Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1279
Views
15
Helpful
3
Replies

Question about how routers discover neighboring devices' IP addresses

Go to solution
Viscid
Level 1
Level 1

‎06-26-2016 05:12 PM - edited ‎03-05-2019 04:18 AM

Hi all,

When you set up a static route, you have the option of specifying the exit interface or the destination IP address in order to access this route. However, how does the router know the IP address on the other end of the exit interface if it is not specified through the static route? I believe this information is kept in the routing table, but I was wondering how it was found. Does it use CDP to discover the IP? If so, what happens if you have routers from non-Cisco vendors connected?

Thanks for your time.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Viscid

‎06-26-2016 11:53 PM

Hi,

ARPs themselves are not IP packets; they do not have IP headers and instead, they are just inserted right into Ethernet frames. However, in their bodies, ARP messages contain the IP and MAC address of the sending host, and the IP address of the destination host whose MAC address we want to find out.

If a packet was routed out through an Ethernet interface, and the IP address of the next hop was known, the router would use ARP to translate the next hop's address into a MAC address. However, when a static route is configured pointing out an Ethernet interface without a specifying a next hop address, the router treats this route as a directly connected route. Specifically, for each packet forwarded using this static route, the router will take the Destination IP address from the packet, and use ARP to translate this Destination IP into a MAC address. So instead of using a preconfigured next-hop address for the route, the router will use the Destination IP address of each packet to do an IP-to-MAC translation.

The trick is right there - the route is not really directly connected - if it was, it would be a directly connected network and you would not be configuring a static route for it at all. However, the hosts covered by this static route are not really connected to the link behind that interface, and so there is in fact nobody to respond to those ARPs - almost.

This is where Proxy ARP comes in. Proxy ARP is a feature on routers that allows a router to respond to an ARP request even if that request is looking for a different IP address than the one configured on the router, provided that the router would know how to forward an IP packet toward that address and would not forward it out the same interface it came in.

So if you configure a router with a static route pointing out an Ethernet interface without a next hop, your router will rely on Proxy ARP running on other routers behind that interface to respond to its ARP queries for each packet's destination IP. Now think of it: 1000 different destination IPs means 1000 ARP requests, 1000 ARP responses, 1000 entries in your router's ARP table pointing possibly to a single MAC address of your upstream router, and these entries will eventually expire and will need to be refreshed. And if someone deactivates the Proxy ARP on your upstream router which is considered a best practice - you're dead in water. Therefore, relying on Proxy ARP and configuring static routes out Ethernet interfaces without a next hop is not a good idea, even though it sometimes works ;)

Of course, feel welcome to ask further!

Best regards,
Peter

View solution in original post

3 Replies 3

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎06-26-2016 05:45 PM

Hi,

However, how does the router know the IP address on the other end of the exit interface if it is not specified through the static route?

It does not know it, and it has no reliable means of finding it out. Pointing a static route out an exit interface essentially causes the route to behave as a directly connected route. That means that for Ethernet exit interfaces, the router will actually try to resolve the destination IP addresses of every outgoing packet using ARP, just like it would do if the network was indeed directly configured on an interface. This will fail if the router at the other end of the link does not support or run Proxy ARP (a feature allowing a router to respond to an ARP request if it knows a route to the requested IP address even though it is not its own address), and even if it works, it results in high ARP traffic and uselessly large ARP tables. Therefore, the practice of pointing static routes out exit interfaces is generally discouraged and is only usable if the egress interface is a point-to-point type of interface (a serial link with HDLC or PPP, a tunnel, a Dialer interface with PPP). On point-to-point interfaces, there is no IP-to-Layer2 address resolution, and so there are no problems with ambiguous next hop addresses.

Again, please feel welcome to ask further!

Best regards,
Peter

Go to solution
Viscid
Level 1
Level 1
In response to Peter Paluch

‎06-26-2016 06:25 PM

Sorry, I'm having a hard time understanding. Doesn't ARP require an IP address and lead to finding the MAC address? Does it just do the ARP with a broadcast address instead of a specific IP? What I'm confused about is how the router finds the MAC address to use when transmitting the frame to the next router without knowing the IP address in order to be able to use ARP.

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Viscid

‎06-26-2016 11:53 PM

Hi,

ARPs themselves are not IP packets; they do not have IP headers and instead, they are just inserted right into Ethernet frames. However, in their bodies, ARP messages contain the IP and MAC address of the sending host, and the IP address of the destination host whose MAC address we want to find out.

If a packet was routed out through an Ethernet interface, and the IP address of the next hop was known, the router would use ARP to translate the next hop's address into a MAC address. However, when a static route is configured pointing out an Ethernet interface without a specifying a next hop address, the router treats this route as a directly connected route. Specifically, for each packet forwarded using this static route, the router will take the Destination IP address from the packet, and use ARP to translate this Destination IP into a MAC address. So instead of using a preconfigured next-hop address for the route, the router will use the Destination IP address of each packet to do an IP-to-MAC translation.

The trick is right there - the route is not really directly connected - if it was, it would be a directly connected network and you would not be configuring a static route for it at all. However, the hosts covered by this static route are not really connected to the link behind that interface, and so there is in fact nobody to respond to those ARPs - almost.

This is where Proxy ARP comes in. Proxy ARP is a feature on routers that allows a router to respond to an ARP request even if that request is looking for a different IP address than the one configured on the router, provided that the router would know how to forward an IP packet toward that address and would not forward it out the same interface it came in.

So if you configure a router with a static route pointing out an Ethernet interface without a next hop, your router will rely on Proxy ARP running on other routers behind that interface to respond to its ARP queries for each packet's destination IP. Now think of it: 1000 different destination IPs means 1000 ARP requests, 1000 ARP responses, 1000 entries in your router's ARP table pointing possibly to a single MAC address of your upstream router, and these entries will eventually expire and will need to be refreshed. And if someone deactivates the Proxy ARP on your upstream router which is considered a best practice - you're dead in water. Therefore, relying on Proxy ARP and configuring static routes out Ethernet interfaces without a next hop is not a good idea, even though it sometimes works ;)

Of course, feel welcome to ask further!

Best regards,
Peter

Customers Also Viewed These Support Documents