CCNA: IP Connectivity & Routing

IP Connectivity & Routing — Overview

The largest exam domain at ~25% of the CCNA 200-301 exam (~30 questions). Covers how routers forward packets using static routes, OSPF, and first-hop redundancy protocols.

Domain Weight: ~25% · ~30 Questions

CCNA 200-301 Exam Domains

Domain	Topic	Weight
1	Network Fundamentals	20%
2	Network Access	20%
3	IP Connectivity (This Topic)	25%
4	IP Services	10%
5	Security Fundamentals	15%
6	Automation & Programmability	10%

Core Concepts

🗺️ Static Routes

Manually configured routes with AD=1. Used for stub networks, default routes, and backup paths (floating static). Syntax: ip route NETWORK MASK {NEXT-HOP | INTERFACE}. Do not adapt automatically to topology changes.

🌐 Default Route

Gateway of last resort — matches any destination when no more specific route exists. Configured as ip route 0.0.0.0 0.0.0.0 NEXT-HOP. Longest prefix match means /0 is chosen last. Critical for stub routers pointing to the ISP.

⚙️ OSPFv2

Link-state routing protocol using Dijkstra's SPF algorithm. Open standard (RFC 2328). Metric = cost (reference BW ÷ interface BW). Organizes routers into areas; Area 0 is the backbone. AD=110. Supports MD5 authentication.

📊 Administrative Distance

Trustworthiness rating of a routing source. Lower = more trusted. Connected=0, Static=1, EIGRP=90, OSPF=110, RIP=120. When two protocols advertise the same prefix, the lower-AD source wins. Longest prefix match always evaluated first.

🔄 HSRP / VRRP

First Hop Redundancy Protocols eliminate the single-gateway failure point. HSRP (Cisco proprietary) uses Active/Standby model with virtual IP & MAC. VRRP (open standard, RFC 5798) uses Master/Backup. GLBP adds load balancing.

📡 IPv6 Routing

Requires ipv6 unicast-routing globally. Static routes via ipv6 route PREFIX/LEN NEXT-HOP. OSPFv3 for dynamic IPv6 routing. NDP Router Advertisements deliver prefix and default gateway info to hosts. Default route: ipv6 route ::/0 NEXT-HOP.

Static & Default Routes

Static routes are the foundation of IP routing. Understanding syntax, administrative distance, and the routing table lookup process is essential for the exam.

Static Route Syntax

ip route NETWORK MASK {NEXT-HOP-IP | EXIT-INTERFACE}

! Examples:
ip route 10.1.1.0 255.255.255.0 192.168.1.1        ! next-hop IP
ip route 10.1.1.0 255.255.255.0 GigabitEthernet0/1  ! exit interface
ip route 10.1.1.0 255.255.255.0 192.168.1.1 5       ! AD=5 (floating)

Default Route (Gateway of Last Resort)

Matches any destination when no more specific route exists:

ip route 0.0.0.0 0.0.0.0 10.0.0.1
ip route 0.0.0.0 0.0.0.0 Serial0/0/0

Shown in show ip route as "Gateway of last resort is 10.0.0.1"

Floating Static Route

Backup route with higher AD than the primary dynamic route:

! OSPF AD=110, so use AD=200 as backup:
ip route 10.0.0.0 255.255.255.0 192.168.1.1 200

Route stays hidden while OSPF route is present. Appears when OSPF route is removed.

Administrative Distance Table

Route Source	Administrative Distance	Notes
Directly Connected	0	Absolute trust — interface is directly attached
Static Route	1	Manually configured; highly trusted
EIGRP (internal)	90	Cisco proprietary; very efficient
OSPF	110	Open standard; most common IGP
IS-IS	115	Used in large ISP/SP networks
RIP	120	Legacy; max 15 hops
EIGRP (external)	170	Routes redistributed into EIGRP
BGP (external)	20	eBGP — used between autonomous systems
Unknown / Unreachable	255	Never installed in routing table

Routing Table Lookup & Longest Prefix Match

Rule: The router always selects the most specific (longest) matching prefix. If two routes match, the one with lower AD wins. If AD ties, metric decides.

Example: destination 10.1.1.5 → matches both 10.1.1.0/28 and 10.1.0.0/16 — router picks /28 (longer prefix).

Recursive Lookup

How Recursive Lookup Works

When a static route specifies a next-hop IP (not an interface), the router must look up that next-hop IP in its own routing table to find the actual exit interface. This is a "recursive" lookup. If the next-hop IP has no route, the static route is invalid and won't appear in the table.

show ip route — Reading the Output

Router# show ip route
Codes: C - connected, S - static, O - OSPF, R - RIP, B - BGP

C    192.168.1.0/24 is directly connected, GigabitEthernet0/0
S    10.0.0.0/8 [1/0] via 192.168.1.1
O    172.16.0.0/16 [110/2] via 192.168.1.1, 00:01:23, GigabitEthernet0/0
S*   0.0.0.0/0 [1/0] via 203.0.113.1        ! S* = static default route

! Format: [AD/metric]  via NEXT-HOP, AGE, INTERFACE

Useful Verification Commands

show ip route — full routing table
show ip route 10.1.1.5 — lookup specific address
show ip route static — only static routes
ping 10.1.1.1 — test reachability
traceroute 10.1.1.1 — trace path hop by hop

Static Route Exam Tips

Next-hop IP creates recursive lookup; exit interface avoids it
Floating static AD must be HIGHER than the dynamic protocol AD
OSPF AD=110 → floating static AD should be ≥111
ip default-gateway is for layer-2 switches, not routers
S* in routing table = static default route (gateway of last resort)

OSPFv2

Open Shortest Path First version 2 — the primary IGP on the CCNA exam. Link-state protocol using Dijkstra's SPF algorithm. Open standard (RFC 2328). AD=110.

OSPF Cost Formula

Cost = Reference Bandwidth ÷ Interface Bandwidth
Default reference bandwidth = 100 Mbps.
FastEthernet (100 Mbps) = 100/100 = cost 1
Serial (1.544 Mbps) = 100/1.544 ≈ cost 64
GigabitEthernet (1000 Mbps) = 100/1000 = cost 1 (same as FastEthernet!)

Fix: auto-cost reference-bandwidth 1000 under router ospf to distinguish GigE from FastEthernet.

OSPF Packet Types

Type	Name	Purpose
1	Hello	Discover & maintain neighbors; sent to 224.0.0.5 (all OSPF routers)
2	DBD (Database Description)	Summary of LSDB; used during initial LSDB exchange (Exstart/Exchange)
3	LSR (Link-State Request)	Request specific LSAs that are missing from local LSDB
4	LSU (Link-State Update)	Contains actual LSAs; sent in response to LSR
5	LSAck (Link-State Acknowledgment)	Acknowledge receipt of LSAs

OSPF Neighbor States

Down → Init → 2-Way → Exstart → Exchange → Loading → Full

2-Way: Hello received from neighbor; DR/BDR election occurs here.
Exstart: Master/slave relationship established; determine starting sequence number.
Exchange: DBD packets exchanged — each router describes its LSDB.
Loading: LSR/LSU exchange — missing LSAs are requested and delivered.
Full: LSDBs are synchronized. DR/BDR form Full with all routers. DROthers form 2-Way with each other.

Hello & Dead Timers

Network Type	Hello Interval	Dead Interval
Broadcast (Ethernet)	10 seconds	40 seconds
NBMA (Frame Relay)	30 seconds	120 seconds
Point-to-Point	10 seconds	40 seconds

Exam Trap: Hello and Dead timers MUST match between neighbors or adjacency will never reach Full state. Mismatched timers are a very common exam scenario.

DR / BDR Election

DR/BDR Election Rules

Only on broadcast & NBMA segments (NOT point-to-point)
Highest OSPF priority wins (default 1, range 0–255)
Priority 0 = never becomes DR or BDR
Tiebreak: highest Router ID
Election is NOT preemptive — restart OSPF to re-elect
DR multicast: 224.0.0.6 (DR/BDR routers)

Router ID Selection Order

1. Manually configured: router-id X.X.X.X
2. Highest loopback interface IP (never goes down)
3. Highest non-loopback active interface IP

Loopback interfaces are preferred because they're always up, providing a stable Router ID that prevents unnecessary OSPF reconvergence.

LSA Types

LSA Type	Name	Generated By	Scope
Type 1	Router LSA	Every OSPF router	Within originating area
Type 2	Network LSA	Designated Router (DR)	Within originating area
Type 3	Summary LSA	ABR (Area Border Router)	Between areas
Type 4	ASBR Summary LSA	ABR	Describes how to reach ASBR
Type 5	External LSA	ASBR	Entire OSPF domain

OSPF Areas

Area 0 = Backbone. All non-backbone areas must connect to Area 0 (directly or via virtual link).
ABR (Area Border Router): connects two or more areas. Summarizes routes between areas.
ASBR (AS Boundary Router): connects OSPF domain to external routing domain (e.g., BGP, RIP, static redistribution).

Key OSPF Commands

! Enable OSPF
router ospf 1
 router-id 1.1.1.1
 network 192.168.1.0 0.0.0.255 area 0        ! wildcard mask
 network 10.0.0.0 0.0.0.3 area 0
 passive-interface GigabitEthernet0/0         ! stop hellos on LAN
 auto-cost reference-bandwidth 1000           ! for GigE environments

! Per-interface cost
interface GigabitEthernet0/1
 ip ospf cost 10

! Summarization at ABR
router ospf 1
 area 1 range 10.1.0.0 255.255.0.0

! Verification
show ip ospf neighbor
show ip ospf database
show ip ospf interface
show ip route ospf

OSPF Authentication

MD5 Authentication (per interface)

interface GigabitEthernet0/0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 SECRETKEY

Wildcard Mask Quick Reference

/24 mask → 0.0.0.255 wildcard
/30 mask → 0.0.0.3 wildcard
/32 mask → 0.0.0.0 wildcard (exact host)
/16 mask → 0.0.255.255 wildcard
Wildcard = inverse of subnet mask

FHRP & IPv6 Routing

First Hop Redundancy Protocols solve the single-gateway problem. IPv6 routing requires specific global commands and protocols.

The Problem: Single Default Gateway

Hosts configure a single default gateway IP. If that router fails, hosts can't reach remote networks — even if another router is available. FHRPs solve this by presenting a virtual IP shared between multiple physical routers.

HSRP — Hot Standby Router Protocol

HSRP Key Facts

Cisco proprietary protocol
Active router forwards all traffic
Standby router monitors via Hellos
Virtual IP: shared gateway for hosts
Virtual MAC: 0000.0c07.acXX (XX = group number in hex)
Default priority: 100 (highest wins)
Hello: every 3 seconds; Hold: 10 seconds
Uses UDP port 1985
Preempt: disabled by default — must enable explicitly

HSRP Configuration

interface GigabitEthernet0/0
 standby 1 ip 192.168.1.1       ! virtual IP
 standby 1 priority 110         ! higher = active
 standby 1 preempt              ! reclaim active role
 standby 1 track GigE0/1 20    ! decrement priority 20 if uplink fails

Group 1 example: Virtual MAC = 0000.0c07.ac01

HSRP vs VRRP vs GLBP Comparison

Feature	HSRP	VRRP	GLBP
Standard	Cisco proprietary	Open (RFC 5798)	Cisco proprietary
Roles	Active / Standby	Master / Backup	AVG / AVF
Default Priority	100	100	100
Virtual MAC	0000.0c07.acXX	0000.5e00.01XX	0007.b4XX.XXYY
Load Balancing	No	No	Yes (multiple AVFs)
Preempt Default	Disabled	Enabled	Enabled
UDP Port	1985	Protocol 112	3222

VRRP — Virtual Router Redundancy Protocol

VRRP Key Facts

Open standard — RFC 5798
Master router forwards traffic
Backup routers stand by
Virtual MAC: 0000.5e00.01XX
Preemption enabled by default
Owner router can use virtual IP as real IP

GLBP — Gateway Load Balancing Protocol

GLBP uniquely provides load balancing — HSRP and VRRP do not. The AVG (Active Virtual Gateway) assigns different virtual MACs to AVF (Active Virtual Forwarder) routers. Hosts ARP for the virtual IP and receive different virtual MACs, distributing traffic across multiple routers simultaneously.

IPv6 Routing

IPv6 Routing Commands

! Global enable (required first!)
ipv6 unicast-routing

! IPv6 static route
ipv6 route 2001:db8:1::/48 2001:db8:2::1

! IPv6 default route
ipv6 route ::/0 2001:db8:99::1

! Link-local next-hop (must specify interface)
ipv6 route ::/0 GigabitEthernet0/0 FE80::1

! Verify
show ipv6 route
show ipv6 route static

OSPFv3 for IPv6

! Enable OSPFv3 on interface
interface GigabitEthernet0/0
 ipv6 ospf 1 area 0

! OSPFv3 process
ipv6 router ospf 1
 router-id 1.1.1.1

! EIGRPv6
ipv6 router eigrp 100
 eigrp router-id 1.1.1.1
 no shutdown

! Verify
show ipv6 ospf neighbor
show ipv6 ospf database

NDP Router Advertisements

NDP (Neighbor Discovery Protocol) replaces ARP in IPv6.
Routers multicast Router Advertisements (RA) to FF02::1 (all IPv6 nodes) periodically.
Hosts use RA messages to learn: default gateway (link-local address of router), IPv6 prefix for SLAAC, and other configuration flags.

Note: ipv6 enable on an interface generates a link-local address (LLA) — this is separate from ipv6 unicast-routing, which enables the router to forward IPv6 packets.

Memory Hooks

Visual mnemonics and mental models to make exam concepts stick. Review before your exam day.

🗺️

Admin Distance

"Lower AD = More Trusted"

Connected=0 > Static=1 > EIGRP=90 > OSPF=110 > RIP=120 > External OSPF=170. Think of AD as distrust: 0 = absolute trust (directly connected), higher = less trusted. Decision order: Longest prefix THEN lowest AD THEN lowest metric.

🌐

OSPF Cost Formula

"Cost = Reference ÷ Bandwidth"

Default reference = 100 Mbps. FastEthernet (100M) = cost 1. Serial (1.544M) = cost 64. Gigabit (1G) = cost 1 too — same as FastEthernet at default ref! Fix with: auto-cost reference-bandwidth 1000 for GigE environments.

🤝

OSPF Neighbor States

"Don't Imply Elephants Fight"

Down → Init → 2-Way → Exstart → Exchange → Loading → Full. (D-I-2W-Ex-Ex-L-F). DR/BDR form Full with everyone. DROther routers form only 2-Way with each other. Stuck at Init = hello received but not bidirectional. Stuck at 2-Way = DR/BDR election done, DROthers stop here.

🔄

HSRP Basics

"Active = Worker · Standby = Backup"

Active router forwards all traffic using virtual IP/MAC. Standby monitors via Hellos. If active fails, standby takes over in ~10 seconds (hold timer). Enable preempt so higher priority router reclaims active role after recovery — otherwise lower priority stays active permanently.

🎯

Longest Prefix Match

"Most Specific Wins"

Router always picks the longest matching prefix. /28 beats /24 beats /0 for the same destination. Default route (/0) is last resort only. If two routes tie on prefix length, AD decides. If AD ties, metric decides. This order never changes — prefix length always wins first.

📡

OSPFv3 for IPv6

"Same OSPF, New Address Family"

OSPFv3 runs over IPv6 link-local addresses. Uses the same neighbor states, DR/BDR election, and LSA flooding as OSPFv2. Enable with ipv6 unicast-routing first, then ipv6 ospf PROCESS area AREA on each interface. Routing table shows link-local as next-hop — that's normal!

Flashcards & Study Advisor

Click any card to flip it. Use the advisor to get targeted exam tips by topic.

Flashcards

Click a card to reveal the answer →

Static vs Dynamic Route

When to use each type?

Static: manually configured, AD=1, doesn't adapt to topology changes. Use for stub networks or default routes. Dynamic: auto-learned via OSPF/EIGRP, adapts automatically. Use for larger networks where manual config isn't scalable.

OSPF Router ID

How is it selected?

1) Manually configured: router-id X.X.X.X 2) Highest loopback IP 3) Highest non-loopback active IP. Loopback preferred — never goes down. Stable Router ID prevents unnecessary OSPF reconvergence. Change requires OSPF process reset.

OSPF DR/BDR Election

What wins the election?

On broadcast (Ethernet) segments only — not point-to-point. Highest priority wins (default 1, range 0–255). Priority 0 = never DR/BDR. Tiebreak = highest Router ID. Election is NOT preemptive — changing priority requires OSPF reset.

Hello/Dead Timer Mismatch

What happens and how to fix it?

Adjacency FAILS — stays at Init/2-Way, never reaches Full. Fix: ensure both routers have matching Hello and Dead timers. Broadcast default: 10s/40s. NBMA: 30s/120s. Very common exam trap — always check timers when adjacency won't form.

HSRP Virtual MAC

What is the format?

Format: 0000.0c07.acXX where XX = HSRP group number in hex. Group 1 = 0000.0c07.ac01. Group 10 = 0000.0c07.ac0a. Hosts use this virtual MAC for their default gateway. Active router responds to ARP for virtual IP using this MAC.

Floating Static Route

How does it work?

Static route with manually set AD higher than the routing protocol it backs up. OSPF AD=110 → configure backup static with AD=200. The static route hides behind OSPF. When OSPF route is removed (link fails), the static route surfaces as the backup path.

OSPF Wildcard Mask

How to calculate it?

Inverse of subnet mask. /24 = 255.255.255.0 → 0.0.0.255 wildcard. /30 = 255.255.255.252 → 0.0.0.3 wildcard. /32 = 255.255.255.255 → 0.0.0.0 (exact host match). Used in OSPF network command to match interfaces to areas.

IPv6 Static Route

Syntax and requirements?

Syntax: ipv6 route PREFIX/LEN NEXT-HOP. Must enable ipv6 unicast-routing first. Link-local next-hop requires exit interface: ipv6 route ::/0 GigE0/0 FE80::1. Default route: ipv6 route ::/0 NEXT-HOP. Verify with: show ipv6 route.

Study Advisor

Select a topic for targeted exam tips.

IP Connectivity & Routing

IP Connectivity & Routing — Overview

CCNA 200-301 Exam Domains

Core Concepts

🗺️ Static Routes

🌐 Default Route

⚙️ OSPFv2

📊 Administrative Distance

🔄 HSRP / VRRP

📡 IPv6 Routing

Static & Default Routes

Static Route Syntax

Default Route (Gateway of Last Resort)

Floating Static Route

Administrative Distance Table

Routing Table Lookup & Longest Prefix Match

Recursive Lookup

How Recursive Lookup Works

show ip route — Reading the Output

Useful Verification Commands

Static Route Exam Tips

OSPFv2

OSPF Cost Formula

OSPF Packet Types

OSPF Neighbor States

Hello & Dead Timers

DR / BDR Election

DR/BDR Election Rules

Router ID Selection Order

LSA Types

OSPF Areas

Key OSPF Commands

OSPF Authentication

MD5 Authentication (per interface)

Wildcard Mask Quick Reference

FHRP & IPv6 Routing

The Problem: Single Default Gateway

HSRP — Hot Standby Router Protocol

HSRP Key Facts

HSRP Configuration

HSRP vs VRRP vs GLBP Comparison

VRRP — Virtual Router Redundancy Protocol

VRRP Key Facts

GLBP — Gateway Load Balancing Protocol

IPv6 Routing

IPv6 Routing Commands

OSPFv3 for IPv6

NDP Router Advertisements

Practice Quiz — IP Connectivity & Routing

Memory Hooks

Flashcards & Study Advisor

Flashcards

Study Advisor

Static Routing

Ready to Pass CCNA 200-301?