IP Routing is the centre of every network engineer’s career. For many entry level engineers, network issues can be broadly grouped into routing and non-routing issues. If you already have a job as a network administrator, chances are that many accusing fingers have been pointed at you for something you have no clue about! Well, that’s about to change. In these series of posts, we will examine the basics of IP routing that is needed both for the real world and the CCNA examination.

CCNA Training – Resources (Intense)

Before we proceed, let’s review some basic information that you must remember:

  • A router segments broadcast domains. In order words, every interface on a router is a different network. Another way to say this is: to connect two or more networks together, you need a router.
  • Hosts with the same network address (and subnet mask) are usually on the same network. Please review the IPv4 subnetting post for more information.

When a router receives a packet, it has to make a decision on how to forward that packet. This decision is made using the information in its routing table. IP Routing happens at the network layer of the OSI model. By default, routing decisions are made by examining the DESTINATION IP ADDRESS of a packet.

In order to understand routing, we need to understand two basic concepts:

  1. How the router gets information about routes in the routing table;
  2. How the router makes a decision on where to forward a packet based on the information.

Let’s examine a sample network between the Branch and the Headquarters of an organization.

From the network topology above, users in the Headquarters office can reach themselves because they are on the same broadcast domain but they cannot reach the users in the Branch network. Similarly, users in the Branch network can reach themselves but they cannot reach the Headquarters.

In order to ensure end to end reachability, IP routing has to be set up on the HQ router and the Branch router.

Assuming the HQ router is powered on and its interfaces are correctly configured and up (not shutdown), the initial routing table, without any additional configuration, would look like this:

(Important: The ‘show ip route’ command is used to view the routing table of the router.)

Without any routing configuration, the routing table has 2 routes in it. The real truth is that two things have happened:

  1. Routing is automatically enabled on a Cisco Router. To disable routing, just issue the “no ip routing” command from global configuration mode.
  2. As long as a router has interfaces that are up, it automatically learns the routes about the networks that are connected to its interfaces. These kinds of routes are called CONNECTED routes.

Let’s take a closer look at the first route in the routing table:

C above shows the origin of the route. The meaning of the letters can be seen at the beginning of the routing table. In this case, C means connected. This shows that the route is learned automatically from a directly connected interface.

The is the network address of the connected network.

‘Is directly connected’ means that the router does not need a gateway to reach the network. This makes sense since the router is connected to the network via one of its interfaces. If the route is about a network that is not directly connected to an interface on the router, the router would need a gateway address to forward the packet.

FastEthernet0/0 shows that any packets destined for the network should be sent out of that interface.

Now that we understand the route means, what happens when the router receives a packet destined for

  1. Based on the destination address, it checks the routing table and sees that it is directly connected via interface FastEthernet0/0.
  2. It sends the packet out that interface to the destination IP address.

So what happens when Host A needs to reach the Branch router address (

Host A cannot ping the remote router even though the HQ router is directly connected to it. This is because ICMP traffic is bi-directional. Although the pings are sent from Host A to its default gateway and forwarded to the destination (BR1 Router), the router does not have a return path for Host A network.

Using a simple debug, we can confirm that the problem is indeed from BR1.

So BR1 receives the packet from the HQ router, but cannot reach route to the network, so it cannot respond to the ping.

Important note: Most network traffic is bi-directional. Even if there is nothing wrong with the routing in the forward path, an error in the routing for the return path can still break down the communication.

Caution: Be CAREFUL with debugs on a live network! If heavy traffic is sent across the router, debugs can overload the console and the CPU. Debugs are very useful in lab environments but can be extremely dangerous in production. Do NOT try this at work!

In order to fix this issue, let us take a look at BR1’s routing table:

BR1 has two directly connected routes: one for the network between BR1 and HQ and the other for the Branch’s network. There is nothing about the HQ’s network.

As a network administrator, you can manually insert a route to tell BR1 about the HQ network. The simple syntax for that command is: ip route <network-address> <subnet mast> <next-hop- address or exit-inteface>. The command should be entered at global configuration mode.

In this case, the network address is, the subnet mask is and the next-hop is the address of the router that BR1 should send packets to, which is HQ’s f0/0 IP address (

So we configure BR1 as follows:

If we try to ping BR1 from Host A again:


Now, let’s take a look at BR1’s routing table:

The new route is installed as an S route (meaning it is a static route). The network is and it is reachable via the next-hop

The “[1/0]” means that the administrative distance of the route is 1 while its metric is zero.

The administrative distance [AD] is a number between 0 and 255, which shows the reliability of the route. If the AD of a route is low, it means the route is sourced from a trusted source and so, the route should be preferred. The lower the AD, the more preferred the route is.

If a router learns about the same network (same network address and mask) through two different sources, then it picks the source with the lower administrative distance. The default administrative distances on Cisco routers are shown below:

Source of Route Administrative Distance
Directly Connected Route (C) 0
Static Routes (S) 1
External BGP routes (B) 20
Internal EIGRP routes (D) 90
OSPF (O) 110
External EIGRP Routes (D EX) 170
Null Routes 255 – Never used

The metric of the route indicates the distance between the router and the destination network. This is very important in the case of routing protocols, where routes are learnt automatically from various sources and the router has to decide the best one. (We will discuss dynamic routing in a different post).

Now let’s conclude the routing for our network.

In order for Host A to reach Host B, the HQ router must learn about the remote Branch network ( Just like we in BR1, the configuration on HQ would be:

As seen in the output above, when the ‘ip route’ command is issued, a static route is installed in the routing table. The route for network has an administrative distance of 1 and a next hop address of

To test reachability from Host A to Host B, ping from Host A:


Summary and Default routes

In the example that we examined so far, we only had to install one route in the routing table of each router. In some large networks, there are so many networks that each router needs to learn about that it might become too complex for a network administrator to manually insert routes for each network. Besides, it is a nightmare to troubleshoot network issues when the routing table is too long.

In order to keep things simple and clean, you can summarize networks when configuring static routes on the router. For instance, the command ‘ip route’ means that for all destination addresses that begin with 192.168, the IP packets should be sent to This summary aggregates 256 class C routes into one static ‘ip route’ statement,

So what happens if we have a summary route and a more specific route in the routing table? Regardless of the administrative distances of the routes, the more specific route is ALWAYS preferred.

For instance, if we have:

Here, HQ has a route for the entire range pointing to and a more specific address pointing to If a packet arrives destined for, HQ would send the packet to as seen in the output below:

The next-hop is shown as

Important tip: The “show ip route a.b.c.d” command shows you how the router would treat packets destined for that particular IP address (a.b.c.d) based on information in its routing table.

A static default route is a summary route that includes all possible addresses. Since more specific routes are preferred, a default route is only used when more specific routes are not available; this is why it is called a gateway of last resort.

Okay, so now you understand connected and static routes. In the next post, we will discuss dynamic routing using RIP and EIGRP routing protocols. Feel free to drop questions and thoughts in the comments section!