How The Routing Table Is Populated - Cisco PIX 500 Series Configuration Manual

The Routing Table

How the Routing Table is Populated

The security appliance routing table can be populated by statically defined routes, directly connected
routes, and routes discovered by the RIP, EIGRP, and OSPF routing protocols. Because the security
appliance can run multiple routing protocols in addition to having static and connected routed in the
routing table, it is possible that the same route is discovered or entered in more than one manner. When
two routes to the same destination are put into the routing table, the one that remains in the routing table
is determined as follows:
•
•
•
Administrative distance is a route parameter that the security appliance uses to select the best path when
there are two or more different routes to the same destination from two different routing protocols.
Because the routing protocols have metrics based on algorithms that are different from the other
protocols, it is not always possible to determine the "best path" for two routes to the same destination
that were generated by different routing protocols.
Each routing protocol is prioritized using an administrative distance value.
administrative distance values for the routing protocols supported by the security appliance.
Table 9-1
Route Source
Connected interface
Static route
EIGRP Summary Route
Cisco Security Appliance Command Line Configuration Guide
9-32
If the two routes have different network prefix lengths (network masks), then both routes are
considered unique and are entered in to the routing table. The packet forwarding logic then
determines which of the two to use.
For example, if the RIP and OSPF processes discovered the following routes:
RIP: 192.168.32.0/24
–
OSPF: 192.168.32.0/19
–
Even though OSPF routes have the better administrative distance, both routes are installed in the
routing table because each of these routes has a different prefix length (subnet mask). They are
considered different destinations and the packet forwarding logic determine which route to use.
If the security appliance learns about multiple paths to the same destination from a single routing
protocol, such as RIP, the route with the better metric (as determined by the routing protocol) is
entered into the routing table.
Metrics are values associated with specific routes, ranking them from most preferred to least
preferred. The parameters used to determine the metrics differ for different routing protocols. The
path with the lowest metric is selected as the optimal path and installed in the routing table. If there
are multiple paths to the same destination with equal metrics, load balancing is done on these equal
cost paths.
If the security appliance learns about a destination from more than one routing protocol, the
administrative distances of the routes are compared and the routes with lower administrative
distance is entered into the routing table.
You can change the administrative distances for routes discovered by or redistributed into a routing
protocol. If two routes from two different routing protocols have the same administrative distance,
then the route with the lower default administrative distance is entered into the routing table. In the
case of EIGRP and OSPF routes, if the EIGRP route and the OSPF route have the same
administrative distance, then the EIGRP route is chosen by default.
Default Administrative Distance for Supported Routing Protocols
Chapter 9
Table 9-1
Default Administrative Distance
0
1
5
Configuring IP Routing
shows the default
OL-12172-03