The Firepower Threat Defense device routing table can be populated with statically defined routes and directly connected routes. It is possible that the same route is entered in more than one manner. When two routes to the same destination are put into the routing table, the one that remains in the routing table is determined as follows:
- If the two routes have different network prefix lengths (network masks), then both routes are considered unique and are entered into the routing table. The packet forwarding logic then determines which of the two to use.
For example, assume the following routes are entered in the routing table:
Even though the 192.168.32.0/24 route has the longer network prefix, both routes are installed in the routing table because each of these routes has a different prefix length (subnet mask). They are considered different destinations and the packet forwarding logic determines which route to use.
- If multiple paths to the same destination are entered in the routing table, the route with the better metric, as entered with the static route, is entered into the routing table.
Metrics are values associated with specific routes, ranking them from most preferred to least preferred. The parameters used to determine the metrics differ for different routing protocols. The path with the lowest metric is selected as the optimal path and installed in the routing table. If there are multiple paths to the same destination with equal metrics, load balancing is done on these equal cost paths.