Chapter 9
Configuring IP Routing
If the destination matches a single entry in the routing table, the packet is forwarded through the
•
interface associated with that route.
If the destination matches more than one entry in the routing table, and the entries all have the same
•
network prefix length, the packets for that destination are distributed among the interfaces
associated with that route.
If the destination matches more than one entry in the routing table, and the entries have different
•
network prefix lengths, then the packet is forwarded out of the interface associated with the route
that has the longer network prefix length.
For example, a packet destined for 192.168.32.1 arrives on an interface of a security appliance with the
following routes in the routing table:
hostname# show route
In this case, a packet destined to 192.168.32.1 is directed toward 10.1.1.2, because 192.168.32.1 falls
within the 192.168.32.0/24 network. It also falls within the other route in the routing table, but the
192.168.32.0/24 has the longest prefix within the routing table (24 bits verses 19 bits). Longer prefixes
are always preferred over shorter ones when forwarding a packet.
OL-10088-01
....
R
192.168.32.0/24 [120/4] via 10.1.1.2
O
192.168.32.0/19 [110/229840] via 10.1.1.3
....
Cisco Security Appliance Command Line Configuration Guide
The Routing Table
9-25