MLS Routing Table Incorrect — Wrong Paths Being Used
Presenting Symptom
Traffic from a VLAN to a remote network is taking an unexpected path, causing connectivity issues or suboptimal routing.
Network Context
A medium-sized enterprise campus network with a collapsed core design. The core switch is a Catalyst 3850 running IOS XE 16.9, acting as a Multilayer Switch (MLS) with SVIs for VLANs 10, 20, and 30. OSPF is used for routing between the core and a distribution switch (Catalyst 2960) and a WAN router. The problem occurs after a recent network change where a new subnet was added.
Diagnostic Steps
Check the routing table for the destination network
show ip route <destination-network>Routing entry for 10.10.20.0/24
Known via "ospf 1", distance 110, metric 20
Last update from 192.168.1.2 on Vlan10, 00:00:15 ago
Routing Descriptor Blocks:
* 192.168.1.2, via Vlan10, 00:00:15 ago
Route metric is 20, traffic share count is 1If the next-hop IP or outgoing interface is unexpected (e.g., pointing to a less preferred path), it indicates incorrect routing. Compare with expected path based on network design.
Verify OSPF neighbor relationships
show ip ospf neighborNeighbor ID Pri State Dead Time Address Interface 192.168.1.2 1 FULL/DR 00:00:35 192.168.1.2 Vlan10 192.168.1.3 1 FULL/BDR 00:00:32 192.168.1.3 Vlan20
All expected neighbors should be in FULL state. Missing or stuck neighbors (e.g., EXSTART, 2WAY) indicate OSPF issues that could affect route propagation.
Check OSPF database for the specific prefix
show ip ospf database external 10.10.20.0 OSPF Router with ID (10.0.0.1) (Process ID 1)
Type-5 AS External Link States
LS age: 100
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 10.10.20.0 (External Network Number )
Advertising Router: 192.168.1.2
LS Seq Number: 80000001
Checksum: 0x1234
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0If the advertising router is not the expected source, or if there are multiple LSAs for the same prefix with different metrics, it may indicate a redistribution issue or a misconfigured route.
Examine the routing table for any floating static routes or administrative distance issues
show ip route 10.10.20.0 255.255.255.0 longer-prefixesCodes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
O E2 10.10.20.0/24 [110/20] via 192.168.1.2, 00:00:15, Vlan10
O E2 10.10.20.0/24 [110/30] via 192.168.1.3, 00:00:10, Vlan20Multiple routes to the same prefix with different metrics indicate equal-cost or unequal-cost paths. The router will use the best metric (lowest). If the lower metric path is incorrect, it explains the wrong path. Also check for static routes that may have lower administrative distance.
Root Cause
A static route with a lower administrative distance (e.g., 1) was configured on the MLS for the destination network, pointing to an incorrect next-hop. This static route overrides the OSPF-learned route (AD 110), causing traffic to take the wrong path.
Resolution
Verification
Run 'show ip route 10.10.20.0' again. Expected output should show the OSPF-learned route with correct next-hop and interface. Example: Routing entry for 10.10.20.0/24 Known via "ospf 1", distance 110, metric 20 Last update from 192.168.1.2 on Vlan10, 00:00:05 ago Routing Descriptor Blocks: * 192.168.1.2, via Vlan10, 00:00:05 ago Route metric is 20, traffic share count is 1 Also verify connectivity with ping or traceroute to confirm correct path.
Prevention
1. Use route filtering or policy-based routing to control path selection instead of static routes with lower AD. 2. Implement route redistribution with proper route maps to avoid unintended static routes overriding dynamic ones. 3. Regularly audit routing tables and static route configurations, especially after network changes.
CCNA Exam Relevance
On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where you must identify why a router is using a suboptimal path. The exam tests your understanding of administrative distance, route selection, and static vs dynamic routing. You may be asked to interpret 'show ip route' output to determine which route is installed and why.
Exam Tips
Remember that the route with the lowest administrative distance is installed in the routing table. Static routes (AD 1) override OSPF (AD 110).
When troubleshooting wrong paths, always check for static routes first using 'show ip route static'.
Know that 'show ip route <prefix>' shows the best route; use 'show ip route <prefix> longer-prefixes' to see all routes to that prefix.
Commands Used in This Scenario
show ip ospf database
Displays the OSPF link-state database (LSDB) to verify OSPF adjacencies, check for missing or corrupt LSAs, and troubleshoot OSPF routing issues.
show ip ospf neighbor
Displays OSPF neighbor information to verify adjacency formation and troubleshoot OSPF neighbor relationships.
show ip route
Displays the current IP routing table on a Cisco router, used to verify routes, check next-hop addresses, and troubleshoot connectivity issues.
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions