Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2616
Views
4
Helpful
10
Replies

Danger using default route with outgoing interface

pestebogdan
Level 1
Level 1

‎01-15-2011 08:02 AM - edited ‎03-04-2019 11:05 AM

Hi guys,

My question is more along the lines of "is there any warning in Cisco's documentation about this", because I don't recall during my CCNA courses ever seeing this.

From what i remember, both these options were valid and usable when configuring a default quad 0 route to the internet:

ip route 0.0.0.0 0.0.0.0 <ip-next-hop>

ip route 0.0.0.0 0.0.0.0 Fa0/0 (outgoing interface to ISP)

Here's the problem...in you use the second option, every time you try to access an internet address, let's say 4.4.4.4, your router has to do an ARP request, because it doesn't know what to put in the Layer 2 Dest MAC field. you get a timeout, the first packet is always lost, but afterwards everything runs smoothly...if you only access that specific address that is.

Think real world, where 200 employees access about 7000 different IP addresses during a couple of days. The ARP table contains 7000 entries, 7000 ARP request are being sent (even more considering the timeout period), a lot of overhead, a lot of packet loss. The ARP table looks like this:

1.1.1.1     1234.abcd.ab12

4.4.4.4     1234.abcd.ab12

4.4.4.2     1234.abcd.ab12

....

and so on, the same MAC address for any IP ever being requested.

Of course CEF build it's own adjacency table based on the ARP table, so 7000 adjacencies there as well, as well as 7000 entries in the CEF table.

Now, if you use ip route 0.0.0.0 0.0.0.0 <ip-next-hop>, you don't have that problem, because you have both the L2 and L3 information, so for routes goind towards the internet, 1 ARP entry is all you need.

So, my question is, does Cisco warn about using ip route 0.0.0.0 0.0.0.0 Fa0/0 (outgoing interface to ISP) and the impact it has ?

Thank you.

Labels:
0 Helpful
10 Replies 10

paolo bevilacqua
Hall of Fame
Hall of Fame

‎01-15-2011 08:06 AM

The router does not warn. It is assumed that people knows what they are doing, unfortunately often that is not the case.

0 Helpful

johnlloyd_13
Level 9
Level 9

‎01-16-2011 12:04 AM

in addition to the above, you could do:

Router(config)#ip route 0.0.0.0 0.0.0.0

the routing table process will only need to perform a single lookup to get both the exit interface and the next-hop IP address.

0 Helpful

lgijssel
Level 9
Level 9
In response to johnlloyd_13

‎01-16-2011 01:11 AM

When you do a little research on how to configre things, you generally find the right direction.

On this specific one, I found a link which indeed discourages this type of configuration:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml#topic1

regards,

Leo

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame
In response to johnlloyd_13

‎01-16-2011 09:41 AM 

johnlloyd_13 wrote:
in addition to the above, you could do:
Router(config)#ip route 0.0.0.0 0.0.0.0  
the routing table process will only need to perform a single lookup to get both the exit interface and the next-hop IP address.

There is no benefit in doing this.

With IP CEF, destination interface and MAC address (these two things together form an 'adjacency') are immediately retrieved in a single lookup in all cases.

johnlloyd_13
Level 9
Level 9
In response to paolo bevilacqua

‎01-16-2011 10:59 PM

hi paolo,

i stand corrected. learned something new here

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee

‎01-16-2011 01:24 PM

Hello,

Paolo is absolutely correct. Quite many textbooks about Cisco routing including Networking Academy courses like to stress that with a routing table consisting of routes and their IP next hop addresses, recursive lookups are necessary to find out the egress interface for a packet being routed. All these learning materials conclude that it is a wise precaution to specify static routes using both the next hop address and the egress interface. That would be true if the routing table itself was used to route packets... but on routers and multilayer switches with the CEF activated, it isn't.

All these materials tend to forget that the CEF is being run on routers and multilayer switches by default for several years now, and they also miss the fact that when the FIB table is built, the recursions in the routing table are resolved as the FIB is populated. While the routing table remains recursive, the FIB is deliberately constructed with recursions and indirect entries already resolved and removed. So when running CEF (and the CEF is run on practically all recent Cisco routers), trying to make the routing table non-recursive is, most of the time, pointless.

Best regards,

Peter

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame
In response to Peter Paluch

‎01-16-2011 01:38 PM

Peter,

I don't think the training material "forgets". Rather, the problem is that is old and not updated. Sometime, even the instructors fail to notice errors and inform the students. Unfortunately, that is often the case with "standard Cisco Training", where too often they insist concepts that are either old, or of little applicability to current, practical networking, but miss what is of most practical use. As a result the students, even when certified, has limited or confused knowledge, and must be re-trained again in the real world.

But, that is the same in many fields, and won't cause the end of Internet anyway.

0 Helpful

milan.kulik
Level 10
Level 10
In response to Peter Paluch

‎01-17-2011 01:06 AM

Hi Peter,

I'm missing one point here:

How does CEF help to find the next-hop (and it's MAC address necessary) while a static route is configured with outgoing interface Fa0 only?

IMHO, it's not a case of a recursive routing table.

Thanks,

Milan

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to milan.kulik

‎01-17-2011 01:47 AM

Hi Milan,

How does CEF help to find the next-hop (and it's MAC address 
necessary) while a static route is configured with outgoing interface 
Fa0 only?
IMHO, it's not a case of a recursive routing table.

You are absolutely right - a static route specified only with the egress interface is not recursive, and as a matter of fact, the IP of the next-hop is not searched for at all as the network is considered by the router as directly connected. The CEF does not resolve any recursive routing entry in this case.

My post here was merely intended to support Paolo's comment that with CEF, there is no advantage in using both next-hop IP address and the egress interface in the same ip route command to speed up the routing. I admit, it is slightly off topic - the OP asked about defining routes with the egress interface only.

Best regards,

Peter

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee

‎01-16-2011 01:46 PM

Hi Paolo,

Thank you for responding!

Regarding the forgetting... Yes, I agree absolutely, the materials often are outdated, there's no doubt. Then again, I've learned to read learning materials and books with a slight degree of skepticism that drives me to verify the information provided therein instead of trusting it blindly. There are instances when even books are inaccurate, overly simplifying, omitting facts or outright wrong. In the end, however, the reason why the information is wrong is not that important - what matters is that, exactly as you indicated yourself, even certified people have to be brought back to earth and have some things clarified.

Best regards,

Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card