Routing Protocols

Submitted by rayc on Mon, 11/15/2021 - 14:37

This article brings us to the Layer 3 part of the Network world and routing in general. In order for a packet to be sent from its source to its destination, our network devices, either a Router or a MLS, need to know how to get there. And to do that, Routers need to know which next-hop device the packet should be forwarded to and in which direction (Interface) that next-hop device is. There are several ways for routers to learn this information. They can learn it from Directly connected interfaces, Static routes manually configured by a network engineer, or via dynamic routing protocols. 

There are quite a few different dynamic routing protocols out there that are commonly used in modern networks.

  • RIP v1/2 (I wouldn't say that this should be used in modern networks)
  • OSPFv2
  • IS-IS
  • RIPng - IPv6 version of RIP.
  • EIGRPv6 
  • OSPFv3 - IPv6 version of OSPFv2
  • BGP
  • MP-BGP - allows BGP to carry not just IPv4 traffic but other protocol traffic as well.


So as you can see there are quite a number of choices when it comes to routing protocols. I'll discuss some of the benefits and pitfalls of them in future articles.  Each routing protocol receives routing information from neighbouring routers and makes decisions based on the information they receive, as to which routes are added to the Route Information Base (RIB). Routes are added to the routing table based on Administrative Distance and route metrics. Each route type has both a metric value and an Administrative Distance value. The Administrative Distance is a way for a router to determine how "trustworthy" a route is. The default AD for routing protocols are as follows:

Routing Protocol Default Administrative Distance
Connected 0
Static 1
EIGRP Summary 5
eBGP 20
EIGRP Internal 90
OSPF 110
IS-IS 115
RIP 120
EIGRP External 170
iBGP 200


The lower the AD of a route type, the more trustworthy it is considered to be. The Metric of a route will vary depending on the routing protocol in use. For example, RIP uses hop-count where each hop (router) that the route passes through, the hop count is increased by 1 to a maximum of 16. If a RIP route has a hop count of 16 or more it is considered unreachable. OSPF uses interface bandwidth to determine the best route, and BGP uses path attributes. 

So when a router is making a routing decision, it will look at it's RIB to find the next hop address. The RIB is built from the routing information obtained from connected interfaces, static routing configuration and dynamic routing protocols. In order for a route to be added to the RIB, it must be the best path to take to that network.

When a router is making a decision on the best path to take, it will assess the following attributes from the RIB:

  • Prefix length: This refers to the number of binary bits in the subnet mask that are on. 
  • AD: The trustworthiness of the route
  • Metric: The best path to the route


Once it has determined which route in the RIB to take, the packet is forwarded to that next hop router. 

example output of show ip route

Distance Vector Routing Protocols

A Distance Vector (DV) routing protocol uses two attributes to determine a route path:

  • Distance: How far away the network is
  • Vector: Which interface is used to reach the network


RIP is an example of a DV routing protocol. RIP uses the metric of hop count in order to determine the best path to a host which may not always be the best path. For example, looking at the below topology.

RIP example topology

If you look at this network from R1's point of view trying to reach the loopback network on R3, with RIP, R1 would take the direct path via the serial 6/2 interface which has a bandwidth of 64Kbps as this is a single hop, as opposed to the 2 hops via R2 which has Gigabit Ethernet the whole way through and would be much faster. RIP is quite an old protocol and is prone to these kinds of issues. It would be okay to use in a small network with all links using the same bandwidth and no more than 16 hops away. 

Enhanced Distance Vector Routing Protocol

While EIGRP (Enhanced Interior Gateway Routing Protocol) is still technically a distance vector routing protocol, it is referred to as an enhanced distance vector routing protocol due to how the metric values are calculated and the information stored. There was also a protocol called IGRP but that has been long since outdated and gone. While EIGRP doesn't use hop count, it does take the metric values from each router in the path and combine them in order to get the total metric (Distance) from the network being advertised. EIGRP has the following benefits over DV routing protocols:

  • Rapid convergence
  • Only sends updates when there are network topology changes
  • Uses hello messages to establish neighbour relationships.
  • Uses K Values that represent Bandwidth, Delay, Reliability, Load, and MTU as the metric calculation
  • Is capable of load balancing across equal and unequal cost paths.


By default, EIGRP only takes into consideration interface bandwidth, and interface delay into the path metric calculation but can be configured to use the other k variables as well. Taking a look at the below topology, each Gigabit interface has a delay of 10us (microseconds) and bandwidth of 1Gbps, while each Serial interface has a delay of 20000us and a bandwidth of 1.5Mbps. Using EIGRP metrics, R1, in order to reach R7's network, would take the path through R2, R3, R6 then R7 as this is the path with the lowest metric value when looking at bandwidth and delay. The actual formula is more complex than that but for this article we'll leave it at that.

EIGRP routing metric topology

Link State Routing Protocols

Link State routing protocols like OSPF, and IS-IS, advertise link state information and metric values to all devices within the network. The idea is that all routers in the network, have a complete synchronised copy of all link state information from all devices so that the best path selection choice can be made. Once link state routers have a copy of all link state information, Dijkstra's algorithm is run to find the best paths to each network. To send out this link state information, OSPF routers send out Link State Advertisements (LSAs) and IS-IS sends out Link State Packets. These LSA/LSP's, are flooded throughout the network to each router. There is a lot more to these LSA/LSPs, but for now just know that they send these packets to advertise their link state information.

Path Vector routing protocols

A path vector routing protocol like BGP, well BGP is basically the only path vector routing protocol in use today, uses various path attributes in order to select the best path to a network. These path attributes include but are not limited to

  • Local preference
  • Weight
  • AS path
  • Origin code
  • MED


There are more but that's just to list a few. An AS refers to an Autonomous System which is a network under a single administration. In BGP this refers to a value between 1 and 65535 however some of those are private AS numbers and cannot be used on the internet. When a route is advertised from a good BGP router some of these path attributes are added to the route and sent, this includes the BGP AS path. This acts as a loop prevention mechanism. If a BGP router receives a route that from its own AS path, it will automatically reject it.

Static Routes

Well these are pretty easy to grasp. These are routes that a network engineer has manually configured on a router. These routes are. Preferred over all other routing types except for connected interfaces. There are a few types of static routes

  • Directly attached
  • Recursive
  • Fully specified
  • Floating static
  • Static null route


A directly attached static route is a route that uses the next hop as an interface. This can be done on serial point to point links as there is only a single next hop and ARP requests are not sent. In a broadcast network type like Ethernet, if you use the interface ass the next hop then every time a packet needs to be sent the router will first send an ARP request. This can cause performance issues and unnecessary traffic to be flooded throughout the network. To configure a directly connected static route use the global configuration command ip route <network> <mask> <interface>

A recursive static route is a route that specifies a next hop IP address. When the router receives a packet, it will look at the header for the destination address. The router will then look at the FIB/RIB and find the next hop address for the best match for the destination prefix. Once it has found the next hop IP, the router will do another lookup to find the best path to the next hop. This is a recursive lookup. Note that the router will not match a recursive route using a default route. To configure a recursive static route use the global configuration command ip route <network> <mask> <next-hop-ip>

A fully specified static route is when you configure not only the next hop ip but also the interface as well. Using a fully specified route reduces the need for a recursive lookup which reduces router overhead. To configure a fully specified static route use the global configuration command ip route <network> <mask> <next-hop-ip> <interface>

A floating static route is a static route that has been configured with a higher AD than the route that is already in the RIB. I'm this way, if the route that is in the RIB fails and is removed, the floating route is then added to the RIB. Remember the preferences a router uses to select the best path? Lowest AD is one of them. For example if we have an EIGRP route in the RIB to, the AD with be 90. Now if we configure a floating static route to the same prefix using the global configuration command ip route ip route <network> <mask> <next-hop-ip/int> <AD> so in this example it would be, <next-hop-ip> 150. This creates a static route to the network with an AD of 150. Now if the EIGRP neighbour advertising the prefix looses the path to the route, our router will remove thst route from the RIB, and provided there's no other route to the same network with a lower AD than 150, the router will use the static route.

A static null route is a route thst is configured to the null0 next hop. In other words rhe traffic is dropped. This can be used as an alternative to an ACL to drop traffic or simply to aleviate unnecessary broadcasts throughout your network. For example, looking at the below topology, we are advertising the supernet to our provider yet internally, we only have 2 more specific prefixes in use, and Our provider however doesn't know this information so if it receives a packet for, it will use the route in its RIB, and forward the packet to us. Because we have no specific route for it we then forward back to our default gateway, the provider resulting in a routing loop. As you can see this would generate unnecessary traffic and consume router resources. This is where the null0 route comes in. To configure a static null route use the global configuration command ip route <network> <mask> null0. Not that if you do configure this and someone runs a trace route to an ip in that range you will receive an icmp unreachable reply. 

example topology for static null0 route

Lastly I'll mention IPv6 static routes. The same rules apply as with IPv4 static routes however IPv6 has some caveats regarding using the link local address as the next hop. When you use the link local address as the next hop, you must also configure the interface.

To configure an IPv6 static route use the command ipv6 route <network/prefix-length> <next-hop-interface | next-hop-interface <next-hop-ip>>.

Virtual Routing and Forwarding (VRF)

A VRF is a way for a router to essentially break itself into groups. Think of VLANs for routing. A VRF logically separates a routers routing table so that within each VRF, the routing tables are completely separate to the point where you can even have overlapping IP ranges. 

VRF IP Range
Company ABC
Company ABC
Company XYZ
Company XYZ


When you configure a VRF, you must tell a routers interface or subinterface, that it is a member of that VRF. This isolates that interface from the routers global routing table. The Global routing table is like the normal routing table that all routers have and is used for all control plane traffic and any interfaces not assigned to a VRF. When you configure a VRF, you must first give it a name using the global configuration command vrf definitition <name>, and then configure if the VRF will be for IPv4, IPv6, or both IPv4 and IPv6 traffic. To do this, use the vrf configuration subcommand address-family <ipv4|ipv6>. Once the VRF is configured, you then need to configure an interface to be a member of the VRF using the interface configuration subcommand vrf forwarding <name> where <name> refers to the name configured in the vrf command.

example vrf configuration

To view the route table of the VRF-A, use the show command show ip route <vrf>. Note in this example, there are no routes currently configured for the VRF and the G2/0 interface is not up. 

example sh ip route vrf

To configure a static route for the VRF use the global configuration command ip route vrf <name> <network> <mask> <next-hop-ip>.

Configuring a static route in VRF-A