normal circumstances, these packets would be discarded as unreachable destinations. However, through the use of summary routes and default network routes, a router can still have reachability information. A summary route and a default route both provide alternative path information when no route specifically matches a destination IP address.

A summary route provides default reachability information within a given address space. The summary route, which normally follows classful network boundaries, is typically used to provide default reachability information about subnets that are not specifically found in the routing table but that exist within the intranet. In the ZIP network, for example, the route 131.108.0.0/16 would be considered a summary route. If a router in the ZIP network encounters a packet destined to 131.108.99.5 but does not find a specific route ”such as 131.108.99.0/24 ”it usually discards the packet. If in this situation there were a summary route 131.108.0.0/16 in the routing table, the packet would be forwarded out the interface toward the next-hop destination for the summary route.

The summary route usually points to another subnet route within the intranet, but it can also point to a specific next-hop IP address. In either case, the goal of the summary route is to direct packets toward other routers within the intranet that have more complete routing information. The summary route can be configured using the IOS global configuration commands ip default-network or ip route .

When using the ip default-network command, a nonconnected subnet that exists within the intranet is supplied as a parameter to the command. When the ip route command is used, the summary route, the network mask, and the nonconnected subnet are supplied as parameters. The following are examples of both commands as configured on the ZIP Singapore router. In these examples, the summary route is 131.108.0.0/16, and the nonconnected subnet used for default reachability is 131.108.20.0, which is found on the SF-Core-1 and SF-Core-2 routers:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. Singapore(config)#  ip default-network 131.108.20.0  Singapore(config)#  ^Z  Singapore#configure Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. Singapore(config)#  ip route 131.108.0.0 255.255.0.0 131.108.20.0  Singapore(config)#  ^Z  

After it is configured, the summary route appears in the routing table as a less-specific network route with a bit-count mask smaller than the other network and subnetwork routes in the table. In the following show ip route example from the ZIP Singapore router, 131.108.0.0/16 is the summary route that was configured in the previous example. Note that the summary route destination of 131.108.20.0 is learned from the ZIP Seoul-1 router:

 Singapore#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is not set 131.108.0.0/16 is variably subnetted, 4 subnets, 4 masks C       131.108.1.0/25 is directly connected, Ethernet0 C       131.108.242.4/30 is directly connected, Serial0.100 D       131.108.20.0/22 [1/0] via 131.108.242.5, 20:10:45, Serial0.100 S       131.108.0.0/16 [1/0] via 131.108.20.0 

When an IP station is communicating with another company, university, or other entity ”either through private network connections or via the Internet ”it sends packets that need to reach stations residing in an IP address space other than its own. For example, if a station in the ZIP network is communicating with the popular web site www.yahoo.com, packets originating from the ZIP network address space of 131.108.0.0/16 are destined for Yahoo!'s network address space of 216.32.74.55/22. To forward packets properly, the ZIP network routers need either a route to 216.32.74.55/22 or a less-specific CIDR route giving them the general direction of the Yahoo! network.

As explained earlier, it is unlikely that every router in the ZIP network or even the ZIP Internet connection router has this route in its routing tables. Unless the ZIP network has multiple ISPs or is exchanging dynamic routing information with its sole ISP, the ZIP network routers probably rely on a default network route to provide reachability information for the Yahoo! site, as well as for other sites on the Internet (or potentially within their own intranet).

The basic concept of the default route is that when a router does not have specific routing information for a destination, it will use the default path to a specified network where there are routers with more complete information. Although the default route is similar to the summary route, it is used to direct packets to IP destinations that are outside both the autonomous intranet and the classful address boundaries for a given entity. In the case of the Internet, a company's ISP or the ISP's upstream provider is likely exchanging dynamic routing information with other ISPs about the location and reachability of all networks on the Internet. Using an IP network address in the ISP's network as a default route, a company's Internet connection router forwards packets to unknown destinations toward the ISP and ultimately to routers with more complete routing tables and pictures of the Internet.

We will now discuss some of the many methods for configuring a default network using the IOS software:

• Configuring a default network using a dynamic learned external route

• Configuring a default network using a statically configured external route

• Configuring a default network using the reserved address 0.0.0.0

The primary difference between methods of configuring a default network is whether any dynamic routing information is learned from an external source, such as an ISP. When routes to external network addresses are learned from an external source, simply denote one of these external addresses as the default network by using the IOS global configuration command ip default-network . The parameter to this command is a route that has the following characteristics: It exists in the routing table, it is not connected to the router being configured, and it falls outside the classful address space configured on any of the router's interfaces. The following is an example of configuring the ip default-network command on the ZIP SF-Core-1 router to the network 140.222.0.0, which is being learned from the ZIP network's ISP:

 SF-Core-1#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. SF-Core-1(config)#  ip default-network 140.222.0.0  SF-Core-1(config)#  ^Z  

After it is configured, the router shows that it has accepted this network as a default and that the route is reachable by signifying it as the gateway of last resort in the output of show ip route . The router places an asterisk next to the route to denote that the route is a candidate for the default network because multiple defaults may be configured. The following is an example of the gateway of last resort set on the ZIP SF-Core-1 router:

 SF-Core-1#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is 192.72.2.1 to network 140.222.0.0 131.108.0.0/16 is variably subnetted, 5 subnets, 3 masks C       131.108.20.0/22 is directly connected, FastEthernet0/0 C       131.108.240.0/30 is directly connected, Serial1/0 S       131.108.230.0/24 [1/0] via 131.108.240.2 S       131.108.231.0/24 [1/0] via 131.108.100.0 S       131.108.232.0/24 [1/0] is directly connected,         FastEthernet0/0 C       192.7.2.2/30 is directly connected, Serial1/1 B*      140.222.0.0/16 [20/19] via 192.7.2.1, 3d08h 

When dynamic routing is not exchanged with your external provider, it is possible to use a static route to point to the external network address that is used as a default. The following is the previous example again, but this time a static route is used to provide reachability information about the default network address through the ISP connection:

 SF-Core-1#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. SF-Core-1(config)#  ip route 140.222.0.0 255.255.0.0 192.7.2.1  SF-Core-1(config)#  ip default-network 140.222.0.0  SF-Core-1(config)#^Z 

As in the previous example, verifying the output of show ip route indicates that the router has installed the default network, but note that the route to 140.222.0.0 now shows S as the origin because it was configured manually:

 SF-Core-1#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is 192.72.2.1 to network 140.222.0.0 131.108.0.0/16 is variably subnetted, 5 subnets, 3 masks C       131.108.20.0/22 is directly connected, FastEthernet0/0 C       131.108.240.0/30 is directly connected, Serial1/0 S       131.108.230.0/24 [1/0] via 131.108.240.2 S       131.108.231.0/24 [1/0] via 131.108.100.0 S       131.108.232.0/24 [1/0] is directly connected, FastEthernet0/0 C       192.7.2.2/30 is directly connected, Serial1/1 S*      140.222.0.0/16 [20/19] via 192.7.2.1 

The last configuration method for the default network should be familiar to those who have worked within the UNIX (or its derivatives) operating system environment or with the Routing Information Protocol (RIP). This method involves installing a static route to a special network address ”namely, 0.0.0.0. This address is considered reserved. Within the UNIX and RIP environments, it denotes the route to all unknown IP destinations.

Within the IOS software on the router, the 0.0.0.0 network address is the least-specific network address possible. With its implied mask of 0.0.0.0 or 0 bits, this route matches any IP destination outside of a classful address. When the ip classless command is configured, the route matches any unknown IP destination address both inside and outside a classful address space. The following is an example of using the ip route command to configure the ZIP SF-Core-1 router with a default network of 0.0.0.0/0 and with the ISP connection as the next-hop IP address:

 SF-Core-1#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line.  End with CNTL/Z. SF-Core-1(config)#  ip route 0.0.0.0 0.0.0.0 192.7.2.1  SF-Core-1(config)#  ^Z  

The output of show ip route indicates that the router has installed the default network route to 0.0.0.0/0. As with the previous method, the route 0.0.0.0 shows an S as the origin because it was configured manually:

 SF-Core-1#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR        Gateway of last resort is 192.72.2.1 to network 0.0.0.0        131.108.0.0/16 is variably subnetted, 5 subnets, 3 masks        C       131.108.20.0/22 is directly connected, FastEthernet0/0        C       131.108.240.0/30 is directly connected, Serial1/0        S       131.108.230.0/24 [1/0] via 131.108.240.2        S       131.108.231.0/24 [1/0] via 131.108.100.0        S       131.108.232.0/24 [1/0] is directly connected, FastEthernet0/0        C       192.7.2.2/30 is directly connected, Serial1/1        S*      0.0.0.0 [1/0] via 192.7.2.1 

When configuring a default network route for your network, follow these important guidelines:

• When dynamic routing information is not exchanged with an outside entity such as an ISP, using a static route to 0.0.0.0/0 is usually the easiest way to generate a default route.

• When dynamic routing information is exchanged with one or more ISPs, using the ip default-network command is the most appropriate way to designate one or more possible default network routes.

• When there are one or more Internet connections via an ISP, the Internet connection router(s) should propagate the default network throughout the intranet via a dynamic routing protocol.

• It is acceptable to configure multiple routers in the intranet with the ip default-network command to denote a dynamically learned route as the default. It is inappropriate to configure more than one router in the intranet with a default route to 0.0.0.0/0 if that router does not provide an Internet connection via an ISP. Doing so can cause routers without connectivity to unknown destinations to draw packets toward themselves, resulting in unreachability. The exception is those routers that do not exchange dynamic routing information or that have only occasional connections to the intranet over such media as dialup ISDN or Frame Relay SVCs.

• Routers that do not exchange dynamic routing information or that reside on dialup connections, such as ISDN or Frame Relay SVCs, should be configured with a route to the default network or to 0.0.0.0/0, as noted previously.

• When an intranet is not connected to any outside networks, such as the Internet, the default network configuration should be placed on a router or routers that reside at the core of the network and that have the complete network routing topology for the given intranet.

Verifying IP Routing Configuration

As we saw earlier in this chapter, the primary command for verifying IP routing configuration is the IOS EXEC command show ip route . In this section, we explore several other commands that aid in verifying and managing IP route table configuration.

The show ip route command is the tool used to view the state of the IP routing table. Whether there are static routes configured or dynamic routing protocols running, this command shows whether the routes that have been configured or that are expected to be learned are actually present on the router. The following is an excerpt from the output of the show ip route command on the ZIP SF-Core-1 router:

 SF-Core-1#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default        U - per-user static route, o - ODR Gateway of last resort is 192.72.2.1 to network 0.0.0.0 131.108.0.0/16 is variably subnetted, 8 subnets, 3 masks C      131.108.20.0/22 is directly connected, FastEthernet0/0 C      131.108.240.0/30 is directly connected, Serial1/0 S      131.108.230.0/24 [1/0] via 131.108.240.2 S      131.108.231.0/24 [1/0] via 131.108.100.0 S      131.108.232.0/24 [1/0] is directly connected, FastEthernet0/0 C      192.7.2.0/30 is directly connected, Serial1/1 D      131.108.240.4/30 [90/307200] via 131.108.20.4, 1d00h, FastEthernet0/0 D      131.108.241.0/30 [90/3182080] via 131.108.240.2, 1d00h, Serial1/0 D      131.108.100.0/24 [90/3182080] via 131.108.240.2, 1d00h, Serial1/0 S      131.108.0.0/16 is directly connected, Null0 S*     0.0.0.0 [1/0] via 192.7.2.1 

This output provides the following information:

• A list of all of the network routes and masks currently in the routing table.

• The next-hop IP address and output interface for those routes (or just the output interface, in the case of directly connected routes).

• If the route is dynamically learned, the length of time (in seconds) the route has been in the table or the length of time since the last update, depending on the particular routing protocol.

• The administrative distance and routing protocol metric for all but directly connected routes. The administrative distance is the number on the left of the slash that is inside the brackets and that follows the network route and bit-count mask. The routing protocol metric is the number to the right of the slash that is inside the brackets.

The administrative distance is a numeric value that represents the trustworthiness of the routing update source. Each type of route and routing protocol is assigned a particular administrative distance. The lower the value, the more trusted the source. Table 4-2 shows the current IOS software administrative distances. The routing protocol metric is a number used to rank routes by preference when more than one route to the same destination exists. The metric is often a composite number reflecting multiple route characteristics, such as path length and path cost. Each dynamic routing protocol has a different algorithm for determining the metric number.

Table 4-2. Default Administrative Distances

Another tool that gives a quick glimpse into the state of the routing table is the IOS EXEC command show ip masks . Given a network address as a parameter, this command lists the masks that have been applied to a particular network address and the number of routes that have each of those masks. This command is often useful in identifying addressing errors and static route configuration errors by highlighting missing or unexpected network masks that appear in the routing table. The following is an example of the show ip masks 131.108.0.0 command on the ZIP SF-Core-1 router, which shows six different networks for the 131.108.0.0 network:

 SF-Core-1#  show ip masks 131.108.0.0  Mask                     Reference count  255.255.255.255          9  255.255.255.252          5  255.255.255.128          3  255.255.255.0            4  255.255.252.0            1  255.255.0.0              1 SF-Core-1# 

Most dynamic routing protocols automatically send refreshes of routing information held by routers. These refreshes include updates to add or remove routes from the routing table and information to keep routes currently in the table fresh. However, occasionally you might want to clear a particular routing table entry or the entire table itself manually. For example, you might want to clear a dynamic route that has been marked as no longer valid but that has not yet aged out of the routing table naturally. Alternatively, you might want to refresh a particular route or the entire routing table for debugging purposes. You can use the IOS EXEC command clear ip route to clear either one particular route or the entire routing table. The command takes either an asterisk, which causes the entire routing table to be cleared, or a network address and mask pair, which clears only that particular route.

Use caution when deciding whether to clear the entire routing table. Refreshing all its information can take a few seconds to a few minutes. During this interval, lack of connectivity can occur for packets through the router and to the router via a virtual terminal session. Furthermore, clearing the entire table can cause excessive CPU utilization, depending on the particular dynamic routing protocol in use and the size of the routing table itself. The following is an example of clearing the entire routing table on the ZIP SF-Core-1 router:

 SF-Core-1#  clear ip route *  SF-Core-1# 

The following is an example of clearing the route 131.108.3.0/25 from the ZIP SF-Core-1 router:

 SF-Core-1#  clear ip route 131.108.3.0 255.255.255.128  SF-Core-1#