Static vs Dynamic Routing and Route Selection
Key Takeaways
- Network+ N10-009 routing questions test how a router chooses a path, not vendor command memorization.
- Static routes are manually configured and predictable; dynamic protocols learn and reconverge after topology changes.
- Route selection is longest prefix match first, then administrative distance, then metric when ties remain.
- A default route (0.0.0.0/0 or ::/0) is used only when no more specific route matches the destination.
- N10-009 has five domains: Networking Concepts 23%, Network Implementation 20%, Network Operations 19%, Network Security 14%, Network Troubleshooting 24%.
How a Router Forwards a Packet
Routing moves packets between IP networks. When a packet arrives, the router compares the destination IP address against every entry in its routing table, selects the single best matching route, and forwards the packet out the chosen interface or to the chosen next hop. If no route matches and no default route exists, the packet is dropped and the router may return an ICMP "destination unreachable" message.
For N10-009 (the only Network+ exam available in 2026, launched June 20, 2024), routing lives primarily in Domain 2, Network Implementation, which is 20% of the exam. The exam is up to 90 questions in 90 minutes, scored 100-900 with a passing score of 720. Current domain weights:
| Domain | Weight |
|---|---|
| Networking Concepts | 23% |
| Network Implementation | 20% |
| Network Operations | 19% |
| Network Security | 14% |
| Network Troubleshooting | 24% |
Note the official N10-009 Domain 1 name is "Networking Concepts" (the older N10-008 called it "Networking Fundamentals"). Expect routing logic to also surface inside Domain 5 troubleshooting scenarios.
Route Sources
Every entry in a routing table came from somewhere, and the source determines how trustworthy and how stable the route is.
| Route type | How it appears | Best use | Main risk |
|---|---|---|---|
| Connected (C) | An interface has an IP and is up/up | Directly attached subnets | Vanishes when the interface goes down |
| Local (L) | The exact /32 or /128 of the interface IP | Reaching the router itself | Rarely changed manually |
| Static (S) | Admin configures destination + next hop | Stub networks, backups, control | Does not adapt unless tracked |
| Default (S* / gateway of last resort) | Route to 0.0.0.0/0 or ::/0 | Send unknown destinations upstream | A bad default blackholes traffic |
| Dynamic (O, D, B...) | Learned from OSPF, EIGRP, BGP, RIP | Larger or changing topologies | Needs neighbor design + monitoring |
A connected route is the foundation: a dynamic protocol can only advertise a subnet the router is actually connected to or has been told about. If the interface IP is missing or the interface is down, the connected route disappears and any route depending on it fails too.
Static vs Dynamic Routing
| Feature | Static routing | Dynamic routing |
|---|---|---|
| Configuration effort | Manual, one route at a time | Protocol setup plus policy/filters |
| Adaptation to failure | None unless object-tracked | Reconverges automatically |
| Resource overhead | Negligible | CPU, memory, and protocol traffic |
| Predictability | Very high | Depends on metrics and protocol state |
| Scale | Best for one-exit stub paths | Best for many routers/paths |
| First troubleshooting move | Verify destination, mask, next hop | Check neighbors, ads, metrics, filters |
Static routing is not amateur. It is the correct answer for a stub branch with one exit, a management network, or a deliberate backup path. Dynamic routing earns its overhead when there are multiple routers, multiple redundant paths, frequent topology changes, or a requirement for automatic failover.
A floating static route is a static route given an artificially high administrative distance (for example, distance 200) so it sits dormant in the table and is installed only when the preferred dynamic or lower-distance route disappears. This is the classic way to back up a primary WAN with a secondary link without running a routing protocol over the backup.
Route Selection Order (Memorize This)
Routers do not just grab the lowest metric across every candidate. They narrow the field in strict order:
- Longest prefix match - the most specific (largest mask) matching destination wins, regardless of source.
- Administrative distance (AD) - among routes with identical prefix length, the most trusted source wins. Typical defaults: Connected 0, Static 1, eBGP 20, EIGRP 90, OSPF 110, RIP 120, iBGP 200.
- Metric - if the same protocol offers two routes of equal prefix length, the lowest metric (cost) wins.
Worked example - destination 10.10.40.25
| Route | Source | AD | Metric | Matches? |
|---|---|---|---|---|
| 0.0.0.0/0 via 203.0.113.1 | Static default | 1 | 0 | Yes |
| 10.10.0.0/16 via 10.1.1.1 | OSPF | 110 | 20 | Yes |
| 10.10.40.0/24 via 10.2.2.2 | Static | 1 | 0 | Yes |
| 10.10.40.0/25 via 10.3.3.3 | OSPF | 110 | 30 | Yes |
The winner is 10.10.40.0/25 because /25 is the longest matching prefix for 10.10.40.25. Administrative distance and metric never enter the picture here - the static /24 with AD 1 loses to an OSPF /25 with AD 110 purely on prefix length. This trips up candidates who reach for AD or metric first.
Scenario Method and Common Traps
When a host cannot reach a remote subnet, walk the path methodically rather than guessing:
| Check | What it proves |
|---|---|
| Host IP/mask/default gateway correct | Host can hand off-subnet traffic to the router |
| Source router has a route to the destination | A forward path exists |
| Next hop is reachable (ping, ARP) | The route points to a live neighbor |
| Destination router has a route back | A return path exists |
| ACL/firewall permits the flow | The failure is not filtering masquerading as routing |
Common traps:
- Picking the lowest metric across all protocols - longest prefix and AD are evaluated first.
- Adding a default route to "fix" one missing internal subnet - the default can hide the real gap and send traffic the wrong way.
- Troubleshooting only the forward path - many "routing" failures are missing return routes; replies leave the source but never come back.
- Assuming connected routes are configured by hand - they appear automatically when an addressed interface is up.
PBQ practice prompt
Three routers, one route table. Branch users reach the internet but not data-center subnet 10.50.20.0/24. The branch router holds only a default route to the ISP and nothing for the private WAN. Correct move: add a specific static route for 10.50.20.0/24 toward the WAN next hop, then confirm the data-center router has a route back to the branch subnet.
A router has routes to 10.20.0.0/16 (static, AD 1) and 10.20.30.0/24 (OSPF, AD 110). Which route is used for traffic to 10.20.30.44?
Which route is commonly configured with an artificially high administrative distance so it activates only when the primary route fails?
Routing to a remote subnet fails. Which two checks are most directly relevant?
Select all that apply