• Technologies

  • Instructors

  • Understanding Cisco routing tables with route print to find my IP

    Have you ever looked at the output of the show ip route command on a Cisco router and tried to figure out how the router ‘makes up its mind’? If you troll the Cisco website articles for information on the topic, an oft repeated phrase you will see is: Routes are selected based on the longest prefix length match. There are other forces at work behind the scenes as well, such as Administrative Distance, differing metrics based on alternate routing protocols running concurrently, and so forth, but we are focusing our attention on the prefix-length piece of the puzzle. Let’s try something fun!

    If you are sitting on a Windows box, open up an administrative command prompt and type route print (if IPv6 is active and you only want to focus on IPv4, then type route print -4) and hit Enter: (Warning: parts of this demo may fail on Windows 7, so try this on XP for full compatibility. Screen shots ARE from Win 7. Results are from XP.)

    windows command prompt route ping Cisco routing tables with route print

    You may also want to type ipconfig/all to view your own IP address: (output omitted)

    ipconfig/all windows command prompt Cisco routing tables with route print

    So in this case, my own IP address is /16.

    Here is where the fun starts. I will use nslookup to find the IP address of some website. For our example, I will use

    nslookup IP address windows command prompt Cisco routing tables with route print

    The output shows that the IP address associated with is Windows examines the routing table from the bottom to the top. The relevant entries in our example are the top two:

    Bing IP address windows command prompt Cisco routing tables with route print

    This tells us that our host (my box) is aware of its own subnet and knows it can get traffic destined for its own subnet to the destination without involving the default gateway ( However, ANYTHING else outside that subnet will be sent to the default gateway. We are probably aware of this fact already but it helps our further understanding to review how this works. So here’s what we’ll do (and this is a great trick to play on your unsuspecting friends), we will modify our host’s route table to control where traffic is sent. First, let’s add a fairly non-specific route that is designed NOT to interfere with our ability to get to Bing.

    You may also like:  Configuring HSRP for IPv6 on Cisco Networks

    non specific rout windows command prompt Cisco routing tables with route print

    I have added a route for the 65.ANYTHING network to my route table, but I told it to send packets destined for this address to the default gateway – something it was going to do anyway. Let’s view the route table now:

    route table windows command prompt Cisco routing tables with route print

    You see my added route boxed in red. Since Windows works from the bottom to the top of this list, it will match this entry before it gets to the quad-zero route. I verified that my machine can still get to Bing.

    Now let me add a more specific route designed to break my ability to get to Bing:

    break ability windows command prompt Cisco routing tables with route print

    Let’s take another look at our route table with both entries being made:

    route table both entries windows command prompt Cisco routing tables with route print

    Notice the placement of the routes in the table. The more specific (matching to a greater prefix length) is lower in the list. It points to a non-existent IP address that, if it did exist, would be on my own subnet and thus will not be sent to the default gateway address. I have verified that my box can no longer browse to Bing.

    By ‘black-hole-ing’ any packet with a destination of 65.52.107.X, I have broken my ability to access Bing. I now remove one of the additions I have made to my route table (by typing route delete and hitting Enter). You don’t have to type the entire command, just the first part. I do the same thing for the more specific command by typing route delete and hitting Enter. Once this is done, the route table is returned to its initial configuration. That complete, once again I can successfully browse to Bing.

    You may also like:  Subnetting a TCP/IP Network using the Magic Box Method

    The point of all this is to demonstrate how Cisco routers make routing decisions. Here is a sample output from show ip route:
    show ip route Cisco routing tables with route print



    We can see that this router has learned three routes to a particular destination via three different routing protocols. So if a packet is destined to an address, for example,, which route would the router choose? Disregarding other factors and looking solely at the prefix length, we see the best choice is the EIGRP route, since it matches out to 26 bits. That’s pretty much the whole story of matching based on longest prefix length.
    Hopefully this simplifies this aspect of route selection for you. Of course, in a real network, you can’t just ‘disregard other factors.’ If you are interested in a more in-depth discussion of this topic, an excellent read can be found in this article.

    Enjoy deciphering the show ip route tables on Cisco routers – it really does help to know what that router is doing behind the curtain of secrecy.

    Until next time…

    Mark Jacob
    Cisco Instructor – Interface Technical Training
    Phoenix, AZ

    Share your thoughts...

    Please fill out the comment form below to post a reply.