Configuring and Using Floating Static Routes

Sometimes it becomes necessary to build static backup routes, where a dynamically learned route is preferred, and the static route is only used if the dynamic route is lost. Common applications of this would be a WAN with a VPN backup, and Dial on Demand Routing (DDR). The route to a remote location is normally learned over the WAN by a routing protocol, but should be routed out an interface configured for VPN if the WAN connection is lost.

Since the default administrative distance of static routes makes them preferred over any routes learned by dynamic protocols, this normally would not work. The router would prefer the route to the VPN all the time.

There are a couple ways around this. One would be to use a less specific route, such as a default route, which would only be preferred if the more specific routes are lost, but this is not always workable. If both internet and VPN traffic should take the same route, often the default route could be used, since the more specific dynamic routes would be preferred if available.

The other option, and the one we will look at here, is a so-called floating static route. Floating static routes are like regular static routes, except that the administrative distance has been manually changed. Since this allows for the static route having a higher administrative distance than the dynamic routes, so they will not be used if there is a dynamic route available.

In the following, we are learning the route to 172.16.2.0/24 from OSPF, pointed to 192.168.12.3. After adding the static route with an administrative distance of 254, we are still routing via OSPF. Then we lose our OSPF neighbor, and the static route takes over, with an Administrative distance of 254.

R1(config)#ip route 172.16.2.0 255.255.255.0 192.168.13.3 254
R1(config)#
R1(config)#do sh ip route                                    
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
C    192.168.13.0/24 is directly connected, Serial1/3
     172.16.0.0/24 is subnetted, 2 subnets
C       172.16.1.0 is directly connected, Loopback0
O       172.16.2.0 [110/11] via 192.168.12.3, 00:00:12, FastEthernet0/1
R1(config)#
*Mar  3 05:13:25.666: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.3 on 
FastEthernet0/1 from FULL to DOWN, Neighbor Down: Dead timer expired
R1(config)#
R1(config)#do sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
C    192.168.13.0/24 is directly connected, Serial1/3
     172.16.0.0/24 is subnetted, 2 subnets
C       172.16.1.0 is directly connected, Loopback0
S       172.16.2.0 [254/0] via 192.168.13.3
R1(config)#

While Administrative distances go up to 255, a route with an AD of 255 will not be installed in the routing table, so 254 is effectively the highest you can use. Note that the route is no longer installed in the routing table after having the AD changed to 255.

R1(config)#ip route 172.16.2.0 255.255.255.0 192.168.13.3 255
R1(config)#
R1(config)#do sh ip route                                    
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
C    192.168.13.0/24 is directly connected, Serial1/3
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.1.0 is directly connected, Loopback0
R1(config)#

Any administrative distance can be assigned to a static route, but to work as a floating static route, it needs to have an AD between the AD of the routing protocol +1 and 254, inclusive. If it is below the routing protocol it will be preferred, rather than floating, 255 is not used. Below the route is added with an AD of 111, which makes it less preferred than OSPF, but it would be preferred over a RIP route with an AD of 120. If you find yourself needing to do this, it’s probably time to redesign your network, but it is possible.

R1(config)#ip route 172.16.2.0 255.255.255.0 192.168.13.3 111
R1(config)#
R1(config)#do sh ip route                                    
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
C    192.168.13.0/24 is directly connected, Serial1/3
     172.16.0.0/24 is subnetted, 2 subnets
C       172.16.1.0 is directly connected, Loopback0
S       172.16.2.0 [111/0] via 192.168.13.3
R1(config)#
*Mar  3 05:19:23.042: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.3 on 
FastEthernet0/1 from LOADING to FULL, Loading Done
R1(config)#
R1(config)#do sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
C    192.168.13.0/24 is directly connected, Serial1/3
     172.16.0.0/24 is subnetted, 2 subnets
C       172.16.1.0 is directly connected, Loopback0
O       172.16.2.0 [110/11] via 192.168.12.3, 00:02:56, FastEthernet0/1
R1(config)#

Summary.

Floating static allows an administrator to define a static backup route by manipulating the Administrative Distance. Without manipulating the AD, static routes are preferred over any dynamic protocol. The AD needs to be set somewhere between one more than the routing protocol and 254, since routes with an AD of 255 will not get installed in the routing table. While you can set it at a lower number, floating statics normally use 254, which leads to more predictable behavior, and is more likely to be understood if someone else needs to work on the network.

Further Reading:

Sample Configuration: Using Floating Static Routes and Dial-on-Demand Routing – Cisco.com
CCENT/CCNA ICND1 100-105 Official Cert Guide (affiliate link)
Routing TCP/IP Volume 1, Chapter 3. (affiliate link)


Leave a Reply

Your email address will not be published. Required fields are marked *