General Routing question

pankajs · ‎10-21-2005

A fastethernet interface on my router is configured with IP address 10.1.1.1/24. This interface is connected to a layer 2 switch with users in IP range 10.1.1.2/24 - 10.1.1.253/24. IP routing is enabled on the router. Traffic coming in from serial interface and destined for any of the users PCs needs to be redirected to 10.1.1.254/24. PBR is one solution.

I am curious to know if following 2 two static routes on the router are going to work or not.

ip route 10.1.1.0/25 10.1.1.254

ip route 10.1.1.128/25 10.1.1.254

I expect that depending on longest match router will use the static routes instead of using directly connected route.

Please suggest!!

Thank you.

attrgautam · ‎10-21-2005

You are correct. It will prefer the /25 route as it is a longer match. So this is the best way of routing it to the interface. But for the /25 it is ok. But for the 2nd /25 the next hop itself will point to the same IP

sh ip route 10.1.1.254

Routing entry for 10.1.1.254/25

Known via "static", distance 1, metric 0

Routing Descriptor Blocks:

* 10.1.1.254

Route metric is 0, traffic share count is 1

Your traffic for the 2nd /25 may get blackholed.

pankajs · ‎10-21-2005

I'm afraid, I didn't understand how second route entry 10.1.1.128/25 is going to cause blackhole???

The next hop is just working for /24 network.

attrgautam · ‎10-22-2005

the route you write has the next hop 1.1.254 and the router will do a recursive lookup for 1.1.254 again. The 2nd lookup will also point to the same route again (as it is a /25 route and interface has /24). So the packet will in all probability drop unless iam making a simple mistake.

pankajs · ‎10-24-2005

Right, if this is the case then both the static routes will not work as 1.254 can not be reached with these two static routes.

Will putting a following static route help???

ip route 10.1.1.254/32

baldy · ‎10-25-2005

I've got a suspicion that this would upset the router. The router has to recurse each destination until it gets to an interface. So a packet destined for 10.1.1.4 should be forwarded to 10.1.1.0/25 the next hop of which is 10.1.1.254. Normally the router now recurses this next-hop to a connected route and hence an interface which it then arps out of for the next-hops mac address. But now you can't recurse the lookup becase 10.1.1.254 matches your second route, hence you will go round in circles.

Policy routing would work here but I would start to seriously consider why you want to do this. I'll bet there are several much tidier ways of doing it if you think about it. Why not make a separate IP network between your router and whatever 1.254 is, then eveything is nice and simple IP routing.

pankajs · ‎10-25-2005

There are many constraints to go for simple routing solution:(. Major is downtime and that too with large number of sites.

As mentioned in the earlier post, its true that two routes will cause it to go in circles.

I am curious if static host route for 10.1.1.254/32 pointing to ethernet interface will make the router to ARP out the ethernet interface while looking for 10.1.1.254(next hop).