Networking

Cisco IOS Static and Default Routes: AD, Floating, Null0

Part of pathway: Full Guide for All IOS Commands
5 min read

Static Routes — The First Tool, Often the Right Tool

Static routes have a reputation for being “basic.” That reputation is half wrong: in many production networks, routing protocols handle the dynamic part of the topology, but static routes still pin down the default route, the management routes, the backup paths, and the deliberate-overrides. Knowing the four flavors of static route on Cisco IOS — standard, default, floating, and recursive — is foundational, not basic.

The Standard Static Route

R1(config)# ip route 10.2.0.0 255.255.255.0 10.0.0.2
R1(config)# ip route 10.3.0.0 255.255.255.0 GigabitEthernet0/1
R1(config)# ip route 10.4.0.0 255.255.255.0 GigabitEthernet0/1 10.0.0.2

Three forms:

  • Recursive — specify only the next-hop IP. Router does a recursive lookup to figure out which interface to use.
  • Connected (interface-only) — specify only the outbound interface. Used on point-to-point links where the next hop is implicit.
  • Fully specified — both interface and next-hop. Removes ambiguity, recommended for multipoint interfaces (Ethernet) where ARP must resolve the next-hop MAC.

The Default Route

R1(config)# ip route 0.0.0.0 0.0.0.0 198.51.100.1

Matches anything not in the routing table. Used to point at the Internet uplink. Routing protocols often advertise this default into the IGP automatically (default-information originate in OSPF/EIGRP), but the static route on the edge router has to exist somewhere.

Administrative Distance — Tie-Breaking Across Sources

When the same prefix is learned from multiple sources, the router picks the one with the lowest administrative distance (AD):

Source AD
Connected 0
Static 1
EIGRP (internal) 90
OSPF 110
IS-IS 115
RIP 120
EIGRP (external) 170
iBGP 200
eBGP 20
Floating static (set higher than the protocol it backs up)
Unknown 255 (never installed)

Floating Static Routes — Backup Paths

A floating static is a static route with an artificially high AD — higher than the routing protocol’s. The protocol-learned route wins under normal conditions; if the protocol loses the route, the floating static takes over.

! OSPF normally learns the route to 10.99.0.0/24 with AD 110.
! Add a floating static via the backup path with AD 200:
R1(config)# ip route 10.99.0.0 255.255.255.0 10.0.1.2 200

Useful for: backup default routes when the primary upstream fails, branch links failing over to a cellular interface, etc.

Permanent Routes

R1(config)# ip route 10.99.0.0 255.255.255.0 10.0.0.2 permanent

The permanent keyword keeps the static route in the routing table even when its outbound interface goes down. Rarely a good idea — you almost always want the route to disappear when the path is broken so traffic falls through to a backup. Use only when you have a specific reason.

The Null0 Trick — Black-Holing and Summary Origination

Routes pointing at Null0 are silently dropped. Two uses:

Black-hole filtering

! Drop traffic to a known malicious IP
R1(config)# ip route 198.51.100.99 255.255.255.255 Null0

Summary origination

To advertise a summary route into a routing protocol, you need some matching route in the routing table. Point the summary at Null0 so it’s always available:

R1(config)# ip route 192.168.0.0 255.255.0.0 Null0
R1(config)# router bgp 65001
R1(config-router)# network 192.168.0.0 mask 255.255.0.0

Now BGP advertises 192.168.0.0/16. The Null0 route exists; the more-specific routes inside that range are learned via the IGP and take precedence on actual forwarding.

ODR — On-Demand Routing

An obscure feature for hub-and-spoke topologies where spokes have a single connection to the hub. The hub auto-learns spoke prefixes via CDP and inserts them into its routing table. Spokes get a default route from the hub.

! On the hub
R1(config)# router odr

That’s the entire config. The hub now sees spoke connected networks. Use case: keeping spoke routers as simple as possible — no routing protocol on them at all. Niche but tested on certifications.

Verifying Routes

R1# show ip route
R1# show ip route 10.0.0.0
R1# show ip route static
R1# show ip route 0.0.0.0

show ip route 10.0.0.0 tells you which specific route the router would use for that destination — the longest-prefix-match. Crucial when troubleshooting why traffic isn’t taking the path you expect.

Common Pitfalls

  • Recursive route on multi-access interface. ip route 10.2.0.0 255.255.255.0 10.0.0.2 on a Gigabit interface works, but the router has to ARP for 10.0.0.2 first. With many such routes, ARP table pressure grows. Use fully specified routes on Ethernet.
  • Floating static AD too low. If you set the floating static’s AD to 100 while OSPF (AD 110) is the primary, the static wins always — not what you want. The floating AD must be HIGHER than the protocol’s.
  • Forgetting permanent implications. permanent keeps the route in the table even when broken. Don’t use unless you have a specific reason.
  • Wrong default route. Pointing the default at a wrong gateway IP that’s in the same subnet but not the actual upstream causes a quiet black hole — ARP succeeds, traffic disappears.
  • Overlapping routes. Multiple statics for overlapping ranges cause the longest-prefix-match to determine the winner. Always check show ip route X.X.X.X before relying on intuition.

Conclusion

Static routes are simple but full of subtlety:

  1. Use fully specified routes on multi-access interfaces; recursive only on point-to-point.
  2. Default routes belong on edge routers, originated into the IGP from there.
  3. Floating statics = static AD > dynamic AD. Always.
  4. Null0 for black-holing and for keeping summary advertisements alive.
  5. show ip route X.X.X.X over show ip route when investigating “why isn’t this destination reachable” questions.
Tags: #CCNA #Cisco IOS #Default Route #Static Routes

Related Articles

Leave a Reply