When Cisco routers have to forward packets, they will check their routing table and they use longest prefix matching to find the best match. If you don’t have a best match then the router will use a default route (if you have one). Otherwise, the packet will be dropped.
The forwarding behavior that I described above is called classless routing and it has been the default since IOS 11.3. This is an ancient version, it went end-of-sale around 1998 so classless routing is the only thing that most people know about nowadays.
The other method is called classful routing and it works slightly different. Instead of trying to explain this with text it’s better to see it in action with some examples.
Don’t confuse classful and classless routing with classful and classless routing protocols. Those are two different things…
To demonstrate the difference between classless and classful routing I will use the following topology:
R2 has four loopback interfaces that we will try to reach from R1. To do this, we’ll use some static routes on R1. Let’s take a look at the configuration…
Configuration
Classless Routing
Let’s start with the default mode, classless routing. Here’s what the routing table of R1 looks like:
R1#show ip route static
172.16.0.0/24 is subnetted, 2 subnets
S 172.16.0.0 [1/0] via 192.168.12.2
S 172.16.1.0 [1/0] via 192.168.12.2
S* 0.0.0.0/0 [1/0] via 192.168.12.2
We have three static routes. Let’s try to ping each loopback interface on R2:
R1#ping 172.16.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/28/68 ms
This ping works because we have a specific 172.16.0.0 /24 route in the routing table. Let’s try 172.16.1.2:
R1#ping 172.16.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/30/80 ms
This ping also works because we have a specific 172.16.1.0 /24 route in the routing table. Let’s try 172.16.2.2:
R1#ping 172.16.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/30/72 ms
This ping works, there is no specific entry for it in the routing table but we can use the default route for it. Last but not least, let’s try 10.10.10.2:
R1#ping 10.10.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/33/72 ms
This ping also works because of the default route. So far everything is working as expected. Now let’s take a look at classful routing.
Classful Routing
First we have to disable classless routing on R1:
R1(config)#no ip classless
Also to make this work, you have to disable CEF (Cisco Express Forwarding):
R1(config)#no ip cef
Now we are ready for some tests. First of all, let me show you the routing table again:
R1#show ip route static
172.16.0.0/24 is subnetted, 2 subnets
S 172.16.0.0 [1/0] via 192.168.12.2
S 172.16.1.0 [1/0] via 192.168.12.2
S* 0.0.0.0/0 [1/0] via 192.168.12.2
Nothing has changed in the routing table, it’s exactly the same. Only the forwarding decisions of the router have changed. Let’s try those pings again:
R1#ping 172.16.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/24/60 msR1#ping 172.16.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/32/56 ms
The first two pings are successful because we have two matching entries in the routing table: 172.16.0.0 /24 and 172.16.1.0 /24. Before I try a ping to 172.16.2.2, let’s enable a debug:
R1#debug ip packet
IP packet debugging is on
Now let’s try that ping:
R1#ping 172.16.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.2, timeout is 2 seconds:
Success rate is 0 percent (0/5)
This ping doesn’t work anymore and this is what the debug tells us:
R1#
IP: s=192.168.12.1 (local), d=172.16.2.2, len 100, unroutable.
So why does this ping fail? Classful routing works a bit different. R1 will check its routing table and sees that it has an entry for major network 172.16.0.0 which has two subnets: 172.16.0.0 /24 and 172.16.1.0 /24. There is no entry for 172.16.2.0 /24 so the router thinks this subnet is unreachable. Instead of using the default route, the router will drop this packet.
What about the 10.10.10.0 /24 subnet? Let’s try a ping:
R1#ping 10.10.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/33/72 ms
This ping works because the router uses the default route for this. It can use the default route because there is no major network (10.0.0.0) that it has to check.
- R1
- R2
hostname R1
!
ip cef
!
no ip domain lookup
!
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
!
ip route 172.16.0.0 255.255.255.0 192.168.12.2
ip route 172.16.1.0 255.255.255.0 192.168.12.2
ip route 0.0.0.0 0.0.0.0 192.168.12.2
!
endIP Classless and OSPF
To make it even more confusing (or interesting), there is an exception with classful routing .If you have a default route that is advertised by OSPF then the router will act as if its doing classless routing.
Let’s get rid of the default route on R1:
R1(config)#no ip route 0.0.0.0 0.0.0.0 192.168.12.2
Now we will configure OSPF and R2 will advertise a default route on R2:
R1(config)#router ospf 1
R1(config-router)#network 192.168.12.0 0.0.0.255 area 0R2(config)#router ospf 1
R2(config-router)#network 192.168.12.0 0.0.0.255 area 0
R2(config-router)#default-information originate always
Let’s take a look at R1:
R1#show ip route | include 0.0.0.0/0
O*E2 0.0.0.0/0 [110/1] via 192.168.12.2, 00:01:26, FastEthernet0/0
R1 now uses the default route from OSPF. Let’s try that ping to 172.16.2.2 again:
R1#ping 172.16.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/27/56 ms
And our ping is working…even though we don’t have an entry that matches 172.16.2.2 under the major network 172.16.0.0, the router can use the OSPF default route.
Summary
Classful routing can be confusing, let me summarize the rules:
Nobody uses classful routing anymore but at least you now know how it works. If you have any questions, feel free to leave a comment.
ostname R2
!
no ip cef
!
no ip domain lookup
!
interface Loopback0
ip address 172.16.0.2 255.255.255.0
!
interface Loopback1
ip address 172.16.1.2 255.255.255.0
!
interface Loopback2
ip address 172.16.2.2 255.255.255.0
!
interface Loopback3
ip address 10.10.10.2 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
!
router ospf 1
network 192.168.12.0 0.0.0.255 area 0
default-information originate always
!
endhostname R1
!
ip cef
!
no ip domain lookup
!
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
!
router ospf 1
network 192.168.12.0 0.0.0.255 area 0
!
end- Classless routing: the router will use longest prefix matching to find the best entry in the routing table. If you don’t have any specific routes then the default route will be used, otherwise the packet will be dropped.
- Classful routing: the router will use longest prefix matching to find the best entry in the routing table. If you don’t have any specific routes then you can only use the default route if you don’t have an entry for the major network in your routing table.
No comments:
Post a Comment