Computer Networks Network Layer

Static vs Dynamic Routing

Hand-edited tables vs protocols that converge. When each is correct, and the operational cost of choosing wrong.

Concept Intermediate
7 min read
routing static-routing dynamic-routing ospf bgp

Summary#

Every router forwards a packet by looking up its destination in a routing table. The interesting question is who builds that table. Static routing is a human typing entries in: “anything for 10.0.0.0/8, send to 192.168.1.1.” Dynamic routing is a protocol — RIP, OSPF, IS-IS, EIGRP, BGP — running between routers, exchanging reachability messages and computing the table automatically. The static table never changes until the human edits it; the dynamic table reconverges within seconds when a link drops.

The choice is not “modern vs old-fashioned” — it is a trade between operational simplicity and topological flexibility. A two-router site connected to one ISP with one default route has nothing to gain from OSPF and a real cost in complexity. A 200-router enterprise WAN cannot be static-routed by humans — there are too many failure modes to type out, and the table goes stale the moment someone reorganises a closet.

Why it matters#

Routing is the layer where reachability is decided. Get this wrong and packets sink into a black hole, loop forever (TTL eventually saves you), or take a path so suboptimal that a 5 ms LAN turns into a 200 ms detour through the wrong continent. Every networking outage that has made the news — Facebook 2021, AWS US-EAST-1 multiple times, several Cloudflare incidents — has had a routing component, usually in the dynamic protocols (BGP misconfiguration, OSPF flap storms).

It also matters for cost. Dynamic routing protocols consume CPU on every router (Dijkstra runs on every link-state change), bandwidth (hello packets, LSAs, BGP updates), and operational headcount (someone has to understand show ip ospf neighbor). Static routing has none of that recurring cost — but the one-time cost of a missed entry can be a multi-hour outage during a topology change nobody documented.

How it works#

Static routing#

A static route is a manually-entered tuple: (destination prefix, next hop, optional metric, optional interface). On Linux: ip route add 10.0.0.0/8 via 192.168.1.1. On Cisco IOS: ip route 10.0.0.0 255.0.0.0 192.168.1.1. The router writes the entry into its forwarding table and uses it for every packet matching the prefix.

The most common static route is the default route0.0.0.0/0 pointing at the upstream ISP. Home routers, branch offices with a single uplink, and most small business networks have this and nothing else. It says “anything I don’t have a more specific route for, send up the pipe.”

Static routes never time out. They have no liveness check by default. If the next-hop interface goes down, the route stays in the table pointing at a dead gateway — the router will keep handing packets to a nonexistent neighbour until someone notices. Floating static routes (a static route with a worse administrative distance than the dynamic protocol) are the usual workaround: dynamic wins normally, static fills in when dynamic fails.

Dynamic routing#

A dynamic protocol runs between routers in the same administrative domain (or, for BGP, between domains). Each router learns about its neighbours through hello packets, exchanges reachability information, and computes its forwarding table from the resulting view of the network. When a link drops, the affected routers detect it (missed hellos, interface down), flood the news, and every router recomputes its table.

The three families:

  • Distance-vector (RIP, EIGRP). Each router knows the cost to each destination and the next hop. Tells neighbours its full vector; neighbours apply Bellman-Ford. Simple, slow to converge, prone to count-to-infinity.
  • Link-state (OSPF, IS-IS). Each router floods a description of its own links to every other router in the area. Every router builds an identical topology graph and runs Dijkstra independently. Fast convergence, higher CPU and memory.
  • Path-vector (BGP). Each router advertises the full AS-path to each prefix. Used between organisations (autonomous systems) because policy matters more than shortest path.
+--------+         +--------+         +--------+
| Router |  hello  | Router |  hello  | Router |
|   A    |◄────────┤   B    ├────────►│   C    |
|        ├────────►│        │◄────────┤        |
+--------+   LSA   +--------+   LSA   +--------+
     │                  │                  │
     └────── all three converge on the same topology graph ──────┘
                       (Dijkstra on each)

Where each lives in practice#

  • Home routers. Default static route to the ISP. The ISP-facing side often runs DHCP for the WAN IP; the LAN side is just the subnet’s gateway.
  • Small offices. Mostly static or RIPv2 between a handful of routers; OSPF if there’s an in-house network engineer.
  • Enterprises. OSPF or EIGRP as the IGP across all sites, with static routes filling in for stub networks and floating statics as backup. BGP at the edge where two or more ISPs connect.
  • Service providers. OSPF or IS-IS internally (IS-IS scales better past a few hundred routers, which is why most large carriers prefer it). BGP everywhere between ASes. Static routes are rare and audited — at this scale a stale static is the kind of thing that takes down a region.

Variants and trade-offs#

Static routing. Zero protocol overhead, deterministic, easy to audit. No CPU cost, no convergence delay (the route was always there). Predictable failure mode: if you missed an entry, traffic blackholes. Operational cost is human-driven — every topology change is a ticket.
Dynamic routing. Self-healing under topology change, automatic load distribution across equal-cost paths, scales to thousands of prefixes. Costs CPU, RAM, and link bandwidth for control traffic. Failure modes are subtler — flap storms, route leaks, slow convergence — and require protocol expertise to debug.

Other dimensions:

  • Convergence time. OSPF converges in sub-second on a healthy LAN; BGP convergence after a transit failure can take minutes for the full Internet table. Static “converges” instantly — but only after a human edits it.
  • Scaling. Static scales O(prefixes × routers) in operator effort. OSPF scales by area; one area handles a few hundred routers comfortably, and ABRs aggregate between areas. BGP scales to the full Internet (~1M IPv4 prefixes today) because path-vector lets each AS apply policy without computing a full graph.
  • Security. A static route is implicit trust in whoever has shell on the router. A dynamic protocol accepts updates from neighbours — and a misconfigured or hijacked neighbour can poison the table (the classic BGP hijack). Authentication (OSPF MD5/SHA, BGP MD5, RPKI) helps but is unevenly deployed.
  • Multi-homing. A site with two ISPs almost always runs BGP — static can’t react when one ISP fails. Single-homed sites stay static.
Why not just use dynamic everywhere?

Three reasons. (1) Complexity has a cost: every protocol is a new failure mode, a new attack surface, and a new thing for the on-call engineer to understand at 3am. (2) Dynamic protocols only help if there is something to discover. A point-to-point link with no alternative path has nothing to converge to — a static route there is identical to a dynamic route, minus the control-plane traffic. (3) Some boundaries are political, not technical: between you and your ISP, between security zones, between trust domains. Dynamic exchange across those boundaries leaks topology you might not want to share. Static (or carefully filtered BGP) gives you control.

When this is asked in interviews#

Common in SRE, network engineering, and platform loops. The shape of the question is usually “you have a small office connecting to two ISPs — what routing do you run?” or “your team is debugging a slow path between two data centres — walk me through how you’d narrow it down.” Strong answers anchor on the trade: static for stability and simplicity, dynamic for self-healing, BGP specifically for multi-homing and inter-AS policy.

Follow-ups to expect:

  • “What happens if a static next-hop goes down?” — Route stays in the table pointing at a dead gateway; packets blackhole until removed manually or a floating static promotes a backup.
  • “Why is BGP a path-vector and not link-state?” — Scaling and policy. Each AS only needs to know paths, not the internal topology of every other AS. Plus, AS-path enables loop detection without flooding.
  • “Why would a service provider pick IS-IS over OSPF?” — Scales better past a few hundred routers, runs directly over Layer 2 (no IP dependency for the control plane), and the original design separated topology from address family cleanly enough that adding IPv6 was nearly free.
  • “When would you use a floating static?” — As a backup when the dynamic protocol fails. Higher administrative distance means the dynamic route wins normally; the static surfaces when the dynamic disappears.
Search ESC

Keyboard shortcuts

Shortcuts are disabled while typing in inputs.