Every router must have a route to know where to send traffic. I compare this to the post office's predetermined ways to route your postal mail to its destination. When a router receives a packet from the LAN or the WAN, it must know the "next hop" where it needs to deliver that packet. That next hop is the IP address of the destination router. The router learns the next hop for packets by one of two methods:
- Static routing: With static routing, you, as the administrator, manually enter the routes and tell the router, for each IP network, what next hop that traffic should be delivered to.
- Dynamic routing: With dynamic routing, you, as the administrator, configure a routing protocol on your network interfaces. Your routing protocol learns about other routers automatically. Your router and the other routers exchange routes, and each learns about the networks that the others are connected to. When new networks are added or removed, the routers update one another.
After reading about the difference between static and dynamic routing, you may be asking yourself, "Why would I want to use static routing when dynamic has so many more features and is so much more automated?" That is an excellent question. Dynamic routing is more automated and has many more features, but there is a proper time and place to use both static and dynamic routing. Static routing is still very important and relevant to network administrators. So let's learn more about it.
Basics of static routing
With static routing, you are telling your router to send traffic with a destination IP address to a router with an IP address of x.x.x.x. When a packet comes into the router and is ready to be routed, the destination IP address is looked up in the routing table. Let's say that you have a packet with a destination IP address of 220.127.116.11. In the routing table, there may be an entry for network 18.104.22.168/8 with a next hop of 22.214.171.124. Since the destination IP address of 126.96.36.199 is part of the network 188.8.131.52/8, the packet will be sent to the next hop of 184.108.40.206. But what interface is 220.127.116.11 on? The router then checks its routing table to see what interface 18.104.22.168 is connected to. The packet is sent out to that interface.
Here is a sample routing table to help you visualize what I mean:
Router# show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is 10.8.103.75 to network 0.0.0.0 S 22.214.171.124/8 [1/0] via 126.96.36.199 S 188.8.131.52/8 [1/0] via 10.220.100.1 172.16.0.0/32 is subnetted, 1 subnets C 172.16.8.8 is directly connected, Loopback1 10.0.0.0/8 is variably subnetted, 230 subnets, 4 masks D 10.110.100.0/30 [90/6535936] via 10.220.100.1, 1w6d, Serial0/0
Notice the two lines that begin with "S." This means that these are static routes and were entered manually by the network administrator. Notice that each contains "[1/0]." The "1" is the administrative distance for these routes. The administrative distance is what tells the router how trustworthy this type of route is. Since the network administrator must have entered these static routes, this route must be very trustworthy. All static routes have an administrative distance (AD) of 1 and are the most trustworthy route on a router with the exception of a connected-interface route (which has an AD of 0). Notice how the "D" route (EIGRP) has an AD of 90, so it is considered less trustworthy by the router if there are two routes to the same destination but from two different sources (static route vs. EIGRP dynamic route).
Creating a static route
Here is an example of how to create a route on a Cisco router:
Router(config)# ip route 184.108.40.206 255.0.0.0 220.127.116.11
Notice how you enter the network, the subnet mask for that network, then the next hop for traffic.
But what if the router were to look up the destination IP address of 18.104.22.168 and not find it in the routing table? The router would drop that packet and send an ICMP "destination unreachable" message back to the source IP address. If the router had a special type of route called a default route, however, it would be able to route this packet. A default route is a wildcard route. In other words, if the router finds no specific route, it uses the default route. A default route matches all networks. Here is an example of a default route:
Gateway of last resort is 22.214.171.124 to network 0.0.0.0
Sometimes, a default route is called a 0/0 route, because it has a network address of 0.0.0.0 and a subnet mask of 0.0.0.0. Just like other routes, it must have a next hop. Here is an example of how to create a default route on a Cisco router:
Router(config)# ip route 0.0.0.0 0.0.0.0 126.96.36.199
The first set of 0.0.0.0 indicates that any network matches this entry. The 0.0.0.0 indicates that any network (any IP source destination) and any subnet mask (any IP destination subnet mask) match this route. The next-hop IP address indicates that all traffic not matching your more specific routes will be routed with the default route.
Positive aspects of static routing
- There is no overhead for using static routes. With dynamic routes, network bandwidth is used to communicate available networks between routers. With static routes, as the network administrator hard codes these routes on the routers, the routers never need to communicate routing information.
- Static routes can be easier to configure if you have a small network. Let's say that I have only two routers and need to configure routing between them. I would need to configure only two route statements, one on each router. With a dynamic routing protocol like RIP, I would have to enter two network statements on each router.
- Static routes could be considered more secure. Because you aren't learning any routes from any other routers over the network, there is no chance that an incorrect or unsecured route will be learned by your router.
- Static routes don't request any router resources. A dynamic routing protocol like OSPF can require significant resources from the router to calculate the shortest path across the network when there are many routers. However, you wouldn't want to use static routes when there are many routers anyway (see negatives of using static routing).
Negative aspects of static routing
Don't be fooled into thinking that static routing is always the best tool for the job, however. The greatest negative to using static routes is that they don't scale as your network grows. This is because all static routes must be configured manually. Let's say that you have four routers, and you add a new network on one router. For the other three routers to learn about this, you must enter three static routes. That doesn't sound so bad, until you have 400 routers and add one new network. In that case, you would have to enter the static route on the other 399 routers. That is a lot of typing!
When do you use static routes?
- When you have a small network with fewer than five routers that isn't planning on growing any larger.
- When you have a medium-sized network where all routers connect back to a single router (hub-and-spoke topology). In this case, you could use a default route on all remote routers and have those routers all go through the host (maybe they all need Internet access). No matter how many networks were added at the host, no more routes would have to be created.
- When you need to create a route from one router to another device quickly. Perhaps you add a new firewall to your network or maybe you are connecting to a partner's network and don't want to exchange routing protocol traffic with them.
In summary, as a network administrator, you should be familiar with how and when to use static routes. The ip route statement creates a static route. Static routes should be used in limited application but are very necessary in many network configurations.
David Davis (CCIE #9369, CWNA, MCSE, CISSP, Linux+, CEH) has been in the IT industry for 15 years. Currently, he manages a group of systems/network administrators for a privately owned retail company and authors IT-related material in his spare time. He has written more than 50 articles, eight practice tests and three video courses and has co-authored one book. His Web site is HappyRouter.com.