WHITE PAPER

The CISCO IP Routing Process

including POLICY Routing

by
Alexander Marhold
CCIE #3324, CCSI #20642, CCNP, CCDP
 route-map map-tag [permit | deny] [sequence-number] FOR POLICY ROUTING
match ip address {access-list-number | name} [...access-list-number | name]
The CISCO Routing Process
match length min max including POLICY Routing

Policy Routing
on incoming interface
set ip next-hop ip-address [...ip-address] DATA Packets
set interface type number [...type number]
selected by: Output Access-list
Input Access-list
NAT / PAT Queueing
NAT ip policy route-map map-tag Accounting

DATA no match
or deny or Recursive Lookup
set default interface type number [... type number] OUTGOING to same protocol
set ip default next-hop ip-address [...ip-address]

distribute-list {access-list-number | name} out [interface-name]

passive-interface type number
offset-list {access-list-number | name} out
INCOMING from REMOTE Routing Table offset [type number]

S ... Static
C ... Connected
offset-list {access-list-number | name} in offset [type number] x .... dynamic routing
Route-TAGs
distance weight [address mask [access-list-number | name]] Route-TAGs
distribute-list {access-list-number | name} in [type number] OUTGOING coming from other protocol
passive-interface type number (only for Link State and EIGRP)
ip access-group {access-list-number | name} in
( for selected protocol)
distribute-list {access-list-number | name} out
Metric [routing-process |autonomous-system-number]

Incoming Outgoing
ROUTE Information Routes
Route Processing Route Processing

Administrative Distance Metric

INCOMING from LOCAL OUTGOING to another protocol
0 Connected
1 Static Route redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [metric
5 EIGRP Summary metric-value] [metric-type type-value] [match {internal | external 1 |
20 External BGP external 2}] [tag tag-value] [route-map map-tag] [weight weight] [subnets]
ip route prefix mask {address |
90 Internal EIGRP default-information redistribution:
interface} [distance] [tag tag]
100 IGRP default-information originate [always] [metric metric-value] [metric-type type-
[permanent]
110 OSPF value] {level-1 | level-1-2 | level-2} [route-map map-name] (RIP/OSPF)
and from connected interfaces
115 IS-IS default-information {in | out} {access-list-number | name} (IGRP/EIGRP)
120 RIP
170 External EIGRP route-map map-tag [permit | deny] [sequence-number] FOR ROUTE REDISTRIBUTION
200 Internal BGP match interface type number [...type number]
255 <don´t use> match ip route-source {access-list-number | name}[...access-list-number | name] set automatic-tag
match metric metric-value set level {level-1 | level-2 | level-1-2 | stub-area | backbone}
match route-type {local | internal | external [type-1 | type-2] | level-1 | level-2} set local-preference
match tag tag-value [...tag-value] set metric metric-value
match ip address {access-list-number | name} [...access-list-number | name] set metric-type {internal | external | type-1 | type-2}
match ip next-hop {access-list-number | name}[...access-list-number | name] set origin {igp | egp autonomous-system | incomplete}
set tag tag-value
set next-hop next-hop

 1999, PRO IN Consulting GmbH Page 2 of 18

of
! Disclaimer !
This White Paper was done with utmost
care and thorough reviewing but is
presented "AS IS" with possible errors and
misinterpretations.
However none of the pictures and
statements can be used as reference
regarding the behavior of the mentioned
devices. This paper was done independent
of Cisco and can never be used as
commitment of any party. The author and
PRO IN declares that they will not be held
liable or responsible for any action a reader
of this White Paper will take following the
information given here.
All trademarks belong to their owners.
Author:
Alexander Marhold
Senior Consultant and Trainer
PRO IN Consulting GmbH
Vienna / Austria
mailto:alexander.marhold@proin.com
Copyright Notice:
1999-2001
PRO IN Training GmbH
Comercial Use (Sale, Training, CBT,…)
partly or in whole is strictly prohibited
 1999, PRO IN Consulting GmbH
of
The "Cisco Routing Process"
is a set of mechanisms which forward IP data
packets and which populates the IP routing table
by using different sources like
 routing updates from neighbors
 connected interfaces
 static routes
The mechanism also sends out routing updates
eventually converting them between different
routing protocols.
Additionally "IP Policy Routing" allows
to overcome the traditional destination
based routing.
For commanding this mechanisms a vast range
of commands and modifiers are defined in the
Cisco IOS.
The following mechanism and behaviors
are described in detail in this white
paper:
the general packet forwarding
process
policy routing
routing updates and general
behavior of routing protocols
the INCOMING routing process and
its corresponding commands
the OUTGOING routing process and
its corresponding commands
The "processes" in this paper are models
for explaining the mechanisms, and are
not the real implemented IOS processes.
This paper describes the above mentioned
mechanism without focussing on particular
routing protocols.
Also regarding ROUTE-MAPS this paper focuses
on IGP ( Interior Gateway Protocols) and does
not treat the additional MATCH- and SET-clauses
which are available for BGP.
This paper is not based on a specific version of
IOS.
Topics NOT covered are:
 details of different routing protocols
 snapshot routing, ODR,…
 BGP
 route authentication
 the Link State (LS) mechanism
 QOS, COS, TOS routing
 tunneling
This White Paper assumes, that the reader
already has a good knowledge about IP and IP
Routing Protocols.
The structure of the paper has the picture and
its details always on even pages and the
description to each picture on the page that
follows. Thus when printed doublesided will
allow to see the picture and the explanations
without turning the pages.
The author likes to get feedback,
suggestions and also corrections, so please
feel free to contact him via E-mail.
Page 3 of 18
 The CISCO Routing Process
including POLICY Routing

Routing Updates
Other Network
Information sources

Routing Table RIP

S .. Static
C .. Connecte d
x .. dynamic routin g
RIP

Static Routes

OSPF
Eth ernet

Connected Interfaces

 1999, PRO IN Consulting GmbH Page 4 of 18

of
Routing in General
Covers general topics in Routing and Routing
Updates.
Routers have 2 primary tasks:
Path Finding ( done via Routing
Protocols )
Packet Forwarding ( Layer 3 IP function )
Path Finding is done by exchanging Routing
information between adjacent routers.
- In DISTANCE VECTOR routing protocols a
router forwards the networks of his routing table
( or changes of it) to its neighbors, observing
mechanisms of SPLIT-HORIZON. Depending on
the protocol the network information is sent with
(subnet-)mask-information or without. In RIP
Version 1 und IGRP no masks are transmitted,
thus preventing the freedom of using
discontigous subnets and/or VLSM (Variable
Length Subnet Masking).
- In LINK STATE routing protocols the
routers exchange informations regarding the
connected networks, the external routes
(interarea, static, from external routing
protocols), the connections to neighbor routers,
by forwarding LSPs (Link State Packets). These
LSPs are forwarded hop-by-hop to every other
router within an area. When receiving these LSPs
a router can calculate the best paths to
advertised networks.
 1999, PRO IN Consulting GmbH
of
How does a router knows of its neighbor ?
Again there is a difference between the routing
Protocols.
- DISTANCE VECTOR protocols send out their
routing updates as broadcast (RIP V1, IGRP) or
as multicasts (RIP V2) and by getting routing
updates the router learns the source of these
updates.
- LINK STATE protocols and EIGRP establish a
neighborship to adjacent routers by sending
HELLO-packets and control these links by
resending these HELLOs every short period.
When an ADJACENCY is found and eventually
verified the routers begin exchanging their
routing information.
!!! CAVEAT !!!
LINK STATE protocols and EIGRP only uses and
establishes ADJACENCIES using the PRIMARY
IP Address of an interface. If they do not match
the connection to the neighbor router will not be
established.
LINK STATE protocols also verify certain
parameters before allowing the connection to an
ADJACENCY:
 same IP-subnet
 equal network type
 same value of timers
the command:
SHOW IP <prot> neighbor
shows the adjacencies and their status.
Dependent on the routing protocol there are also
various DEBUG commands which show in detail
the adjacency building process.
How to prevent routing updates or
establishing neighborship on an interface ?
Generally this is done using the router command
PASSIVE-INTERFACE <interface-name>
For DISTANCE VECTOR protocols this
command ONLY prevents the sending out of
routing updates on a particular interface.
However it does not prevent from getting routing
updates over that interface.
!!!HINT!!!
In order to prevent getting routing updates for
Distance Vector protocols use the router
command:
DISTANCE 255 <netw-addr>
<wildcardmask> [ access-list ]
With this command al routing updates sent out
by devices on the specified net will not be
considered for entry in the routing table.
For LINK STATE protocols and EIGRP
passive-interface prevents the establishment of
adjacencies and thus the sending of any LINK
STATE Packets.
However this does not prevent the router from
announcing this network as connected interface
in its routing updates over other interfaces.
OSPF treats that connected network of a
passive-interface as STUB-NETWORK.
Also IS-IS and Integrated IS-IS have some
specialities regarding the OSI or IP informations
on such passive interfaces.
Page 5 of 18
 The CISCO Routing Process
including POLICY Routing

DATA Packets
Output Access-list
Input Access-list
NAT / PAT Queueing
NAT
Accounting

DATA
Recursive Lookup

Routing Table
S ... Static
C ... Connected
x .... dynamic routing

 1999, PRO IN Consulting GmbH Page 6 of 18

of
The Packet Forwarding
Process
Packets are forwarded downstream a path
from the sender to the receiver.
Route information (information about the
reachability of a network) is forwarded
UPSTREAM from router to router.
This is important to consider when using
blocking of routing information in order to
prevent access to certain networks.
The packet forwarding is done by an
independent decision of each router on the path,
using the destination address of the packet and
the Routing Table as basis for finding a next-hop.
The router will consult the routing table (or a
special forwarding table, based on the content of
the routing table), comparing the destination
address with the network information in the
routing table and will use the most specific
network information for a decision about the
outgoing path.
The lookup process can be recursive, that
means, that more than one lookup may be
needed in order to find the real next-hop-address
for forwarding the packet.
If such a next-hop or an outgoing interface is
found the router will forward the packet on the
specified connected interface.
If no route is found and also no default-route is
available or appropriate, the router will delete
the packet and inform the sender via ICMP about
this happening.
 1999, PRO IN Consulting GmbH
of
What is CLASSFUL and CLASSLESS routing
CLASSFUL and CLASSLESS are behaviors for
using the default route when information about a
specific subnet is not in the routing table, but
other subnets of that mayor network are found
in the routing table.
Example:
# show ip route (edited output)
… Gateway of last resort - This is the term that
network 172.16.0.0/16 is subnetted
2 subnets, 2 masks
R 172.16.12.0/24 [120/2] 192.168.1.1 eth0
R 172.16.16.0/20 [120/4] 10.0.0.1 ser0
… be learned from a route provided by another
*S 0.0.0.0/0 [0/0] 11.1.1.1 ser1
The router now receives a packet on eth1 with
the destination address 172.16.10.234
This address belonging to a specific subnet of
172.16.0.0/16 is NOT in the routing table.
- With IP CLASSLESS the router will take
the default route and forward the packet
out on Serial 1. This is done independent of
any other subnet information for that
mayor network 172.16.0.0/16.
- When CLASSFUL routing with the
command:
NO IP CLASSLESS is selected,
the router would delete the packet and
inform the sender via ICMP that he cannot
forward the packet as the specified subnet
of the mayor network 172.16.0.0/16 is not
in his table.
What is "Gateway of last Resort",
default-network, ip route 0.0.0.0 0.0.0.0 ?
IP Default-Network xxx.xxx.xxx.xxx - This
is the command that will cause a router to treat
xxx.xxx.xxx.xxx as a gateway of last resort. A
router can have multiple ip default-networks
entered.
is applied to a routing entry in the Cisco routing
table that the router will use to forward packets
to when it lacks a more specific route. This can
router that is tagged as a default by the
advertising router. The ip default-network
command is one way of having a router tag a
route as a gateway of last resort.
IP Default-Gateway - This command is used
in routers when IP routing disabled in order to
give them an address to forward packets that are
not in their address space. Routers in boot mode
are a good example of this situation.
IP ROUTE 0.0.0.0 0.0.0.0 establishes a default
route (catch-all) if no specific route is found
!!! CAVEAT !!!
The 0.0.0.0 route has special meaning for RIP. It is
automatically installed as the local gateway of last resort. No
ip default-network 0.0.0.0 is required. RIP automatically
advertises the route to 0.0.0.0 even if redistribute static and
a default metric are not configured.
For other routing protocols the router command:
DEFAULT-INFORMATION … allows specific control of
forwarding or receiving default routes
Page 7 of 18
 route-map map-tag [permit | deny] [sequence-number] FOR POLICY ROUTING
match ip address {access-list-number | name} [...access-list-number | name]
The CISCO Routing Process
match length min max including POLICY Routing

Policy Routing
on incoming interface
set ip next-hop ip-address [...ip-address] DATA Packets
set interface type number [...type number]
selected by: Output Access-list
Input Access-list
NAT / PAT Queueing
NAT ip policy route-map map-tag Accounting

DATA no match
or deny or Recursive Lookup
set default interface type number [... type number]
set ip default next-hop ip-address [...ip-address]

Routing Table
S .. Static
C.. Connected
x .... dynamic routing

 1999, PRO IN Consulting GmbH Page 8 of 18

of
IP Policy Routing
IP Policy Routing overcomes the normal
destination based routing paradigma by allowing
different criteria as basis for a routing decision.
Among those criterias are:
 the incoming interface
 selection by extended access-lists
 precedence levels
 packet sizes
 …
But still one paradigma stays valid:
"The router only makes a local decision about
the next hop, i.e. where to send the packet out"
To overcome this one you need either Tunneling
or MPLS (Multiprotocol Label Switching).
IP Policy Routing uses ROUTE-MAPS for
defining the matching packets and for setting
actions.
ROUTE-MAPS define a numbered sequence of
MATCH and SET clauses , where the SET
defines the actions to be done for packets
matching the MATCH clauses.
IP POLICY ROUTING is applied to incoming
packets on interfaces by using the Interface
!!! CAVEAT !!! interface Serial3/0.31 multipoint
description INTERNET ACCESS
If there is an outgoing interface defined in a ip address 192.168.13.10 255.255…
SET-clause, this interface must be up and be of a ip policy route-map OUT-to-PIX
point-to-point type. frame-relay map ip 192.168.13.1 501
!
If there is a next-hop-address specified in the interface FastEthernet4/1.24
SET-clause this address have to be a real next- description PIX-OUT
hop-address. That means that it must be an encapsulation isl 24
address of a device belonging to a directly ip address 10.0.5.1 255.255.255.0
connected network. (The Router will not do a ip policy route-map PIX-to-OUT
recursive lookup for the next-hop-address) !
route-map PIX-to-OUT permit 10
If the above mentioned requirements are not match ip address 1
met, the router will use the normal Routing table set ip default next-hop 192.168.13.1
based route decisions and ignore the SET !
parameters. route-map OUT-to-PIX permit 10
match ip address 1
Example: set ip default next-hop 10.0.5.2
The same Frame Relay interface is used as !
connection to the outside world AND as access-list 1 permit any
connections to Remote offices. The Firewall is !
placed in to VLANs on a Fast Ethernet attached PIX OUT
switch
Fast Ethernet Interface
Internet

FRAME RELAY Interface

command:
OUT-to-PIX

Internet Rem.OFF.
FR
IP POLICY ROUTE-MAP route-map-name ISL
PIX-to-OUT

In case of no match found or when there is no

SETclause specifiying a next-hop or an outgoing Routing
interface, then after the ROUTE-MAP the normal Table
routing table is used to find a next-hop-
Remote Offices
address or outgoing interface.

 1999, PRO IN Consulting GmbH Page 9 of 18

of
 The CISCO Routing Process
including POLICY Routing

Routing Table
S.. Sta tic
C ... Connecte d
x .. dynamic routin g
Route-TAGs
Route-TAGs

Metric
Incoming Outgoing
ROUTE In fo rmation Route s
Route Processing Route Processing

Administrative Distance Metric

 1999, PRO IN Consulting GmbH Page 10 of 18

of

Routing Information
Processes:
General Considerations
A lot of problems and confusion arises from the fact
that some basic principles in the Routing information
process are not correctly understood.
Therefore in this chapter I will give some fundamental
laws and principles and describe their consequences:
§1 The mechanism of processing incoming
routing updates is COMPLETELY separated from
the mechanism of creating outgoing routing
updates.
The fact that a route is found in the routing table of a
router is a prerequisite but NOT necessarily sufficient
criteria for an outgoing routing update.
§2 The original routes of every configured
routing process of a router will be considered,
when decisions about which will enter the
routing table will be made.
This means that route REDISTRIBUTION is never used
in the incoming route processing.
§3 If more than one information of a route is
found, the incoming route process will use first
the ADMINISTRATIVE DISTANCE and then the
METRIC for deciding which route will be
established in the routing table.
Cisco IOS has a predefined Administrative Distance for
each Routing Protocol which allows to prefer more
trusted information sources over less trusted one.
 1999, PRO IN Consulting GmbH
of
 Sometimes I am wondering why the developers
gave the second best distance of 1 to static routes
This allows Failover of routes also without dynamic
routing protocols, when for example 2 static routes
entered by an administrator, as so called "Quick Fixes"
by using static routes are often the cause of
with different Administrative Distances for 2 outgoing
interfaces or 2 different next-hop-addresses are
reachability and routing-loop problems.  defined.
§4 Route REDISTRIBUTION is only used for §8 Routing processes are relying on a
outgoing routing updates. consistent metric, in order that every router
find the best path in a way, that all routes are
In Principle: Route redistribution means that routes of leading in the same direction.
one routing protocol in the routing table will be sent
out, converted to another routing protocol on As the base of metrics is different for different routing
interfaces configured for routing updates of that protocols, a direct conversion of metrics from one
second routing protocol. routing protocol to another is generally not possible.
When having more than one routing process default
§5 Static Routes defined with a next-hop- metric information has to be used. This default hides
address are considered one hop away and have the correct information about the best path and this
a default Administrative Distance of 1 inconsistency will lead to not optimal routing and also
often to ROUTING LOOPS in MUTUAL
REDISTRIBUTION (i.e. more than one redistribution
If the next-hop-address specified in the static route is
not a REAL next-hop-address (i.e. not an address in a points).
directly connected network) the router will do
recursive lookups to find this REAL next-hop-address. §9 Routing is a STATEFUL process. Depending
on the current information in the Routing Table
different actions can happen, even when the
§6 Static Routes defined with an outgoing
interface are treated like connected networks same routing information is received.
( i.e. networks that are 0 hops away) and thus
having a default Administrative Distance of 0.  There are examples, where a routing was correct,
but after the shutdown and restart of an interface the
correct state was never reached again.[See page 15]
Therefore static routes defining an outgoing interface
should be used only when the destination is on that
connected network.
USAGE: When the connected network is address
translated, you need a static route for the outside
network pointing to that inside hidden network.
§7 Static Routes where the outgoing interface is
down or the next-hop-address is not reachable
are removed from the routing table unless the
parameter PERMANENT is specified.
Page 11 of 18
 The CISCO Routing Process
including POLICY Routing

INCOMING from REMOTE Routing Table

S.. Static
C ... Connecte d
x .. dynamic routing
offs et- lis t {access-list- number | name} in offs et [type number] Route-TAGs
distance weig ht [a ddress mask [access-lis t-number | name]]
distrib ute -lis t {access-list-number | name} in [type number]
passive-in terface type number (only for Lin k Sta te and EIGRP)
ip access-group {access-lis t- number | name} in
( fo r sele cted proto col)

Metric
Incoming
ROUTE In fo rmatio n
Route Processing

Administrative Distance
INCOMING from LOCAL
0 Connecte d
1 Sta tic Route
5 EIG RP Summary
ip route prefix mask {address | 20 Exte rnal BGP
inte rfa ce} [d is ta nce] [ta g ta g] 90 Inte rnal EIG RP
[permanent] 100 IGRP
and fr om connected in te rfa ces 110 OSPF
115 IS-IS
120 RIP
170 Exte rnal EIG RP
200 Inte rnal BGP
255 <don´t use>

 1999, PRO IN Consulting GmbH Page 12 of 18

of
The INCOMING Routing
Process
The incoming Routing process is responsible for
populating the Routing table.
At startup this process enters the static and
connected networks for all interfaces which are
UP and then for each route received via any
Routing potocol this process checks if this is a
better route (considering Adminstrative Distance
and metric) than another instance of the same
route already in the table.
If a better route is found, this one is installed
and the other one is removed from the table.
The different routing processes also inform the
incoming routing process about any routes for
which regular routing updates are missing, or
which route to remove.
In order to overcome incorrect routing
information Distance Vector routing processes
also sets routes into a temporary holddown
before reconsidering new routing information or
before deleting this route.
LINK STATE processes directly remove or
replace routes after running the SPF-calculation.
EIGRP when a feasability successor is found will
enter the new information direct into the routing
table, or will set the route to a state of ACTIVE
and ask the neighbor(s) for a new route to the
destination.
RIP V1 and IGRP will never establish an
incoming mayor route, when they have a local
subnet-route of that network in their routing
table.
 1999, PRO IN Consulting GmbH
of
Monitoring the INCOMING Route process
All the input and results of this incoming routing
decision process can be monitored with the
command:
DEBUG IP ROUTING
Unfortunately the debug output is somewhat
cryptic and therefore not easy to read.
Here an example with the output of a RIP
routing change and its real meaning.
RouterA# debug ip routing
RT: flushed route to 192.168.8.0 via 192.168.9.2
(Serial0)
RT: no routes to 192.168.8.0, entering holddown
 invalid timer expired no routes to
192.168.8.0, therefore entering holddown
RT: flushed route to 192.168.7.0 via 192.168.9.2
(Serial0)
 advertising 192.168.8.0 via 192.168.9.2
(Serial0) as unreachable
"show ip route" shows us
… uses the higher administrative distance of 170
R 192.168.8.0/24 is possibly down,
routing via 192.168.9.2, Serial1
…
RT: garbage collecting entry for 192.168.8.0
 flush timer expired terminating holddown for
192.168.8.0
after that the next update info for this network
will be used
RT: add 192.168.8.0/24 via 192.168.6.2, rip
metric [120/2]
Useful commands for changing behaviour
of the Incoming Roue process
These commands can have different goals:
 prevent routing information from
entering the routing table
distribute-list xxx in … (not for Link State)
distance 255 …
passive-interface …(for Link State & EIGRP)
 change the priority of some information
sources or for some commands
 by changing the ADMINISTRATIVE DISTANCE
distance <0…154> …
 by changing the METRIC
offset-list xxx in … (not for Link State)
 manually adding additional routing
information
ip route …
In order to prevent possible routing loops when
getting redistributed (external routes) EIGRP
instead of the default of 90.
In OSPF you also can use TAGs for marking routes
and then applying actions to tagged routes.
NOTE: For Link State protocols you cannot apply incoming
filters as those protocols transfer not routes but LINK STATE
Packets.
In BGP you can specify a route-map which can
modify parameters like metric and tag when BGP
sends routing information to the local routing
table:
table-map route-map name
Page 13 of 18
 The CISCO Routing Process
including POLICY Routing

OUTGOING to same protocol

distr ib ute -lis t {access-lis t- number | name} out [in te rfa ce-name]
passiv e-in te rface type number
offs et-lis t {access-lis t- number | name} out
Routing Table offs et [ty pe number]

S .. Static
C .. Connecte d
x .. dynamic routin g

Route-TAGs
OUTGOING coming from other protocol

dis trib ute -lis t {access-lis t-number | name} out

[r outin g-process |a uto nomous-system-number]

Outgoing
Route s
Route Processing

Metric
OUTGOING to another protocol
redis tr ib ute proto col [p rocess-id] {le vel- 1 | le vel- 1-2 | level-2} [metr ic
metr ic -value] [metr ic-ty pe ty pe-valu e] [m atc h {in te rnal | exte rnal 1 |
exte rnal 2}] [ta g ta g-value] [r oute -map map-ta g] [w eig ht weight] [s ubnets ]
defa ult- in fo rmatio n redistr ib utio n:
defa ult- in fo rmatio n orig in ate [a lw ays] [metric metr ic -valu e] [metr ic -ty pe ty pe-
valu e] {le vel- 1 | le vel- 1-2 | le vel-2} [r oute -map map-name] (RIP/O SPF)
defa ult- in fo rmatio n {in | out} {access-lis t- number | name} (IG RP/EIG RP)

route -map map-ta g [p ermit | deny] [s equence-number] FOR ROUTE REDISTRIBUTIO N

matc h in te rfa ce ty pe number [. .ty pe number]
matc h ip route -source {access-lis t-number | name}[.. a ccess-lis t- number | name] set auto matic -ta g
matc h metr ic metr ic-valu e set le vel {level- 1 | le vel-2 | le vel-1-2 | stu b-area | backbone}
matc h route -type {lo cal | in ternal | exte rnal [ty pe-1 | ty pe-2] | le vel- 1 | le vel- 2} set lo cal- prefe rence
matc h ta g ta g-valu e [. .ta g-valu e] set metr ic metr ic -valu e
matc h ip address {access-lis t-number | name} [. .a ccess-lis t- number | name] set metr ic -ty pe {in te rnal | exte rnal | ty pe-1 | ty pe-2}
matc h ip next-hop {access-lis t- number | name}[. .a ccess-lis t- number | name] set orig in {ig p | egp auto nomous-syste m | in complete }
set ta g ta g-value
set next- hop next- hop

 1999, PRO IN Consulting GmbH Page 14 of 18

of
The OUTGOING Routing
Update Process
The outgoing Routing update process is
responsible for informing the neighboring routers
about its network information.
For Distance Vector Routing protocols this is
the local information about the best routes and
their metric (hence the content of the Routing
Table).
For Link State Routing protocols this is the
information about the local networks, external
routes and the neighbors via LSPs.
Outgoing routing updates for a certain routing
protocol are only sent when the following
conditions are all met:
 the network is in the routing table.
 the network is either specified via the NETWORK
command or coming from another protocol via a
REDISTRIBUTION command
 obeys the SPLIT-HORIZON rule: the network was
not learned from the same interface ( or is not
identical to the connected network)
 the network is not excluded from update via
applied access-lists or route-maps using the
DISTRIBUTE command.
 the outgoing interface is not specified as PASSIVE
 if the network is a specified summary, at least a
subnet of that summary route is in the routing
table.
 forwarding of default information is implicitly
(RIP) or explicitly allowed via the
DEFAULT-INFORMATION … command.
 for OSPF: sending of LSPs to that neighbor is not
prohibited.
For RIP V1 and IGRP the following also is
considered:
Example for a Redistribution problem
which is state-dependent:
A subnet route of a mayor network is converted to the
(summary) mayor route when it is sent out on
Configuration of R4 and R5:
interfaces that do not belong to a (sub)net of that
mayor route. (Discontigous Subnet Rule)
router rip
network x.x.x.x
redistribute eigrp 1000
For OSPF there are some special rules, where
default-metric 1
Area Border Routers (ABR) can inject default
passive-interface Serial 1
routes into stub areas. Also DISTRIBUTE-LIST
router eigrp 1000
OUT can only be applied to external routes and
network y.y.y.y
you cannot specify an interfacename in OSPF.
redistribute rip
default-metric 1000 100 250 100 1500
Generally by using the shown commands you can
follow 4 different tasks: passive-interface Serial 0
R3 normally learns about the network 10.0.0.0/8
 make networks invisible by blocking the via a routing update from R2 with 2 hops and
forwarding of routing information forwards this information to R5 with 3 hops
 redistribute (forward and translate) routing R5 gets information about 10.0.0.0/8 via R4 with
information from one protocol to another the metric [170/10245] ( it is an external EIGRP
 change the metric to force the others to route) and via R3 with [120/3] as RIP-route.
prefer specific paths So R5 will establish the RIP-route and use R3 as
 summarize routing information to next hop. Obeying the SPLIT HORIZON rule it
decrease the amount of routes and to increase will never send out the information back to R3.
the stability
When the connection between R2 and R3 breaks,
R3 will not send information about 10.0.0.0/8. R5
10.0.0.0/8 will now use the routing information derived via
external EIGRP from R5 and forward this
0 hops
best route to10.0.0.0/8 information as redistributed information via Rip
before shutdown of R2-R3 R1 RIP to R3. R3 gets now the information about
0
10.0.0.0/8 with the metric [120/1] and next hop
best route to10.0.0.0/8 1 hop
after shutdown of R2-R3
R5 into its routing table. When the link R2-R3
R10 RIP comes up again, the information from R2 about
3 hops 1 10.0.0.0/8 with [120/2] will not be used and R3
EIGRP
2 hops will continue to use the way via R5 to reach that
2
network.
R4
RIP
R2
2

before
shutdown 3 hops
3
RIP
R5 R3
 1999, PRO IN Consulting GmbH Page 15 of 18
1
of 1 hop after shutdown of
R2-R3
 route-map map-tag [permit | deny] [sequence-number] FOR POLICY ROUTING
match ip address {access-list-number | name} [...access-list-number | name]
The CISCO Routing Process
match length min max including POLICY Routing

Policy Routing
on incoming interface
set ip next-hop ip-address [...ip-address] DATA Packets
set interface type number [...type number]
selected by: Output Access-list
Input Access-list
NAT / PAT Queueing
NAT ip policy route-map map-tag Accounting

DATA no match
or deny or Recursive Lookup
set default interface type number [... type number] OUTGOING to same protocol
set ip default next-hop ip-address [...ip-address]

distribute-list {access-list-number | name} out [interface-name]

passive-interface type number
offset-list {access-list-number | name} out
INCOMING from REMOTE Routing Table offset [type number]

S ... Static
C ... Connected
offset-list {access-list-number | name} in offset [type number] x . .. dynamic routing
Route-TAGs
distance weight [address mask [access-list-number | name]] Route-TAGs
distribute-list {access-list-number | name} in [type number] OUTGOING coming from other protocol
passive-interface type number (only for Link State and EIGRP)
ip access-group {access-list-number | name} in
( for selected protocol)
distribute-list {access-list-number | name} out
Metric [routing-process |autonomous-system-number]

Incoming Outgoing
ROUTE Information Routes
Route Processing Route Processing

Administrative Distance Metric

INCOMING from LOCAL OUTGOING to another protocol
0 Connected
1 Static Route redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [metric
5 EIGRP Summary metric-value] [metric-type type-value] [match {internal | external 1 |
20 External BGP external 2}] [tag tag-value] [route-map map-tag] [weight weight] [subnets]
ip route prefix mask {address |
90 Internal EIGRP default-information redistribution:
interface} [distance] [tag tag]
100 IGRP default-information originate [always] [metric metric-value] [metric-type type-
[permanent]
110 OSPF value] {level-1 | level-1-2 | level-2} [route-map map-name] (RIP/OSPF)
and from connected interfaces
115 IS-IS default-information {in | out} {access-list-number | name} (IGRP/EIGRP)
120 RIP
170 External EIGRP route-map map-tag [permit | deny] [sequence-number] FOR ROUTE REDISTRIBUTION
200 Internal BGP match interface type number [...type number]
255 <don´t use> match ip route-source {access-list-number | name}[...access-list-number | name] set automatic-tag
match metric metric-value set level {level-1 | level-2 | level-1-2 | stub-area | backbone}
match route-type {local | internal | external [type-1 | type-2] | level-1 | level-2} set local-preference
match tag tag-value [...tag-value] set metric metric-value
match ip address {access-list-number | name} [...access-list-number | name] set metric-type {internal | external | type-1 | type-2}
match ip next-hop {access-list-number | name}[...access-list-number | name] set origin {igp | egp autonomous-system | incomplete}
set tag tag-value
set next-hop next-hop

 1999, PRO IN Consulting GmbH Page 16 of 18

of
Summary: The BIG picture
The CISCO IP Routing Process and its
mechanisms are quite complicated. But a
thorough understanding is necessary to
troubleshoot or even better to avoid problems.
The basic points are:
 Routing is done hop-by-hop, each router
independently decides on which interface
to forward a packet.
 The router treats incoming and outgoing
routing mechanisms as completely
separate processes.
 Decisions about which route to add or
remove from the routing table are based
on
ADMINISTRATIVE DISTANCE and
METRIC
 Routes of all configured routing
processes are considered for the routing
table
 REDISTRIBUTION is only used when
considering outgoing routing updates
 POLICY ROUTING allows to overcome
the normal destination based routing
 Policy Routing is applied on packets
incoming on specified interfaces
 ROUTE-MAPS are a mechanism for using
additional parameters for selection and
also a mechanism for setting or changing
different parameters
 ROUTE-MAPS are used for POLICY
ROUTING and for a controlled
REDISTRIBUTION of Routing Updates
 1999, PRO IN Consulting GmbH
of
 Routing Protocols rely on a consistent
metric
 REDISTRIBUTION of routes means a loss
of topology information
 Routing is a STATEFUL process, where
the incoming routing information is
considered in relation to the current
routing table information.
 The fact that a route is in the routing
table does not necessarily mean that the
route is also used in outgoing routing
updates
 the adjacency process for Link State and
EIGRP as basis for exchanging updates
between routers
 the different behavior of Routing
protocols regarding summarization and
VLSM
What is CISCO-specific in that area ?
 The use of ADMINISTRATIVE DISTANCE as
first considered parameter for incoming route
decisions.
 IGRP and EIGRP are Cisco-developed and
proprietary protocols.
 REDISTRIBUTION, metric handling on
redistribution is not covered in standards.
 the treatment and forwarding of DEFAULT-
ROUTES is not covered in standards.
 an extensive set of DEBUG commands for
monitoring the router behavior.
For further information
Recommended Requests for proposals (RFCs):
RFC1812 Requirements for IP Version 4 Routers.
F. Baker. June 1995.(Status: PROPOSED
STANDARD)
 general information about Routing:
RFC1771 A Border Gateway Protocol 4 (BGP-4).
Y.Rekhter & T. Li. March 1995.
(Status: DRAFT STANDARD)
RFC2328 OSPF Version 2. J. Moy.
April 1998. (Status: STANDARD)
RFC2453 RIP Version 2. G. Malkin.
November 1998. (Status: STANDARD)
Recommended Books:
CCIE Professional Development: Routing TCP/IP
Volume 1, J.Doyle ISBN: 1-57870-041-8
 excellent description of Routing
 best description of the mechanisms of EIGRP
 very good treatment of all Routing Protocols
CCIE Professional Development: Large-Scale IP
Network Solutions, K. Raza, S. Asad, M. Turner
ISBN: 1-57870-084-1
 good examples of routing design
 excellent examples of redistribution
 good description of Routing Protocols
Internet Routing Architectures, B.Halabi
ISBN:
 best book on BGP
OSPF J.Moy
ISBN:
 OSPF explained by the developer of that
protocol
WWW-locations:
http://www.proin.com
http://www.cisco.com
http://www.netreference.com
Page 17 of 18
 PROFESSIONAL INFORMATION
NETWORKS

PRO IN is a paneuropean company focussing on

3 areas:
 Training
 Consulting
 Professional Services

With offices in Austria, Germany and Spain we

offer CISCO authorized trainings at the highest
possible level. Thus PRO IN is honored as
"Distinguished Trainings Partner" by CISCO