Routing Basics and Longest Prefix Match
Key Takeaways
- A host sends traffic directly only when the destination shares its local subnet; otherwise it forwards the packet to its default gateway.
- Routers select a path using the routing table, then longest prefix match, then administrative distance, then metric as successive tie-breakers.
- Longest prefix match means the most specific matching route wins; a /24 beats a /16, and a /32 host route beats both.
- The default route 0.0.0.0/0 (or ::/0 in IPv6) is the least specific entry and is used only when no more specific route matches.
- Routing failures usually trace to subnet membership errors, an unreachable gateway, a missing return route, or an asymmetric or filtered path.
What Routing Does
Routing moves packets between IP networks. Before sending, a host compares the destination against its own address and mask. If the destination is in the same subnet, the host delivers it directly on the LAN using Layer 2. If the destination is remote, the host forwards the packet to its default gateway, the router that knows how to reach other networks.
| Concept | Meaning | Exam clue |
|---|---|---|
| Default gateway | Router for off-subnet destinations | Host cannot reach other networks |
| Routing table | Known prefixes and their next hops | Route-lookup question |
| Static route | Manually configured entry | Small or specific path |
| Dynamic route | Learned via a protocol | OSPF/BGP/RIP/EIGRP context |
| Metric | Preference within one protocol | Lower cost is better |
| Administrative distance | Trust ranking across route sources | Static vs dynamic comparison |
| Default route | 0.0.0.0/0 or ::/0 | Route of last resort |
Local or Remote Decision
The host ANDs its address and the destination against its mask; matching network portions mean local delivery.
| Host | Destination | Decision |
|---|---|---|
| 192.168.10.25/24 | 192.168.10.80 | Local |
| 192.168.10.25/24 | 192.168.11.80 | Send to gateway |
| 10.1.5.130/25 | 10.1.5.20 | Send to gateway (different /25 subnets) |
| 2001:db8:10::25/64 | 2001:db8:10::80 | Local (same /64) |
Longest Prefix Match
When several routes could carry a packet, the router picks the most specific one, meaning the route with the longest prefix length. A /24 is more specific than a /16, and a /32 host route is the most specific of all.
| Route in table | Matches 10.1.2.55? | Specificity |
|---|---|---|
| 0.0.0.0/0 | Yes | Least specific |
| 10.0.0.0/8 | Yes | Broad |
| 10.1.0.0/16 | Yes | More specific |
| 10.1.2.0/24 | Yes | Most specific here |
| 10.1.3.0/24 | No | Different subnet |
With every route present, traffic to 10.1.2.55 takes 10.1.2.0/24 because it is the longest matching prefix. The default route is used only when nothing more specific matches. Administrative distance breaks ties between equally specific routes from different sources (a static route, AD 1, beats an OSPF route, AD 110), and metric breaks ties within a single protocol.
Routing Troubleshooting
| Symptom | Check |
|---|---|
| Reaches local subnet, not the internet | Default gateway, NAT, upstream route |
| One way works, replies fail | Missing return route, firewall state, asymmetry |
| Traffic takes an unexpected path | A more specific route, metric, or policy route |
| VPN tunnel up but app fails | Local/remote route, overlapping CIDR, firewall |
| Cloud peering exists, no traffic | Route tables and security filters on both sides |
PBQ-Style Thinking
Scenario: a router holds routes for 10.0.0.0/8 via Router A, 10.2.0.0/16 via Router B, and 10.2.5.0/24 via Router C. A packet to 10.2.5.99 goes to Router C, 10.2.9.99 goes to Router B, and 10.9.9.9 goes to Router A. Walk each destination against the table and pick the longest match; this is the single most common routing PBQ pattern.
Scenario: a branch subnet 192.168.40.0/24 can initiate traffic to a data center, but servers cannot reply. The branch edge has a route, but the data center core lacks a return route to 192.168.40.0/24. Traffic flows out and dies on the way back. Add or advertise the return route and verify firewalls permit the reply.
Routing Protocol Context
N10-009 wants conceptual recognition, not vendor configuration.
| Protocol | High-level idea |
|---|---|
| OSPF | Interior link-state IGP using cost |
| BGP | Exterior protocol between autonomous systems |
| RIP | Older distance-vector, 15-hop limit |
| EIGRP | Advanced distance-vector, Cisco-associated |
| Static | Manual entries, predictable, less scalable |
The selection order to recite is: longest prefix match first, then administrative distance to compare route sources, then metric within a protocol. Master that order and most routing-table questions resolve themselves.
Administrative Distance Versus Metric
Candidates often blur these two tie-breakers, but they operate at different stages. Administrative distance (AD) ranks the trustworthiness of route sources and only matters when two routes to the same prefix come from different protocols. A directly connected route has AD 0, a static route AD 1, EIGRP 90, OSPF 110, and RIP 120, so a static route to a destination will be installed over an OSPF route to the same destination even though OSPF may know a technically shorter path. Metric only breaks ties inside one protocol, choosing the lower-cost path among routes the same protocol learned.
The exam may show a static and a dynamic route competing; the answer hinges on AD, not metric. It may instead show two OSPF paths with different costs; there the lower metric wins.
Default Gateway Versus Default Route
These sound identical but live on different devices. A default gateway is configured on an end host and names the single router the host uses for any off-subnet destination. A default route (0.0.0.0/0 or ::/0) lives in a router's table and tells that router where to send packets it has no specific route for. A host with a wrong default gateway cannot reach remote networks even if every router is perfectly configured; a router missing a default route may drop traffic to unknown destinations even though hosts are configured correctly. Read each scenario to determine which device owns the misconfiguration.
Return Paths and Asymmetry
The hardest routing PBQs are reachability problems where traffic flows one direction only. IP routing is hop-by-hop and independent in each direction, so a packet can reach a destination while the reply has no valid route home. The branch-to-data-center example earlier is the canonical case: outbound works because the path is fully routed, but the reply dies because the far side never learned a route back to the source subnet.
Always verify both a forward and a return route exist, and remember that stateful firewalls add a second requirement, the reply must traverse the same firewall that saw the request, or the connection state will not match and the firewall will silently drop it.
A router has matching routes 10.0.0.0/8, 10.1.0.0/16, and 10.1.2.0/24 for destination 10.1.2.55. Which route is selected?
A host can reach devices in its own subnet but cannot reach any remote networks. Which setting should be checked first?
Which entry functions as an IPv6 default route?