Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
691
Views
3
Helpful
4
Replies

Default route vs redistributed default route-- What is consequence?

Go to solution
MicJameson1
VIP Alumni
VIP Alumni

‎02-28-2023 10:10 AM - last edited on ‎03-02-2023 01:06 AM by Community Manager

Hello.

Three ASAs at different office branches have routing configurations that are intended to have identical structural logic.

Most have this config...

ASA-5525-1# sh route
Gateway of last resort is 1.1.1.1 to network 0.0.0.0
S* 0.0.0.0 0.0.0.0 [1/0] via 1.1.1.1, outside
!! This is the route to the www. !!
---

Device config for deviating device...
ASA-5525-33# sh route
Gateway of last resort is 2.2.2.2 to network 0.0.0.0
D*EX 0.0.0.0 0.0.0.0 [170/51712] via 2.2.2.2
!! This is the route to the www. !!

Clearly the second device does not have a

default-static

route, but a redistributed default route.

Questions:

1. What is one scenario in which it would be advantageous to deviate from the first config (as did the second config)?
2. In the above situation, what could be the adverse result of the deviating config on

ASA-5525-33

?

Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-01-2023 07:47 AM

This is an interesting question. For your standard with static default route I would suggest that the advantage is that it is not dependent on anything else. It will forward traffic outbound (and without the overhead of learning the default route via a dynamic routing protocol). The disadvantage of this is that if there is some issue with the upstream device (ISP etc) the ASA will continue to forward all traffic outbound (into a black hole).

The other situation is that the ASA has learned its default route via a dynamic routing protocol. Perhaps the disadvantage is the overhead of running the routing protocol. But the advantage is clearly that if there is some problem upstream that you will not forward traffic into a black hole.

HTH

Rick

View solution in original post

4 Replies 4

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-01-2023 07:47 AM

This is an interesting question. For your standard with static default route I would suggest that the advantage is that it is not dependent on anything else. It will forward traffic outbound (and without the overhead of learning the default route via a dynamic routing protocol). The disadvantage of this is that if there is some issue with the upstream device (ISP etc) the ASA will continue to forward all traffic outbound (into a black hole).

The other situation is that the ASA has learned its default route via a dynamic routing protocol. Perhaps the disadvantage is the overhead of running the routing protocol. But the advantage is clearly that if there is some problem upstream that you will not forward traffic into a black hole.

HTH

Rick

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Richard Burts

‎03-01-2023 08:02 AM

In addition to what Rick describes, a default route via a routing protocol may change dynamically to a better egress interface.

Also in case where there cannot be a better path, a dynamic default route can drop packets much sooner, perhaps even at the gateway device.

Basically pros and cons are much like doing any routing static vs. dynamic, both work and they're not mutually exclusive.

Go to solution
MHM Cisco World
VIP
VIP

‎03-01-2023 08:02 AM - edited ‎03-01-2023 08:45 AM

...

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to MHM Cisco World

‎03-02-2023 01:09 PM

I am glad that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents