You are here

Route Selection Criteria

I’ve been conducting interviews over the past 6 years and I’ve done probably hundreds of technical phone screening, on-site whiteboard sessions. I always make sure I ask questions on topics that are typically considered as core network fundamentals and I do that for two reasons. If the role is for a senior network engineer/architect, I want to confirm that the basics are not overlooked when I give the candidate a design or troubleshooting scenario. If the role is for a more of a junior level network engineer, I want to make sure that the candidate has a solid understanding of the fundamental network concepts. I’m a firm believer that solid understanding of the network fundamentals is key for any network engineer who should’ve learned this in the first 2-3 years of their career. It’s really amazing to see how people miss the mark on basic questions and start overthinking and overcomplicating the solutions.

In recent years, I’ve noticed that more and more candidates are unable to answer this “basic” question: How would a router choose the best route to a destination if more than one possible route exist?

99% of people would give the same answer: Administrative Distance. Well, this answer is 100% incorrect.

If you are in the job market and scheduled for a technical interview, please do yourself a favor and review this post. And even better, lab the scenario below yourself and don’t even take my words for it. Trust me, even though the job description of the role you applied for has all kinds of shiny technologies and products, from SD-WAN to Palo Alto firewalls to ACI to Cloud, network fundamentals will always be the focus of any interview. You can always learn the bells and whistles of any new technology or vendor. But if you’ve been working as a Network Engineer for a while, you are expected and absolutely required to be an expert in network core topics.

Let’s start with this topology below:

R1 is connected to R2 through R9. The links between R1 and every router have this network 192.Rx.Rx.0/24 where Rx is the router number that R1 is connected to. For example, R1’s e0/1 has this IP 192.6.6.1 and R6’s e0/0 is configured with 192.6.6.6. Same logic applies for all routers in this topology. R2 through R9 have Loopback 10 configured as 10.0.0.1 with different masks per the diagram and advertised back to R1 using static or dynamic routing, per the diagram. The configuration of this topology is really straightforward. If you need the full configuration, just comment below and I will provide that. 

How does R1 view the topology for 10.0.0.0?

R1#sh ip route 10.0.0.0
Routing entry for 10.0.0.0/8, 5 known subnets
  Variably subnetted with 6 masks
S        10.0.0.0/8 [1/0] via 192.2.2.2
B        10.0.0.0/9 [20/0] via 192.8.8.8, 02:56:52
D        10.0.0.0/13 [90/409600] via 192.7.7.7, 02:55:27, Ethernet1/1
                     [90/409600] via 192.6.6.6, 02:55:27, Ethernet1/0
O        10.0.0.0/16 [110/11] via 192.4.4.4, 02:56:52, Ethernet0/2
R 10.0.0.0/24 [120/1] via 192.3.3.3, 00:00:05, Ethernet0/1
B 10.0.0.1/32 [200/0] via 192.9.9.9, 02:56:52

If the router considers the Administrator Distance first to 10.0.0.1, it should use the static route to send the traffic to R2. Okay, let’s confirm if this is correct. But how would we do that? Best way to test this is either by traceroute to 10.0.0.1 or check the FIB content. Let’s review both:

R1#traceroute 10.0.0.1 numeric
Type escape sequence to abort.
Tracing the route to 10.0.0.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.9.9.9 1 msec * 1 msec
R1#
R1#sh ip cef 10.0.0.1
10.0.0.1/32
next nexthop 192.9.9.9 Ethernet1/3

It is clear from the output above that R1 did not choose R2 to route to 10.0.0.1 and instead chose R9. But how is this possible given that the route being learned from R9 has the worst/highest AD here?

The answer is simple, the router will always consider the longest match (most specific route) first and regardless of the AD. This is where people get wrong most of the time. The AD will only be considered and looked at second if two routes have the same lengths. 

Let’s confirm the statement above, I’m going to shutdown all interfaces on R1, except for e0/0 and e0/1 and will replace the static route on R1 with

ip route 10.0.0.0 255.255.255.0 192.2.2.2

Let’s see how now R1 routes to 10.0.0.0:

R1#sh ip route 10.0.0.0
Routing entry for 10.0.0.0/24, 1 known subnets
S        10.0.0.0 [1/0] via 192.2.2.2
#sh ip rip database
10.0.0.0/8    auto-summary
10.0.0.0/24
    [1] via 192.3.3.3, 00:00:12, Ethernet0/1
192.3.3.0/24    auto-summary
192.3.3.0/24    directly connected, Ethernet0/1

As shown above, R1 received 10.0.0.0/24 from RIPv2 (R3), but it also has a static route for the same prefix 10.0.0.0/24 pointing to R1, since the administrative distance of the static route is (1) lower than RIP’s (120), the router installed the static route as the best route. Does that mean if we remove the static route, the router will automatically install the route it learned from R3? It should, but let’s verify:

R1#sh ip route 10.0.0.0
Routing entry for 10.0.0.0/24, 1 known subnets
S 10.0.0.0 [1/0] via 192.2.2.2
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#no ip route 10.0.0.0 255.255.255.0 192.2.2.2
R1(config)#do sh ip route 10.0.0.0
Routing entry for 10.0.0.0/24, 1 known subnets
Redistributing via rip
R 10.0.0.0 [120/1] via 192.3.3.3, 00:00:16, Ethernet0/1
R1(config)#

Now that we have confirmed that, I’m going to restore the initial configuration and unshut all R1 interfaces.

So what have we learned and confirmed so far?

  1. The router will always consider the length of the route first (the most specific route ALWAYS wins).
  2. If there is a tie, the router will consider the Administrative Distance next to break the tie.
  3. If there is a tie, the router will consider the metric of the route is the final tie breaker.
  4. If there is a tie, the router will install and use those routes. In case of OSPF, it utilizes another step to break the tie as discussed below.

Looking at the EIGRP routes coming from R6 and R7, if we change the delay on R6 and make it less preferred, would R1 remove it from the routing table and utilize R7? Let’s find out:

R1(config)#do sh ip rou 10.0.0.0
Routing entry for 10.0.0.0/8, 6 known subnets
Variably subnetted with 6 masks
Redistributing via rip
S 10.0.0.0/8 [1/0] via 192.2.2.2
B 10.0.0.0/9 [20/0] via 192.8.8.8, 00:24:34
D 10.0.0.0/13 [90/409600] via 192.7.7.7, 00:24:34, Ethernet1/1
[90/409600] via 192.6.6.6, 00:24:34, Ethernet1/0
O 10.0.0.0/16 [110/11] via 192.5.5.5, 00:00:01, Ethernet0/3
R 10.0.0.0/24 [120/1] via 192.3.3.3, 00:00:14, Ethernet0/1
B 10.0.0.1/32 [200/0] via 192.9.9.9, 00:24:34
R1(config)#int e1/0
R1(config-if)#delay 500
R1(config-if)#do sh ip route 10.0.0.0
Routing entry for 10.0.0.0/8, 6 known subnets
Variably subnetted with 6 masks
Redistributing via rip
S 10.0.0.0/8 [1/0] via 192.2.2.2
B 10.0.0.0/9 [20/0] via 192.8.8.8, 00:31:16
D 10.0.0.0/13 [90/409600] via 192.7.7.7, 00:00:07, Ethernet1/1
O 10.0.0.0/16 [110/11] via 192.5.5.5, 00:06:43, Ethernet0/3
R 10.0.0.0/24 [120/1] via 192.3.3.3, 00:00:23, Ethernet0/1
B 10.0.0.1/32 [200/0] via 192.9.9.9, 00:31:16

In OSPF, there is yet another possible tiebreaker. If you look at the first “show ip route” I used in the beginning of this post, you might have noticed that R5 is missing from the routing table. Is OSPF neighbor relationship established with both R4 and R5?

R1#sh ip ospf ne

Neighbor ID     Pri   State           Dead Time   Address         Interface
10.0.0.1          1   FULL/DR         00:00:38    192.5.5.5       Ethernet0/3
192.4.4.4         1   FULL/DR         00:00:38    192.4.4.4       Ethernet0/2

Okay, so OSPF is established with both R4 and R5. Let’s shut down R1’s e0/2 interface and check the routing table again:

R1(config)#int e0/2
R1(config-if)#sh
*Sep 4 09:28:42.228: %OSPF-5-ADJCHG: Process 4, Nbr 192.4.4.4 on Ethernet0/2 from FULL to DOWN, Neighbor Down: Interface down or detached
*Sep 4 09:28:44.227: %LINK-5-CHANGED: Interface Ethernet0/2, changed state to administratively down
*Sep 4 09:28:45.235: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/2, changed state to down
R1(config-if)#do sh ip route 10.0.0.0
Routing entry for 10.0.0.0/8, 6 known subnets
Variably subnetted with 6 masks
Redistributing via rip
S      10.0.0.0/8 [1/0] via 192.2.2.2
B      10.0.0.0/9 [20/0] via 192.8.8.8, 00:10:17
D      10.0.0.0/13 [90/409600] via 192.7.7.7, 00:10:17, Ethernet1/1
                   [90/409600] via 192.6.6.6, 00:10:17, Ethernet1/0
O      10.0.0.0/16 [110/11] via 192.5.5.5, 00:00:05, Ethernet0/3
R      10.0.0.0/24 [120/1] via 192.3.3.3, 00:00:17, Ethernet0/1
B      10.0.0.1/32 [200/0] via 192.9.9.9, 00:10:17

As shown above. OSPF shows a special behavior. If there are 2 routes with the same lengths but being learned from two different OSPF (local) processes, the router will prefer the route learned from the lowest process. What happens if we remove OSPF 5 and replace that with OSPF 4? Results below:

R1#sh ip route 10.0.0.0
Routing entry for 10.0.0.0/8, 6 known subnets
Variably subnetted with 6 masks
Redistributing via rip
S 10.0.0.0/8 [1/0] via 192.2.2.2
B 10.0.0.0/9 [20/0] via 192.8.8.8, 00:02:06
D 10.0.0.0/13 [90/409600] via 192.7.7.7, 00:02:06, Ethernet1/1
[90/409600] via 192.6.6.6, 00:02:06, Ethernet1/0
O 10.0.0.0/16 [110/11] via 192.5.5.5, 00:01:09, Ethernet0/3
[110/11] via 192.4.4.4, 00:02:06, Ethernet0/2
R 10.0.0.0/24 [120/1] via 192.3.3.3, 00:00:27, Ethernet0/1
B 10.0.0.1/32 [200/0] via 192.9.9.9, 00:02:06

Looking at the routing table again, what is the orders of next hop routes that R1 will use to route to 10.0.0.1?

R1#sh ip rou 10.0.0.0
Routing entry for 10.0.0.0/8, 6 known subnets
Variably subnetted with 6 masks
Redistributing via rip
S 10.0.0.0/8 [1/0] via 192.2.2.2
B 10.0.0.0/9 [20/0] via 192.8.8.8, 00:00:23
D 10.0.0.0/13 [90/409600] via 192.7.7.7, 00:00:36, Ethernet1/1
[90/409600] via 192.6.6.6, 00:00:36, Ethernet1/0
O 10.0.0.0/16 [110/11] via 192.4.4.4, 00:00:54, Ethernet0/2
R 10.0.0.0/24 [120/1] via 192.3.3.3, 00:00:14, Ethernet0/1
B 10.0.0.1/32 [200/0] via 192.9.9.9, 00:00:28

R1 will route through R9. If R9 goes down, R1 will route through R3. If R3 goes down, R1 will route through R4. If R4 goes down, R1 will route through R5 (Don’t forget about that OSPF case). If R5 goes down, R1 will route load balance between R6 and R7 and will route through one of them if the other goes down. R1 will then route through R8 and finally and after all other routers are down, it will route through R2 using the static route – contrary to the popular (and incorrect) belief.

 

Leave a Reply

Top