Routing PBQs and Troubleshooting Route Table Clues
Key Takeaways
- Routing PBQs usually combine route tables, interface status, gateways, VLANs, NAT, and simple protocol clues.
- Read route tables by matching prefix length first, then route source, then next-hop reachability.
- A missing route, wrong next hop, down interface, wrong gateway, NAT problem, or ACL can look like the same user complaint.
- Traceroute, ping, ARP/neighbor tables, interface status, and routing tables help localize the failure.
- Always consider the return path and whether the failure is routing, switching, translation, or filtering.
Routing PBQs and Route Table Clues
Performance-based questions often present a partial topology and ask you to repair reachability. Use a consistent method: identify the source, destination, local gateway, routed path, return path, and policy controls.
Route Table Clues
| Clue | Meaning |
|---|---|
| C or connected route | Network is directly attached and interface is up |
| L or local route | IP address assigned to the router itself |
| S or static route | Administrator configured the route |
| O or OSPF route | Learned from OSPF |
| D or EIGRP route | Learned from EIGRP on many vendor outputs |
| B or BGP route | Learned from BGP |
| Gateway of last resort | Default route is configured |
| No matching route | Packet is dropped unless a default route matches |
Exact route codes vary by vendor, but the PBQ usually gives enough context. Focus on source, prefix, next hop, and interface state.
Troubleshooting Flow
| Step | Question | Tool or evidence |
|---|---|---|
| 1 | Is the host configured correctly? | IP, mask, default gateway, DNS if name-based |
| 2 | Can the host reach the gateway? | Ping gateway, ARP table, VLAN membership |
| 3 | Does the router know the destination? | Routing table longest match |
| 4 | Is the next hop reachable? | Interface status, neighbor, ARP, ping next hop |
| 5 | Does the destination know the return path? | Remote routing table and gateway |
| 6 | Is translation required? | NAT/PAT table and inside/outside interfaces |
| 7 | Is policy blocking it? | ACL, firewall rule, security group |
Scenario Table
| User report | Best first clue | Likely fix |
|---|---|---|
| One subnet cannot reach another internal subnet | Route table lacks specific route | Add route or advertise subnet |
| All offsite networks fail from one VLAN | Wrong host default gateway | Correct DHCP scope or gateway setting |
| Internet fails but private WAN works | Default route or NAT/PAT | Add default route or fix translation |
| Traffic reaches server but replies never return | Return path missing | Add reverse route or correct gateway |
| Dynamic route disappeared after maintenance | Neighbor relationship down | Fix interface, protocol settings, or authentication |
Longest Match Practice
Destination: 172.16.8.45
| Route | Next hop |
|---|---|
| 0.0.0.0/0 | ISP |
| 172.16.0.0/16 | WAN-A |
| 172.16.8.0/24 | WAN-B |
| 172.16.8.32/27 | WAN-C |
172.16.8.45 falls within 172.16.8.32/27, so WAN-C wins. If WAN-C points to a down next hop and no alternate route is installed, the router may drop the packet even though broader matching routes exist, depending on implementation and route installation state.
PBQ Repair Examples
| PBQ evidence | Interpretation | Action |
|---|---|---|
| Branch route table has default route only; HQ private subnet is reachable through MPLS | Private route missing | Add specific static route or fix dynamic advertisement |
| OSPF neighbor absent after password change | Authentication mismatch | Correct OSPF authentication on both sides |
| VLAN 30 gateway responds, but no inter-VLAN routing for VLAN 30 | Missing route or subinterface | Add routed VLAN interface or router subinterface |
| PAT table empty during user internet tests | NAT not matching traffic | Correct NAT rule, inside/outside roles, or ACL match |
| Traceroute stops at firewall | Could be filtering or missing route | Check route table and firewall policy at that hop |
Common Traps
| Trap | Better reasoning |
|---|---|
| Assume DNS is the issue when ping by IP fails | IP reachability must work before DNS matters |
| Fix only the source router | Return-path routing can break replies |
| Add broad defaults everywhere | Specific internal routes are often safer and clearer |
| Ignore interface status | A perfect route through a down interface will not forward traffic |
| Treat traceroute timeout as proof of failure | Some devices block traceroute responses while forwarding traffic |
Exam Tactic
When a PBQ includes many devices, write the flow in your head as source host, default gateway, router path, destination gateway, destination host, then return. Change the smallest setting that directly explains all symptoms. If one VLAN works and another does not, compare their gateway, VLAN tag, route, and ACL differences.
A server receives packets from a branch subnet, but the branch never receives replies. What routing issue should be checked first?
A route table has 192.168.0.0/16 and 192.168.10.0/24. Which route matches 192.168.10.75 best?
Which items can make a routing problem look like a general connectivity outage? Select two.
Select all that apply