Solved: Longest prefix match

Abdul salaam · ‎03-14-2023

Hello guys

How Longest prefix match works, I understand Metric, and A.D.

Thank you.

TotallyTodd · ‎03-14-2023

Hi the longest prefix match is totally the first determining factor when a routing table is making a decision. To totally explain it simply, the longest prefix match is a matching address within a subnet using the least amount of addresses. For instance, an address with an address of 192.168.1.2 may fit within the subnet 192.168.1.0 /24 with 254 usable addresses but on the same table there may also be a route to the 192.168.1.0 / 30 network which will give 2 usable addresses. the /30 subnet will have be said to be a closer match but this is more-so in terms of binary. When looking at a routing table it is important to totally make sure that the address will totally fit within the subnet and to also make sure that it's totally not a network address or broadcast address. An address of 192.168.1.4 would totally be a network address for a /30 subnet but it would be a usable address for a /24 subnet. Totally hope this helps! Also yes, administrative distance is used when there are two matching routes between two different routing protocols and metric is used to make routing decisions multiple routes of the same routing protocol totally. Routing decisions are mad in that order! Longest matching prefix, administrative distance, and then metric. Feel free to provide an example if you need further clarification totally!

View solution in original post

David Ruess · ‎03-14-2023

Hello,

Basically its the most amount of bits matching the IP to the route in the routing table. Example below:

Lets say you have a packet come into the router with a destination IP of 192.168.1.5. In the routing table you have the following:

C    192.168.1.4/30 is directly connected, Serial0/1/0
D    192.168.1.0/25 [90/13054] via 192.168.1.1, 00:00:18, G0/0
O    192.168.1.0/26 [110/10] via 192.168.6.1, 00:00:18, G0/1

Out of all those the destination IP can be a part of any of those networks. But if you write out the IP and the routes in binary it would have the most amount of bits in common with the connected route C. Because the network 192.168.4.0 includes only 2 IPs of 192.168.1.5 and 192.168.1.6. So its the longest match or most specific.

If you have 2 of the exact same route prefix learned from 2 sources then the AD kicks in. If that's the same then the metric is the tie breaker. After that it load balances according to dynamic routing protocol being used.

Hope that helps

-David

View solution in original post

TotallyTodd · ‎03-14-2023

Hi the longest prefix match is totally the first determining factor when a routing table is making a decision. To totally explain it simply, the longest prefix match is a matching address within a subnet using the least amount of addresses. For instance, an address with an address of 192.168.1.2 may fit within the subnet 192.168.1.0 /24 with 254 usable addresses but on the same table there may also be a route to the 192.168.1.0 / 30 network which will give 2 usable addresses. the /30 subnet will have be said to be a closer match but this is more-so in terms of binary. When looking at a routing table it is important to totally make sure that the address will totally fit within the subnet and to also make sure that it's totally not a network address or broadcast address. An address of 192.168.1.4 would totally be a network address for a /30 subnet but it would be a usable address for a /24 subnet. Totally hope this helps! Also yes, administrative distance is used when there are two matching routes between two different routing protocols and metric is used to make routing decisions multiple routes of the same routing protocol totally. Routing decisions are mad in that order! Longest matching prefix, administrative distance, and then metric. Feel free to provide an example if you need further clarification totally!

David Ruess · ‎03-14-2023

Hello,

Basically its the most amount of bits matching the IP to the route in the routing table. Example below:

Lets say you have a packet come into the router with a destination IP of 192.168.1.5. In the routing table you have the following:

C    192.168.1.4/30 is directly connected, Serial0/1/0
D    192.168.1.0/25 [90/13054] via 192.168.1.1, 00:00:18, G0/0
O    192.168.1.0/26 [110/10] via 192.168.6.1, 00:00:18, G0/1

Out of all those the destination IP can be a part of any of those networks. But if you write out the IP and the routes in binary it would have the most amount of bits in common with the connected route C. Because the network 192.168.4.0 includes only 2 IPs of 192.168.1.5 and 192.168.1.6. So its the longest match or most specific.

If you have 2 of the exact same route prefix learned from 2 sources then the AD kicks in. If that's the same then the metric is the tie breaker. After that it load balances according to dynamic routing protocol being used.

Hope that helps

-David

Joseph W. Doherty · ‎03-14-2023

The other posters have described what longest prefix matching is, but, perhaps, not (as explicitly) why it's (so, so) important.

Hopefully, you might already know, if I provide an IP address like 1.2.3.4 with a /24 prefix, you would know the network number is 1.2.3 and the host number is 4. Or if I wrote, 1.2.3.4/8, the network number is now 1 and the host number 2.3.4.

Also hopefully, you might know, if you had the network 1.2.3.0/24, it can be subdivided into 1.2.3.0/25 and 1.2.3.128/25, and those two networks could also be subdivided, e.g. 1.2.3.0/25 into 1.2.3.0/26 and 1.2.3.64/26.

You can mix allocations, e.g. the 1.2.3.0/24 network can be subdivided into 1.2.3.0/26 and 1.2.3.64/26 and 1.2.3.128/25 networks.

Something to keep in mind, once you subdivide a network, that network no longer can be a network because it's has been subdivided. I.e., for example, once you carve up 1.2.3.0/24, in any way, such as using part of that network's address space, like 1.2.3.0/30, 1.2.3.0/24, as a network, cannot be used.

However, in routing, we have networks and network aggregates, which "look" the same!

I.e. we might have, in a routing table 1.2.3.0/24, which might be the actual network 1.2.3.0/24 or the aggregate of one or more networks allocated in what would have been 1.2.3.0/24's address space (e.g. like the /26, /26 and /25, above).

We cannot have two overlapping networks such as 1.2.3.0/24 and 1.2.3.0/26, but we can have the aggregate 1.2.3.0/24 and the network 1.2.3.0/26.

When routing, the less routes, the better, if you don't need to "know" them.

If one router has the networks 1.2.3.0/26 and 1.2.3.64/26 and 1.2.3.128/25 connected to it, we might "advertise" to other routers those 3 networks, or just advertise the single aggregate 1.2.3.0/24.

However, lets say one router has connected to it, 1.2.3.64/26 and 1.2.3.128/25 and another router has connected to it 1.2.3.0/26. Well dang, looks like we're forced to use all 3 routes again, but are we?

The router with just 1.2.3.0/26 connected to it can "advertise" that, but the router with 1.2.3.64/26 and 1.2.3.128/25 connected to it can advertise 1.2.3.0/24.

But, but, doesn't 1.2.3.0/24 include 1.2.3.0/26? Yes, but, as 1.2.3.0/26 has a longer prefix than 1.2.3.0/24, it's matched first! (i.e. it's the longer prefix).

If the above makes sense, this might seem like much trouble for having one aggregate prefix in lieu of 3 network prefixes. Consider how well this scales up, including you can aggregate aggregates, but because of longest prefix matching, I can have some (hopefully few) exceptions.

BTW, somewhat similar approach can be used in ACLs, e.g.

(logically)

permit host x.x.x.3 (within subnet Y) (the exception)

deny subnet Y (the "aggregate")

rather than

deny host x.x.x.1
deny host x.x.x.2
permit host x.x.x.3
deny host x.x.x.4
deny host x.x.x.5
.
.
deny host x.x.x.N