Determine how a router makes a forwarding decision

In this blog post, we will discover how a Cisco router selects the best route to use for packet forwarding. The CCNA exam includes the following topics which we will cover in detail:

3.2 Determine how a router makes a forwarding decision by default

• 3.2.a Longest match

• 3.2.b Administrative distance

• 3.2.c Routing protocol metric

Exam blueprint lists selection criteria in the order of preference that a router uses when choosing the best path among multiple available options. However, to compile the routing table the process is reversed.

Firstly, each routing protocol selects the best route using its own metric comparison procedure. If there are more than one candidate routes from different protocols, then administrative distances are compared and only one protocol installs its route into the routing table. In some cases, a routing protocol, instead of preferring a single path, can use multiple next-hops for the same network to split the load between several links.

The forwarding decision is then based only on the longest match, as the routing table is already filtered of all but the best routes. The router looks for the longest match for a destination and prefers more specific IP prefix routes over broader ones.

To describe these options in this blog post, we will follow the bottom-up approach, i.e. starting with protocol choice, then moving to inter-protocol choice, and finally performing the longest match comparison.

Sample network

Figure 1 shows a sample diagram with a router selecting the best path to forward traffic to a host with the IP address of By the end of this post, you will be able to identify the path router A will select. In the next several sections we will discuss these selection steps one by one.

Figure 1. Determine how a router makes a forwarding decision
Figure 1. Determine how a router makes a forwarding decision

Routing Protocol Metric

Dynamic routing protocols calculate and use a numerical value to describe the cost of a path to a destination. This number is called a metric and it is specific to each routing protocol. Metric values of two different routing protocols are not compared with each other. All routing protocols either use different properties of the path or use different calculations.

For example, some protocols use a simple metric like the number of routers or hops that a packet needs to cross to get to the remote network. If two peers advertise routes to such a network, the one that has a smaller number of hops is chosen. Some other protocols can use bandwidth as its path cost.

Table 1 lists different routing protocols and the metric that they use.

RIPNumber of routers in path - hop count.
OSPF, IS-ISCumulative value that is based on bandwidth with smaller bandwidth accumulating more cost.
EIGRPComposite metric that is based on multiple parameters – delay, bandwidth, utilization and reliability. Only first two parameters are used. Calculated as sum of transit links delays and smallest bandwidth across the path.
BGPNumber of Autonomous Systems (or routing domains) to reach a destination can be considered a metric that is visible end to end.

Table 1. Routing Protocol Metrics

Interior Gateway Protocols (IGP) Metric

IGP metrics with the exception of RIP provide a good measurement of path performance. They are based on static link parameters, such as bandwidth and delay. Only EIGRP metric calculation formula can include dynamic link features, such as utilization and reliability, however, they are not used by default.

IGP protocols also prefer routes that were injected into the protocol internally. This mostly comprises of routes which routers have interfaces in. External routes are represented by routes injected by redistribution from another protocol or a static route. For example, OSPF selects intra-area routes, then inter-area routes, and finally external routes. This selection happens before metric comparison.

Exterior Gateway Protocols (EGP) Metric

BGP has a different objective when choosing the best path. As the protocol is used between different organizations, it was designed to include multiple attributes that can be used to influence and communicate the desired traffic flow. The BGP path selection process consists of more than 10 steps. Many of the attributes are statically configured to influence the selection process and represent an administrative view of path cost, as opposed to IGP’s calculation based on some objective evaluation of the path performance.

The routing domain controlled by a single organization in BGP is called an Autonomous System. As a route propagates from the injecting router it is being updated and includes AS numbers of all routers it has traversed. AS_PATH attribute stores this information. Member AS count in AS_PATH can be used to compare different routes. The shorter AS_PATH is preferred over a longer one. The other attributes that BGP routers exchange and can be used to affect the best path selection include LOCAL_PREF, MED, ORIGIN, and closest IGP metric to the next hop.

Example of the best route selection using routing protocol metric

In the sample topology, router A can see 2 paths to in its EIGRP topology table. As shown in Figure 2, the path via D has a cost of 1024 and path via E – 2048. EIGRP process on router A chooses path via D as a candidate route. The next section will describe the process the router goes through to decide if EIGRP should be allowed to install its route.

Figure 2. Selecting a route using routing protocol metric
Figure 2. Selecting a route using routing protocol metric

Administrative Distance

Administrative Distance is a tie-breaker that is used when there are two or more candidate routes of the same length but learned via different routing protocols. Only one version of these routes to the same network will be installed into the routing table.

Administrative Distance is a pre-configured numerical value of the trustworthiness of a routing information source. More preferred protocols have smaller administrative distance numbers.

ProtocolAdministrative DistanceNotes
Directly connected network0The networks that router has interface in. Cannot be changed.
Static1Manually created routes. Can be increased to create a floating static routes.
EIGRP (summary route)5Cisco proprietary Interior Gateway Protocol. Routes of this type are visible only on the router that creates a summary in EIGRP. Layer 3 loop prevention mechanism.
eBGP20Standard-based Exterior Gateway Protocol. Assigned to routes that are learned from external BGP neighbors.
EIGRP90Cisco proprietary Interior Gateway Protocol.
IGRP100Obsolete Cisco proprietary Interior Gateway Protocol.
OSPF110Standard-based Interior Gateway Protocol.
IS-IS115Standard-based Interior Gateway Protocol.
RIP120Standard-based Interior Gateway Protocol.
EIGRP (external)170Cisco proprietary Interior Gateway Protocol. The routes that are redistributed into EIGRP installed with higher AD. Layer 3 loop prevention mechanism.
iBGP200Standard-based Exterior Gateway Protocol. Assigned to routes learned from internal BGP peers.
OMP251Cisco proprietary protocol used in SD-WAN between vEdges. High Administrative Distance value makes the router to prefer routes learned via service (LAN) side.

Table 2. Default Administrative Distances

Directly connected networks and static routes

As table 1 shows, directly connected networks have the lowest administrative distance. A router has an interface in each of the connected networks.

Static routes, by default, are more preferred than any dynamically learned route of the same prefix length. By changing a static route’s administrative distance to be numerically higher than dynamic routing protocol is a common way to provide backup connectivity. In this configuration, if a dynamic route is no longer available, a static route replaces it and provides a secondary path. Such a route is called a floating static route.

Interior Gateway Protocols (IGP) Administrative Distance

The default administrative distance values rank IGP protocols in the following order of preference: EIGRP, OSPF, IS-IS, and RIP. With the exception of RIP, the priority doesn’t mean that one protocol is more reliable or accurate than another.

In many networks, there is a single IGP, so having default preference for OSPF over IS-IS doesn’t make a difference. However, in some situations, such as networks merge or transition to different protocol an administrator may run several IGPs at the same time. In such networks, the default administrative distances can be adjusted to make one protocol more preferred than another. It is recommended to test the settings in a lab, as incorrect configuration can cause different issues, such as network loops and non-predictable traffic paths.

Exterior Gateway Protocol (EGP) Administrative Distance

There is only a single non-obsolete Exterior Gateway Protocol – Border Gateway Protocol (BGP). If a router doesn’t run any other dynamic routing protocols, then as with IGPs, its default administrative distance value doesn’t affect the route selection process.

However, in enterprise networks, it is common to run BGP along with one of the IGPs. For example, a company can exchange routes via BGP with its Internet or WAN providers. At the same time, internally it can run OSPF or EIGRP. In such scenarios, the routes can be divided into external and internal.  BGP is authoritative for the external, and IGP – for the internal routes.

Default Administrative Distance of external BGP routes ensures that a router will not start preferring a route to external networks via adjacent IGP router, which can often advertise such network back if there is more than one router performing redistribution between protocols.

Differently, IBGP peers have an administrative distance of 200, which is higher than any IGP’s route AD. This causes a router to use IGP as the source of truth for the internal destinations.

Interestingly, in some cases, internal BGP can overtake external BGP routes even if the latter has a lower administrative distance. The reason for it is that the BGP process performs its own evaluation when selecting the best path before placing the route into the routing table. For example, BGP routes received via internal peer can have a better value of Local Preference and as the result more preferred over the same route learned via external peer, which would be installed with AD of 20.  As the best route is from an internal BGP peer, it will be installed into the routing table with AD of 200.

Example of the best router selection based on Administrative Distance

Following our previous example, as shown in Figure 3, after EIGRP selected path via D, we left with 3 possible paths, via B, C, and D. Both B and D want to install the same network – into the routing table. Administrative distance is used to decide which one is better. As EIGRP has better administrative distance (90) than internal BGP (200), the path via B is selected. This selection happens before any packet forwarding decisions are made as part of router protocol convergence. Both routes ( and are now installed into the routing table. The next step for the router is to perform selection based on the longest match.

Figure 3. Selecting a route based on Administrative Distance

Longest Match

All unicast routing protocols lookup routes using the destination IP address of a packet. The longest match refers to the process of identifying the route to the most specific network that the packet matches.

For example, the default route or route to matches every packet. Next hop of such routes is often called gateway of last resort because it is the least preferred route, which is used only if no other matching routes exist.

The most specific route is a host route with a prefix length of 32 (or subnet mask of For example, is a host route, and packets sent to that specific host will be always following this route.

The important difference of the longest match from the other two steps is that the router compares two different routes, with one being a superset of another. Both networks will appear in the routing table. Such a situation often exists when there is summarization being performed in the network, which is the process of combining multiple routes into a single one.

Example of the best route selection based on the longest match

In our example network, in Figure 4, router A needs to choose between 2 routes: statically configured and dynamically learned The /24 route is more specific and is a longer match.

Figure 4. Selecting the best route based on the longest match
Figure 4. Selecting the best route based on the longest match

Importance of identifying IP address range of a subnet

When evaluating a packet against multiple routes, identify the network part of the IP prefix and what is the useable range of addresses it contains. For example, let’s say you have a route to and a route to You need to identify which of these two routes a packet with the destination of will match.

It may look like the packet matches only the first wider prefix – However, has the range of useable addresses between and, which destination of being part of it. Because /23 is a longer match than /16, the second route will be preferred.

Self-Test Questions

Which field of IP packet router uses for forwarding?
Destination IP address.
What is a floating static route?
By default, static routes are more preferred than any dynamic routes. Floating static route is a technique of making the route less preferred by increasing its administrative distance with the aim to use it as a backup option when the dynamic route is not reachable.
Do routers compare metrics calculated by different routing protocols?
False, only metrics of the same protocol are compared.
Can one see 2 routes with different administrative distances to exactly the same network in the routing table?
False, only routing protocol with the lowest administrative distance is allowed to install its route into the routing table.
If there are multiple routes of the different length matching a packet, which one router will use?
The route to the network that is most specific i.e. has the longest prefix length.
Consider the situation in which this article’s sample network used eBGP between router A and B. How this would affect the best path selection?
The A>B path would become the best path. In the Administrative Distance comparison step, eBGP with its default AD of 20 would win EIGRP’s AD of 90. It would then be installed into the routing table and is still more specific than