How does a host (HOST_A) on LAN1 send a packet to a a network more than 1 hop away and how does a router (ROUTERX) handle that packet?

Question

Suppose there is a host, HOST_A, on LAN1 and is sending a packet. The destination address of that packet is: 10.10.11.77

HOST_A will refer to it's routing table and see that that there is no entry for 10.10.11.77 and will forward the packet to the default gateway, 0.0.0.0/0. Assuming that the arp cache has the mac address of the default gateway, HOST_A will encapsulate the packet to in an Ethernet frame destination to the mac address of the default gateway.

After being sent to default gateway, it reaches a router, ROUTERX, in the default zone. The router needs to forward the packet out the right interface. The router is directly is on 5 subnets.

The interfaces and the their IPs:

• so-0/0/0 has an IP of 10.0.12.1/24

• so-0/0/1 has an IP of 10.0.19.1/24

• so-0/0/2 has an IP of 10.0.17.1/24

• so-0/0/3 has an IP of 10.0.23.1/24

   Network    | Prefix | Next-Hop  | Interface
  --------------------------------------------
   10.10.0.0  | /20    | 10.0.12.0 | so-0/0/0 scope global
   10.10.8.0  | /21    | 10.0.19.0 | so-0/0/1 scope global
   10.10.8.0  | /22    | 10.0.17.0 | so-0/0/2 scope global
   10.10.10.0 | /24    | 10.0.23.0 | so-0/0/3 scope global
  

The packet would get forwarded out interface so-0/0/2 because it is the most specific match. We do not send it out of so-0/0/3 because despite having a longer prefix, the 24th bit does not match

Edit: Here's is the source of my confusion, an excerpt from The Illustrated Network: How TCP/IP works in a modern network 2nd Ed.

I use LAN1 in my example instead of LAN2 and the section in the middle is describing the look up process.

Consider a packet sent to 10.10.11.77 ( bsdclient ) from LAN2. Remember,the network is 10.10.11.0/24 ...

...There is no longer entry. This makes the /22 entry the longest match for the destination address, and the packet is forwarded to 10.10.17.2. The rest of the bits are used for local delivery of the packet on LAN2.

Answer 1

The packet would get forwarded out interface so-0/0/2 because it is the most specific match.

That prefix doesn't match. 10.10.0.0/22 matches 10.10.0.0 to 10.10.7.255. The longest/most specific prefix matching 10.10.11.77 is 10.10.0.0/20, so gateway 10.0.12.2 on interface so-0/0/0 is used.

While you could have overlapping routes for remote networks, it's not possible to configure a host with overlapping local networks, or even configuring the same IP address on multiple interfaces (10.10.0.8).

There's an excellent Q&A on subnetting, network masks and prefixes here.

The remaining bits are used for local delivery on LAN1.

The entire destination IP address is used for delivery over LAN1. For a MAC-based LAN, the IP address of the next-hop gateway is resolved to a MAC address by ARP (or a lookup in the host's ARP table) and the IP packet is encapsulated in a frame addressed to that MAC.

HOST_A will refer to it's routing table and see that that there is no entry for 10.10.11.77 and will forward the packet to the default gateway.

HOST_A will check its routing table from longest to shortest prefix until it finds a match. The default route with the 0.0.0.0/0 prefix is the shortest possible prefix, so it's always checked last. Accordingly, it's only used when there's no specific route. If no match is found and there's no default route then the packet cannot be sent and it's dropped.

Answer 2

The remaining bits are used for local delivery on LAN1.

This is incorrect and makes little sense. An IP address is a complete unit. Routers do not split them up.