7.2 Default Routing
7.2.3 Gateway of last resort fails for a local domain
In the scenario shown in the main figure, the link between router A and router B is now part of the 168.71.0.0 domain that all other networks are using. However, the mask has been changed to 255.255.255.252. This was done to prevent router A and router B from advertising the 168.71.6.0 subnet.

In the routing table from router C, you can see that router C does not have a route to 168.71.6.0 or a summarized route to 168.71.0.0. (see RouterC#show ip route 168.71.6.0 and RouterC#show ip route 168.71.0.0 command outputs).

Note: An access list has been applied to the end of this debug command, which limits the output of the command to packets that match the access list. Adding the access list affects only the actual debug messages. It is a good idea to add an access list whenever a router with lots of IP traffic is being used to debug a problem related to the forwarding of IP packets. Remember that debug commands work only for IP packets that are being process switched. Ping packets generated by a router are always process switched, so adding the access list to the debug command will always work in situations similar to this one.

Note: To determine whether access-list debugging is available for a certain debug command, type a question mark (?) at the end of the command. If access-list debugging is available, the prompt indicates that you can enter an access-list number.

In the output of the debug ip packet command from router C, you can see that router C doesn't have a route to use for packets destined to 168.71.6.1 (see RouterC#debug ip packet 103, RouterC#ping 168.71.6. and RouterC#show access-lists 103 command output).

In the following routing table from router C, you can see that router C has a gateway of last resort installed. It was ignored because a router does not use a gateway of last resort for addresses that are part of its local domain --- a major network it has connections to. (see
RouterC#show ip route command output).