When I first started my networking career I was completely baffled by classless and classful routing. What is this? What are the differences? Why so complicated? Well it’s actually not if you know the differences between the two. Let’s take a look at what each are, and their function.

• Classless Routing – If configured, the default route is used to forward a packet when no exact match subnet or address is listed within the routing table.

• Classful Routing – If configured, the default route is used to forward a packet when no subnet or address is listed within the routing table. When a subnet is listed in the routing table but the packet does not match any of the routes in the table the packet is discarded and not routed.

So what does this mean?

Lets say for instance we have a packet coming from 10.1.1.50/24 going to 10.1.2.20/24. The forwarding router does not have a route configured for the 10.1.2.0/24 network. The router will then use our configured default route for unknown networks. With classless routing the default route will be matched and the packet will be sent out the appropriate interface.

Now let’s discuss classful routing. The same host wants to reach 10.1.2.20/24. If we have classful routing enabled the packet will be sent to it’s gateway for routing. Upon arrival the router will look for a matching subnet. Let say we have a summary route of 10.1.0.0/16 with an exact match for subnet 10.1.1.0/24, but no match for 10.1.2.0/24. With classful routing the router will then drop the packet. Even though we have a default route configured the packet will be dropped because of the summary route of 10.1.0.0/16. Think of classful routing as a rodent trap. The rodents can enter the trap, but they cannot get back out. Once the router starts searching the subnets of the summarized route and no exact match or specific route exists in the routing table, it will not back out and use the default route. It will simply drop the packet.

I hope you now see the differences between these two technologies and this eases exactly how they are involved with routing decisions. Mainly each one has different ways to decide on whether or not to use a default route. Please post any questions/comments you have about these technologies and I’ll gladly answer them.

In my last post we talked about the differences between SNMP versions and pro’s and con’s of each version. Well enabling SNMP on the device does us no good if we cant gather the statistics to some form of network management software. Of course we can look on the local device for logs, however this can be mundane in a large environment and is not feasible. Here are the commands and ways to enable logging to a syslog server.

• Download some form of syslog collection software. You can choose any type of software you want for this, however for testing or to get used to configuration you can use a free version. I recommend Kiwi Syslog by Solarwinds. Syslog uses UDP port 514 by default so make sure this port is open on your syslog server’s firewall or you will not get any traps.

• Enable syslog monitoring on your device(s). This is a fairly simple task. From global config simply use the logging host command followed by the server’s IP address. (Ex. logging host 10.1.20.50) We can also specify an IPv6 host for logging using logging host ipv6 [address].

• By default every level of severity for traps is enabled. For example, interfaces connected to end devices that go up and down will be logged. In order to cut down on this traffic we can set the logging level. There are eight levels of logging and importance of logging on Cisco devices that we need to be aware of.

• Level 0 – Emergencies – System is unusable.
• Level 1 – Alerts – Immediate action needed.
• Level 2 – Critical – Critical conditions. (ex. overheating processor)
• Level 3 – Errors – Error conditions.
• Level 4 – Warnings – Warning conditions.
• Level 5 – Notifications – Normal but significant conditions.
• Level 6 – Informational – Informational messages. (ex. Interface up/down)
• Level 7 – Debugging – Debug messages.

• Leaving the default logging level may not be a bad idea for some environments. However most environments dont need to know when an interface connected to a PC goes up or down. We can set the logging level using the logging trap command. You will need to understand how the traps are sequenced in order to make a decision on what you want to monitor. They are listed above in order of importance. Lower numbers being more important. While using the traps command we need to select the lowest severity that we want to be monitored. All levels above this level will be monitored as a part of that decision. For example, lets say I want to monitor all Warnings. I would need to use the command logging trap 4. This command will include traps for all levels above Warnings as well.

Here would be a final running config for a device wanting to log to a server with IP address 10.2.1.50, and only log Error and above traps.

logging host 10.2.1.50

logging traps 3