Loading learning content...
A large enterprise network might have thousands of subnets across dozens of locations. Without route summarization, every router in the network would need to maintain routes to every subnet—an unsustainable proposition as networks grow. Route summarization is the controlled application of CIDR aggregation to reduce routing complexity.
Unlike address aggregation (which combines address blocks), route summarization focuses on routing advertisements—how we propagate reachability information through a network to minimize the size of routing tables while maintaining correct forwarding behavior.
By the end of this page, you will understand where and when to apply route summarization, how to calculate summary routes, the tradeoffs involved, and best practices for hierarchical network design. You'll be able to design summarization strategies for enterprise and service provider networks.
While often used interchangeably, these terms have slightly different connotations in networking:
Address Aggregation: Combining IP address blocks into larger blocks. Focus is on the address space itself.
Route Summarization: Advertising a single route that covers multiple more-specific routes. Focus is on routing protocols and advertisements.
In practice, they're two perspectives on the same mathematical operation. Summarization is aggregation applied to routing.
┌─────────────────────────────────────────────────────────────────┐│ ADDRESS AGGREGATION ││ (Focus: Address Space Management) │├─────────────────────────────────────────────────────────────────┤│ ││ "We have 4 /24 blocks. Let's represent them as a /22." ││ ││ Used in: ││ • IP address planning ││ • Address allocation from registries ││ • Documentation and design ││ │└─────────────────────────────────────────────────────────────────┘ ┌─────────────────────────────────────────────────────────────────┐│ ROUTE SUMMARIZATION ││ (Focus: Routing Protocol Behavior) │├─────────────────────────────────────────────────────────────────┤│ ││ "Advertise one /22 route instead of four /24 routes." ││ ││ Used in: ││ • Routing protocol configuration ││ • Network boundary design ││ • Reducing routing updates ││ • Improving convergence time ││ │└─────────────────────────────────────────────────────────────────┘ The Relationship:┌──────────────────┐ ┌──────────────────┐│ 4 × /24 │ │ 4 separate ││ address │ ◄──► routing ││ blocks │ │ entries │└──────────────────┘ └──────────────────┘ │ │ ▼ ▼┌──────────────────┐ ┌──────────────────┐│ 1 × /22 │ │ 1 summary ││ aggregate │ ◄──► route ││ block │ │ entry │└──────────────────┘ └──────────────────┘ Aggregation SummarizationDifferent contexts favor different terms. BGP documentation often says 'aggregation.' OSPF documentation often says 'summarization.' Cisco uses 'summary address.' Juniper uses 'aggregate route.' They all describe the same fundamental operation.
Route summarization provides multiple benefits that compound as networks grow. Understanding these benefits justifies the design effort required.
123456789101112131415161718192021222324252627282930
# Example: Large Enterprise Network Before Summarization:├── 500 sites × 10 subnets = 5,000 routes in core routing table├── Route change in any subnet → propagates to all core routers├── SPF calculation includes 5,000 prefixes└── Convergence time: ~500ms (worst case) After Summarization (1 summary per site):├── 500 sites × 1 summary = 500 routes in core routing table├── Route change in subnet → contained within site├── SPF calculation includes 500 prefixes└── Convergence time: ~50ms (10× faster) Memory Impact:├── Each IPv4 route entry ≈ 50-100 bytes (depends on router)├── Before: 5,000 × 75 bytes = 375 KB├── After: 500 × 75 bytes = 37.5 KB└── Savings: 337.5 KB (90% reduction) Update Traffic Impact:├── OSPF LSA size ≈ 28 bytes per prefix├── Before: Full LSA flood = 5,000 × 28 = 140 KB├── After: Summary LSA flood = 500 × 28 = 14 KB└── Savings: 126 KB per full update (90% reduction) These savings multiply across all routers in the network.500 sites × 10 subnets = 50,000 route entries network-widereduced to 500 sites × 1 summary = 500 route entries at core= 99% reduction at the network coreThe effort to design proper summarization is repaid many times over as networks grow. A network designed with summarization in mind can scale 10× without proportional increases in routing complexity. Without it, every new subnet adds burden across the entire network.
Summarization happens at network boundaries—points where you want to hide topology details from one part of the network from another. Choosing these boundaries carefully is a key design decision.
Common Summarization Boundaries
| Network Type | Summarization Point | Direction | Purpose |
|---|---|---|---|
| Enterprise | WAN edge routers | Toward core | Hide site-specific routes from core |
| Enterprise | Core routers | Toward WAN | Aggregate core routes toward sites |
| Enterprise | Internet edge | Toward Internet | Single aggregate for enterprise |
| Service Provider | PE routers | Toward core | Summarize customer routes |
| Service Provider | ASBR | Toward peers | Aggregate before BGP advertisement |
| Data Center | Spine switches | Toward leaves | Summarize leaf subnets |
| OSPF | Area Border Router | Inter-area | Area summaries (inter-area routes) |
| BGP | AS boundary | To other AS | AS-level aggregation |
The best summarization comes from networks designed with summarization in mind from the start. Assign address blocks to sites/regions that can be cleanly summarized. Retrofitting summarization onto a poorly designed addressing scheme is difficult or impossible.
Given a set of routes to summarize, you need to find the most specific summary that covers all of them without including too many extra addresses.
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465
ALGORITHM: Calculate Optimal Summary Route INPUT: Set of routes to summarizeOUTPUT: Most specific summary covering all inputs STEP 1: Find the range - Identify lowest and highest addresses - The summary must cover this entire range STEP 2: Find common prefix bits - Convert first and last addresses to binary - Count matching bits from the left - This count becomes the summary prefix length STEP 3: Construct the summary - Take the common bits as the network portion - Set remaining bits to 0 for the summary address - Apply the calculated prefix length ──────────────────────────────────────────────────────────────── EXAMPLE: Summarize these routes 172.16.32.0/24 172.16.33.0/24 172.16.34.0/24 172.16.35.0/24 172.16.36.0/24 Step 1: Find the range Lowest: 172.16.32.0 Highest: 172.16.36.255 (last address of 172.16.36.0/24) Step 2: Convert to binary and find common bits 172.16.32.0 = 10101100.00010000.001000|00.00000000 172.16.36.0 = 10101100.00010000.001001|00.00000000 ↑ First 21 bits match, bit 22 differs Wait! Let's verify with 172.16.36.255: 172.16.36.255 = 10101100.00010000.00100100.11111111 Compare all: 172.16.32.0 = 10101100.00010000.00100|000.00000000 172.16.36.255 = 10101100.00010000.00100|100.11111111 ↑ First 21 bits match, but we need to cover 32-36 inclusive. Actually, 32-36 = 5 values. Not a power of 2! Step 3: Adjust for power-of-2 coverage We need to cover 172.16.32.0 to 172.16.36.255 Option A: /21 (172.16.32.0/21 covers 172.16.32.0 - 172.16.39.255) ✓ Covers all our routes − Includes 172.16.37-39 which we don't have Option B: Multiple summaries 172.16.32.0/22 covers 172.16.32.0 - 172.16.35.255 (4 routes) 172.16.36.0/24 stays as-is (1 route) ✓ No extra coverage − Still 2 entries RESULT: If minimizing entries is priority: 172.16.32.0/21 (1 entry) If avoiding over-advertisement is priority: 172.16.32.0/22 + 172.16.36.0/24The Over-Coverage Tradeoff
Summarization often creates "extra coverage"—the summary includes addresses that don't correspond to actual networks. This is usually acceptable but requires consideration:
Acceptable when:
Problematic when:
Scenario: Site has exactly 8 /24 subnets, properly aligned.
1234567891011121314151617181920212223
Site subnets (8 × /24):10.1.0.0/2410.1.1.0/2410.1.2.0/2410.1.3.0/2410.1.4.0/2410.1.5.0/2410.1.6.0/2410.1.7.0/24 Summary calculation:├── Count: 8 = 2^3 (perfect power of 2)├── Range: 10.1.0.0 to 10.1.7.255├── Starting address: 10.1.0.0├── Is 0 divisible by 8? Yes└── Summary prefix: /24 - 3 = /21 Result: 10.1.0.0/21 Coverage analysis:├── 10.1.0.0/21 covers 10.1.0.0 - 10.1.7.255├── This exactly matches our 8 subnets└── Zero over-coverage - perfect summarization!When you summarize routes with over-coverage, configure a 'null0' or 'discard' route for the summary. This ensures traffic to the unused portion is explicitly dropped at your router rather than potentially looping or being misrouted. This is essential for routing stability.
OSPF provides built-in summarization capabilities at area boundaries. Understanding OSPF's summarization model is essential for enterprise network design.
OSPF Summarization Points
Area Border Router (ABR) Summarization
ASBR Summarization
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950
! OSPF ABR Summarization Example!! Topology:! Area 1: 10.1.0.0/24 through 10.1.15.0/24 (16 subnets)! Area 2: 10.2.0.0/24 through 10.2.15.0/24 (16 subnets)! Area 0: Backbone!! ABR-1 connects Area 1 to Area 0! ABR-2 connects Area 2 to Area 0 ! Configuration on ABR-1:router ospf 1 router-id 1.1.1.1 ! Summarize Area 1 routes toward Area 0 ! Instead of 16 Type 3 LSAs, create 1 summary area 1 range 10.1.0.0 255.255.240.0 ! The range command: ! - Applies to this ABR only ! - Creates a single Type 3 LSA for 10.1.0.0/20 ! - Suppresses the 16 individual /24 LSAs ! Optional: Set cost for the summary route area 1 range 10.1.0.0 255.255.240.0 cost 100 ! Optional: Suppress (don't advertise) a range area 1 range 10.1.128.0 255.255.128.0 not-advertise ! Configuration on ABR-2:router ospf 1 router-id 2.2.2.2 area 2 range 10.2.0.0 255.255.240.0 ! Result in Area 0:! - Instead of seeing 32 individual routes (16 from each area)! - Core routers see 2 summary routes:! - 10.1.0.0/20 via ABR-1! - 10.2.0.0/20 via ABR-2 ! ASBR External Route Summarizationrouter ospf 1 router-id 3.3.3.3 redistribute bgp 65001 subnets ! Summarize external routes summary-address 192.168.0.0 255.255.0.0 ! This creates a single Type 5 LSA for 192.168.0.0/16 ! instead of all the individual BGP-learned routesWhen OSPF creates a summary route, it uses the lowest cost among all the component routes as the summary's cost. This ensures the summary doesn't advertise a worse path than any of the specifics. You can override this with the 'cost' keyword.
BGP summarization (aggregation) is critical for Internet scalability. Every organization connecting to the Internet should aggregate their address space into the minimum number of prefixes.
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657
! BGP Aggregation Scenario!! Enterprise has these allocations from ISP:! 198.51.100.0/24 - Data center! 198.51.101.0/24 - Office 1! 198.51.102.0/24 - Office 2! 198.51.103.0/24 - Office 3!! These are contiguous - can aggregate to /22 router bgp 65001 ! Method 1: aggregate-address (most common) ! Creates aggregate route in BGP table ! Basic aggregation aggregate-address 198.51.100.0 255.255.252.0 ! With summary-only (RECOMMENDED for Internet) ! Suppresses component routes - only advertises aggregate aggregate-address 198.51.100.0 255.255.252.0 summary-only ! With as-set (preserves AS path information from components) aggregate-address 198.51.100.0 255.255.252.0 as-set summary-only ! Understanding the options:!! Without summary-only:! Advertises: 198.51.100.0/22 AND all four /24s! Total advertisements: 5 prefixes! Use case: When you need more specific routes for traffic engineering!! With summary-only:! Advertises: 198.51.100.0/22 only! Total advertisements: 1 prefix! Use case: Standard Internet aggregation (most common)!! With as-set:! The aggregate's AS_PATH includes AS numbers from all components! Prevents routing loops when aggregating routes from multiple sources! Creates AS_SET attribute (shows all contributing ASes) ! Method 2: Static route to Null0 + network statement! More explicit control, commonly used ! Create aggregate route locallyip route 198.51.100.0 255.255.252.0 Null0 ! Advertise via BGProuter bgp 65001 network 198.51.100.0 mask 255.255.252.0 ! Why the Null0 route?! - BGP only advertises routes in the routing table! - Null0 route creates the aggregate in routing table! - If a component goes down, aggregate still exists! - Traffic to unavailable component is dropped (not looped)BGP Aggregation Best Practices
Always use summary-only for Internet-facing aggregation unless you have specific traffic engineering needs
Add as-set when aggregating routes from multiple ASes (prevents routing loops)
Configure Null0 routes for aggregates to prevent routing loops if component routes disappear
Filter at the edge to ensure only aggregates leave your network, not specific routes
Plan for deaggregation if you need traffic engineering (announcing both aggregate and specifics to different peers)
Most major ISPs filter prefixes longer than /24. If you deaggregate for traffic engineering (advertising both /22 and component /24s), the /24s should propagate. But never advertise /25 or longer expecting global reachability—they will likely be filtered.
Effective summarization requires planning during the addressing design phase. Retrofitting summarization onto a poorly planned network is difficult or impossible.
12345678910111213141516171819202122232425262728293031323334
# Enterprise Addressing Plan with Built-in Summarization Company allocation: 10.0.0.0/8 Regional allocation (/12 per region):├── North America: 10.0.0.0/12 (10.0.0.0 - 10.15.255.255)├── Europe: 10.16.0.0/12 (10.16.0.0 - 10.31.255.255)├── Asia Pacific: 10.32.0.0/12 (10.32.0.0 - 10.47.255.255)└── LATAM: 10.48.0.0/12 (10.48.0.0 - 10.63.255.255) Site allocation within North America (/20 per site):├── Headquarters: 10.0.0.0/20 (10.0.0.0 - 10.0.15.255)├── Data Center 1: 10.0.16.0/20 (10.0.16.0 - 10.0.31.255)├── Data Center 2: 10.0.32.0/20 (10.0.32.0 - 10.0.47.255)├── Branch 1: 10.0.48.0/20├── Branch 2: 10.0.64.0/20└── (room for 256 sites per region) VLAN allocation within HQ (/24 per VLAN):├── Users VLAN: 10.0.0.0/24├── Voice VLAN: 10.0.1.0/24├── Servers: 10.0.2.0/24├── Management: 10.0.3.0/24├── IoT: 10.0.4.0/24└── (room for 16 VLANs per site) Summarization result:┌─────────────────────────────────────────────────────────┐│ HQ router advertises to regional hub: 10.0.0.0/20 ││ Regional hub advertises to core: 10.0.0.0/12 ││ Core advertises to Internet: 10.0.0.0/8 │└─────────────────────────────────────────────────────────┘ Every level reduces routing complexity by 16-256×A well-designed hierarchical addressing plan with proper summarization can scale from 10 sites to 1,000 sites with minimal increase in core routing table size. The core only sees regional summaries, not individual site routes. This is how global enterprises achieve network scalability.
Route summarization is the practical manifestation of CIDR's aggregation capabilities in real networks. When properly designed and implemented, it transforms unwieldy routing tables into manageable, hierarchical structures that scale gracefully.
What's Next:
We conclude the CIDR module with a comprehensive look at CIDR benefits—synthesizing everything we've learned to understand how CIDR transformed Internet architecture and why it remains essential today.
You now understand route summarization—where to apply it, how to calculate summary routes, and how to configure it in major routing protocols. Combined with address aggregation knowledge, you can design scalable network addressing schemes that optimize routing efficiency.