HomeCCNABest Route, Routing Table Terms, and Lookup Process (Updated 2025)
Diagram illustrating route lookup and forwarding in a routing table with networks 172.16.0.0/16, 172.16.1.0/24, 172.16.2.0/24, and packet destination 172.16.2.100 sent to Ethernet1/1.

Best Route, Routing Table Terms, and Lookup Process (Updated 2025)

August 30, 2019
Asad Ijaz
6 min read
CCNA
Xfin

The best route is the longest match route to the destination IP address. The route lookup process matches the destination IP address with the available routes in the routing table and selects the longest-matched route as the forwarding route.

Table of Contents

To match the destination IPv4 address of a packet with the routes in the routing table, the minimum number of far-left bits must match the IPv4 address of the packet and the route in the routing table.

The router found the best route in the routing table for the packet using the subnet mask. The data packet never contains the subnet mask in the packet header.

The best route is the longest match or the one with the most significant number of equivalent far-left bits. The figure below illustrates the maximum bits match, which is the best route for the packet.

Best Route, Routing Table Terms
Best Route, Routing Table Terms, and Lookup Process (Updated 2025) 5

If the router receives a packet destined for 172.16.2.100, the router has three possible routes for the packet: 172.16.0.0/16, 172.16.1.0/24, and 172.16.2.0/24. Look at the table above in the figure to understand the most prolonged match routing process.

172.16.2.0/24 has the longest match, so the router has selected this route as the best route and forwards the packet to Ethernet 1/1. For any of these routes to be considered a match, there must be at least the number of matching bits indicated by the route’s subnet mask.

Routing Table Terms

The Cisco IP routing table is a hierarchical structure that speeds up the lookup process when locating routes and forwarding packets. Within this structure, the hierarchy includes:

  • Ultimate route
  • Level1 route
  • Level 1 parent route
  • Level 2 child routes

Ultimate Route

This route contains either a next-hop IPv4 address or an exit interface. Directly connected, dynamically learned, and local routes are also ultimate routes. The figure below illustrates the ultimate routes.

Best Route, Routing Table Terms CLI Screen
Best Route, Routing Table Terms, and Lookup Process (Updated 2025) 6

Level 1 Route

The route that is equal to a subnet mask or less than the classful mask of the network address. The source of the level 1 route can be a directly connected network, a static route, and a dynamic routing protocol. Therefore, a level 1 route is also the ultimate route. The type of level 1 route included:

  • Network route– A route with a subnet mask equal to the classful network is called a network route.
  • Default route– This is a static route for the packet whose destination is unknown to the router. The address of the default static route is 0.0.0.0/0.
  • Supernet route– This route has a network address with a mask less than the classful mask.

Level 1 Parent Route

The Level 1 parent route is a Level 1 network route that is subnetted. A parent route can never be an ultimate route. The figure below illustrates the level 1 parent route highlighted.

Best Route, Routing Table Terms
Best Route, Routing Table Terms, and Lookup Process (Updated 2025) 7

The level 1 parent route is the heading for the specific subnets. Each entry displays the classful network address, the number of subnets, and the number of different subnet masks.

Level 2 Child Route

This is a subnet of a classful network address. As illustrated in Figure 1, a level 1 parent route is a level 1 network route that is subnetted. A Level 1 parent route contains Level 2 child routes, as shown in the Figure below.

There are two level 2 child routes for the level 1 parent route 10.0.0.0 and three level 2 child routes for the level 1 parent route 172.16.0.0. The source of a level 2 route can be a directly connected network, a static route, or a dynamically learned route. Level 2 child routes are also ultimate routes.

Route Lookup Process

When a router receives a packet on an interface, the router examines the packet’s header, identifies the destination IPv4 address, and proceeds through the router lookup process.

Step-1

  1. The router examines level 1 routes, network routes, and supernet routes for the best match with the destination address of the IP packet.
  2. If the best match is a level 1, ultimate, or supernet route, the packet is forwarded to the destination using the best match route.
  3. If the best match is a level 1 parent route, continue to the next step.

Step-2

  1. The router examines the level 2 child routes of the level 1 parent route for the best match.
  2. If a match with a level 2 child route is found, the router forwards the packet to the destination using this route.
  3. Continue to the next step if no match is found with any level 2 child routes.

Step-3

  1. The router starts looking up the best match in level 1 supernet routes in the routing table, including the default route.
  2. If there is now a minor match with a level 1 supernet or default route, the router uses that route to forward the packet.
  3. The router drops the packet if a match to the destination is not found with any route in the routing table.

FAQs

What is the best route in a routing table?

The best route is the longest match to the destination IP address, determined by the most significant number of equivalent far-left bits matching between the packet’s IP and the routes. For example, for 172.16.2.100, 172.16.2.0/24 is selected over broader matches like /16 or /24 alternatives.

What are the key terms in a Cisco routing table hierarchy?

Key terms include ultimate route (with next-hop or exit interface), level 1 route (network, default, or supernet), level 1 parent route (subnetted network heading), and level 2 child route (subnets of classful addresses, which are ultimate routes).

How does the route lookup process work step by step?

Step 1: Match level 1 routes; forward if ultimate or supernet. Step 2: If parent route, check level 2 children; forward if match. Step 3: If no match, check supernets or default; drop packet if none found. This ensures efficient forwarding based on destination IP.

What is the difference between a level 1 parent route and a level 2 child route?

A level 1 parent route is a subnetted classful network that acts as a heading and can’t be ultimate. Level 2 child routes are its subnets, sourced from direct connects, static, or dynamic protocols, and serve as ultimate routes for forwarding.

Why is the longest match important in route selection?

The longest match ensures the most specific route is chosen, improving accuracy in packet forwarding. Without it, packets might take suboptimal paths; for instance, /24 matches over /16 for precision in hierarchical networks.

Avatar of Asad Ijaz

Asad Ijaz

NetworkUstad's lead networking architect with CCIE certification. Specializes in CCNA exam preparation and enterprise network design. Authored 2,800+ technical guides on Cisco systems, BGP routing, and network security protocols since 2018. Picture this: I'm not just someone who writes about tech; I'm a certified expert in the field. I proudly hold the titles of Cisco Certified Network Professional (CCNP) and Cisco Certified Network Associate (CCNA). So, when I talk about networking, I'm not just whistling in the dark; I know my stuff! My website is like a treasure trove of knowledge. You'll find a plethora of articles and tutorials covering a wide range of topics related to networking and cybersecurity. It's not just a website; it's a learning hub for anyone who's eager to dive into the world of bits, bytes, and secure connections. And here's a fun fact: I'm not a lone wolf in this journey. I'm a proud member and Editor of Team NetworkUstad. Together, we're on a mission to empower people with the knowledge they need to navigate the digital landscape safely and effectively. So, if you're ready to embark on a tech-savvy adventure, stick around with me, Asad Ijaz Khattak. We're going to unravel the mysteries of technology, one article at a time!"

Related Articles

ND NS NA Messages

How to Configure IPv6 ACLs

September 22, 2019
ISDN

ISDN

February 22, 2020
Understanding default gateway limitations in computer networks

Default Gateway Limitations: Impact on Connectivity and Performance

November 1, 2019
A diagram illustrating the TCP 3-way handshake between a Host and a Server. The steps include: Step-1 with Host sending SYN (Seq=x), Server receiving SYN; Step-2 with Server sending SYN ACK (Seq=x, ACK=x+1), Host receiving SYN ACK; and Step-3 with Host sending ACK (ACK=y+1), enabling data transfer with binary data shown.

Master TCP 3-Way Handshake and Boost Your Skills (Updated 2025)

August 6, 2019
Close-up of Ethernet cables with text overlay about tagging Ethernet frames for VLAN identification.

VLAN Identification – Your Ultimate Guide to Master VLAN Tagging (Updated 2025)

August 13, 2019
Diagram illustrating the LLC and MAC sublayers in the Data Link layer for a quiz.

LLC and MAC Sublayers Important Functions Quiz Test

February 24, 2025
Illustration depicting Cisco router interface settings verification using CLI commands. A terminal window with “Router# show interfaces” and a Cisco router icon with a checkmark emphasize diagnostics, configuration validation, and network reliability.

How to Verify Interface Settings

August 20, 2019
Cisco router CLI output showing the result of the show ip interface brief command, displaying interface status and IP addresses.

Important Show Commands in Cisco IOs (Updated 2025)

August 12, 2019
PVST

What is PVST+ – Exclusive Explanation

October 25, 2019