Classful Routing With–no ip classless

A little while back I wrote an article that talked about the “ip subnet-zero” command.  In many ways, the “ip classless” command is similar.  The similarity is in history, not in function.  The “ip classless” command was first introduced in IOS Release 10.  At that time, it was disabled by default.  Starting at version 11.3, the “ip classless” default was changed to enabled.  To disable it, an administrator would enter “no ip classless”. Disabling “ip classless” changes how a router looks at the default network.  In modern networks, there is no reason to disable it.

The current default “ip classless” is basically how most expect a router to work.  If a router is routing a packet, it will compare the IP destination from the packet header to the routing table.  Longer, or more specific, routes are preferred.  Routes would be preferred in the following order–

1) Host Route (example 10.1.1.1/32)
2) Subnet Route (example 10.1.1.0/24)
3) Network route (example 10.0.0.0/8)
4) Supernet Route (example 10.0.0.0/7)
5) Default Route (example 0.0.0.0/0)

Using the above example, a packet destined to 10.1.1.1 would match the first entry while a packet going to 8.1.1.1 would match the fifth entry.  A packet destined to 10.2.2.2 would match the third entry.  A set of static routes created from the above example might look like the following.

ip route 10.1.1.1 255.255.255.255 192.168.1.2 (for destination 10.1.1.1)
ip route 10.1.1.0 255.255.255.0 192.168.1.3 (for destinations 10.1.1.x)
ip route 10.0.0.0 255.0.0.0 192.168.1.4 (for destinations 10.x.x.x)
ip route 10.0.0.0 254.0.0.0 192.168.1.5 (for destinations 10-11.x.x.x)
ip route 0.0.0.0 0.0.0.0 192.168.1.1 (for destinations x.x.x.x)

If this is simplified a bit, it will give us a basis for discussion classful (no ip classless) versus classful (ip classless) routing.

ip route 10.1.1.0 255.255.255.0 192.168.1.3 (for destinations 10.1.1.x)
ip route 0.0.0.0 0.0.0.0 192.168.1.1 (for destinations x.x.x.x)

With classless routing, a packet destined to 10.1.1.2 would be routed to the next hop of 192.168.1.3.  If a packet has a destination fo 10.1.2.2 or 8.8.8.8, it would be routed to 192.168.1.1 (the default gateway).

Key Concept–With classful routing (no ip classless), traffic sent to 10.1.2.2 would be dropped when the routing table includes only the above two routes.

If classful routing is enabled with the “no ip classless” command, the behavior is changed.  A packet  destined to 10.1.1.2 would still be routed to 192.168.1.3.  Additionally, a packet destined to 8.8.8.8 would be sent to default gateway.  However, a packet destined to 10.1.2.2 would be dropped instead of using the default gateway.  The rules with classful routing state that if there is a route in the routing table that matches the classful destination of the packet, then the packet cannot use the default route.  In other words, the packet to 10.1.2.2 could be routed if the first routing entry wasn’t there.  As soon as the router has any router has any routes that start with 10, any packet that is part of that same classful network needs a non-default route.

The 10 network is a classful A network, so the part of the address that falls victim to this logic is a little different if we have a class B address.

no ip classless
ip route 172.16.0.0 255.255.255.0 192.168.1.3 (for destinations 172.16.0.x)
ip route 0.0.0.0 0.0.0.0 192.168.1.1 (for destinations x.x.x.x)

A packet destined to 8.8.8.8 would be routed using the default gateway.  A packet destined to 172.16.0.1 would be routed to 192.168.1.3.  A packet destined to 172.17.0.1 would be routed to the default gateway.  An address that starts with 172 is a class B address.  Therefore, 172.17.x.x/16 is a different classful network than 172.16.x.x/16.  However with this example, a packet destined to 172.16.1.1 would be dropped.

A router that cannot route a packet for a destination will log the output below when “debug ip packet” is configured.  Note: this command should not be entered in a production router.

*Mar  1 00:21:48.219: IP: s=192.168.0.2 (FastEthernet0/0), d=1.2.2.1, len 100, unroutable

Below is an image that demonstrates an easy way to experiment with this in GNS3.  It may be necessary click the link under the image to enlarge it enough to view the detail.

I have one note for those who want to experiment with this command.  I have found that it does not behave as expected when cef (Cisco Express Forwarding) is enabled.  In my testing, I used the “no ip cef” global configuration command.  Without doing this, there was no difference with “no ip classless”.

In summary, the current default is classless routing or “ip classless”.  This has been the case since 11.3.  If we change this default, or we have very, very old equipment in our networks, the behavior is classful routing.  This is classful in the sense of the routing table, not a routing protocol.  When there is a route in the table, packets destined to the same classful network must match a non default route.  In other words, the default route is not used if there is a route in the routing table that is part of the same classful network as the destination of the packet.  Obviously, if the route actually matches the destination of the packet, it will be routed.  However the existence of this route precludes any packets to the same classful destination to ever use the default gateway (aka–gateway of last resort).

No related content found.

About Paul Stewart, CCIE 26009 (Security)

Paul is a Network and Security Engineer, Trainer and Blogger who enjoys understanding how things really work. With over 15 years of experience in the technology industry, Paul has helped many organizations build, maintain and secure their networks and systems.
This entry was posted in Career. Bookmark the permalink.

7 Responses to Classful Routing With–no ip classless

  1. You Deserve to be CCIE unlike others, I don’t know how they passed. Thanks for blog.

  2. Sherif Safwat says:

    Excellent , really i appreciate your effort for delivering such valuable info , although some hassle occurred in GNS3 but the idea is very clear , thanks again

  3. Fred says:

    You explained the topic very clearly. Thank you !

  4. Alvin says:

    Hi Paul,

    Thanks for the simplified explanation, great job. Its good you mentioned the no ip cef tip. That really helped, its only after i turned cef off, did i get the correct results.

    Thanks again and kind regards,

    PS – Do you have a list of blogs/posts written by you.

  5. Pingback: The Longest Match Rule - PacketU

  6. Bill L says:

    Shouldn’t your mask be 254.0.0.0 for the static route for 10-11.0.0.0? A mask of 128.0.0.0 would match the first bit only. Seven bits of mask is 254.

Comments are closed.