- itcertnotes -: Specifying a Broadcast Interface for Static Routes

Pointing a static route to a broadcast interface is not recommended, because a router considers all the hosts within the range of the static route to be directly connected through the interface; in which the router would perform ARP resolution on the Ethernet for all the destination hosts.

This kind of configuration, especially when configured as a default route and is being used to forward packets to many destinations, can easily cause high CPU utilization due to the ARP resolution process and high memory utilization due to the very large ARP cache.

Below shows that RT1 performs ARP resolution for every connections initiated by PC1 when its default route is configured using the ip route 0.0.0.0 0.0.0.0 FastEthernet1/0 command:

PC1#ping 172.16.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 16/33/64 ms
PC1#
PC1#ping 172.16.2.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 16/20/24 ms
PC1#
PC1#ping 172.16.3.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.3.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 8/35/96 ms
PC1#
PC1#ping 172.16.4.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.4.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 16/21/24 ms
PC1#
RT1#sh ip route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     12.0.0.0/24 is subnetted, 1 subnets
C       12.12.12.0 is directly connected, FastEthernet1/0
C    192.168.1.0/24 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 is directly connected, FastEthernet1/0
RT1#
RT1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  12.12.12.1              -   cc00.0ddc.0010  ARPA   FastEthernet1/0
Internet  192.168.1.1             -   cc00.0ddc.0000  ARPA   FastEthernet0/0
Internet  192.168.1.2             0   cc03.0ddc.0000  ARPA   FastEthernet0/0
Internet  172.16.4.1              0   cc01.0ddc.0000  ARPA   FastEthernet1/0
Internet  172.16.1.1              0   cc01.0ddc.0000  ARPA   FastEthernet1/0
Internet  172.16.3.1              0   cc01.0ddc.0000  ARPA   FastEthernet1/0
Internet  172.16.2.1              0   cc01.0ddc.0000  ARPA   FastEthernet1/0
RT1#
======================================================================
RT2#sh ip route

Gateway of last resort is 23.23.23.3 to network 0.0.0.0

     23.0.0.0/24 is subnetted, 1 subnets
C       23.23.23.0 is directly connected, FastEthernet1/0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.12.12.0 is directly connected, FastEthernet0/0
S    192.168.1.0/24 [1/0] via 12.12.12.1
S*   0.0.0.0/0 [1/0] via 23.23.23.3
RT2#
RT2#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  12.12.12.1              0   cc00.0ddc.0010  ARPA   FastEthernet0/0
Internet  12.12.12.2              -   cc01.0ddc.0000  ARPA   FastEthernet0/0
Internet  23.23.23.3              0   cc02.0ddc.0000  ARPA   FastEthernet1/0
Internet  23.23.23.2              -   cc01.0ddc.0010  ARPA   FastEthernet1/0
RT2#

Specifying a next hop IP address on a directly connected interface prevents the router from performing ARP or each destination address. However, if the outgoing interface goes down and the next hop IP address is reachable through a recursive route (often is the static default route), the next hop IP address and the outgoing interface through which the next hop should be found should be specified for the static route, eg: ip route 0.0.0.0 0.0.0.0 Serial0/0 192.168.1.1.

Below demonstrates a problem scenario in which it is important to specify the outgoing interface which the next hop IP address can be reached when configuring a static route.

There are 2 point-to-point serial links between RT1 and RT2. The upper link as the primary link and the bottom link as the backup link is configured with a floating static route with higher AD. The problem in this scenario is that the floating static route never gets installed in the routing table even when the primary link is shutdown.

RT1#sh ip route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 1 subnets
S       172.16.1.0 [1/0] via 11.11.11.2
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Serial1/2
     11.0.0.0/24 is subnetted, 1 subnets
C       11.11.11.0 is directly connected, Serial1/1
C    192.168.1.0/24 is directly connected, Serial0/0
S*   0.0.0.0/0 is directly connected, Serial0/0
RT1#
----------------------------------------------------------------------
RT2#sh ip route

Gateway of last resort is 11.11.11.1 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.1.0 is directly connected, FastEthernet0/0
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Serial1/2
     11.0.0.0/24 is subnetted, 1 subnets
C       11.11.11.0 is directly connected, Serial1/1
S*   0.0.0.0/0 [1/0] via 11.11.11.1
RT2#
RT2#ping 200.200.200.1 source 172.16.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/28/44 ms
RT2#

When RT1 Serial1/1 is shutdown to test the failover mechanism, the floating static route via Serial1/2 is not installed in its routing table; the static route through the upper primary link remains in the routing table and RT2 is unable to reach 200.200.200.1!

RT1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
RT1(config)#int s1/1
RT1(config-if)#shut
RT1(config-if)#^Z
RT1#
00:12:26: %LINK-5-CHANGED: Interface Serial1/1, changed state to administratively down
00:12:27: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
RT1#
RT1#sh ip route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 1 subnets
S       172.16.1.0 [1/0] via 11.11.11.2
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Serial1/2
C    192.168.1.0/24 is directly connected, Serial0/0
S*   0.0.0.0/0 is directly connected, Serial0/0
RT1#
----------------------------------------------------------------------
RT2#
00:12:52: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
RT2#
RT2#ping 200.200.200.1 source 172.16.1.1 repeat 1

Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
.
Success rate is 0 percent (0/1)
RT2#

The reason behind this is because static routes are recursive in nature. A static route would remain in the routing table as long as there is a route to the next hop – RT1 thinks that it is able to reach 11.11.11.2 through Serial0/0.
Note: Based on the "Gateway of last resort is 0.0.0.0 to network 0.0.0.0" statement on RT1, RT1 never think that 192.168.1.1 is the next hop of the default route. There is a different between specifying a next hop IP address and outgoing interface for default routes.
ip route 0.0.0.0 0.0.0.0 192.168.1.1
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.1.1

ip route 0.0.0.0 0.0.0.0 Serial0/0
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
S* 0.0.0.0/0 is directly connected, Serial0/0

ip route 0.0.0.0 0.0.0.0 Serial0/0 192.168.1.1
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.1.1, Serial0/0

This symptom is observed when the default route on RT1 is specified with an outgoing interface instead of a next hop IP address. When the default route is configured with a next hop IP address, the floating static route via 22.22.22.2 is installed into its routing table as expected.

RT1#sh ip route

Gateway of last resort is 192.168.1.1 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 1 subnets
S       172.16.1.0 [1/0] via 11.11.11.2
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Serial1/2
     11.0.0.0/24 is subnetted, 1 subnets
C       11.11.11.0 is directly connected, Serial1/1
C    192.168.1.0/24 is directly connected, Serial0/0
S*   0.0.0.0/0 [1/0] via 192.168.1.1
RT1#
RT1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
RT1(config)#int s1/1
RT1(config-if)#shut
RT1(config-if)#
00:03:46: %LINK-5-CHANGED: Interface Serial1/1, changed state to administratively down
00:03:47: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
RT1(config-if)#^Z
RT1#
RT1#sh ip route

Gateway of last resort is 192.168.1.1 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 1 subnets
S       172.16.1.0 [200/0] via 22.22.22.2
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Serial1/2
C    192.168.1.0/24 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 [1/0] via 192.168.1.1
RT1#
======================================================================
RT2#
00:04:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
RT2#sh ip route

Gateway of last resort is 22.22.22.1 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.1.0 is directly connected, FastEthernet0/0
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Serial1/2
S*   0.0.0.0/0 [200/0] via 22.22.22.1
RT2#
RT2#ping 200.200.200.1 source 172.16.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/24/48 ms
RT2#

A solution for this problem is to configure the static routes to 172.16.1.0/24 by specifying along the interfaces through which the next hop IP addresses should be found.

RT1#sh run | in ip route
ip route 0.0.0.0 0.0.0.0 Serial0/0
ip route 172.16.1.0 255.255.255.0 11.11.11.2
ip route 172.16.1.0 255.255.255.0 22.22.22.2 200
RT1#
RT1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
RT1(config)#no ip route 172.16.1.0 255.255.255.0 11.11.11.2
RT1(config)#no ip route 172.16.1.0 255.255.255.0 22.22.22.2 200
RT1(config)#ip route 172.16.1.0 255.255.255.0 Serial1/1 11.11.11.2
RT1(config)#ip route 172.16.1.0 255.255.255.0 Serial1/2 22.22.22.2 200
RT1(config)#
RT1(config)#do sh ip route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 1 subnets
S       172.16.1.0 [1/0] via 11.11.11.2, Serial1/1
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Serial1/2
     11.0.0.0/24 is subnetted, 1 subnets
C       11.11.11.0 is directly connected, Serial1/1
C    192.168.1.0/24 is directly connected, Serial0/0
S*   0.0.0.0/0 is directly connected, Serial0/0
RT1(config)#
RT1(config)#int s1/1
RT1(config-if)#shut
RT1(config-if)#
RT1(config-if)#do sh ip route
00:14:13: %LINK-5-CHANGED: Interface Serial1/1, changed state to administratively down
00:14:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
RT1#sh ip route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 1 subnets
S       172.16.1.0 [200/0] via 22.22.22.2, Serial1/2
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Serial1/2
C    192.168.1.0/24 is directly connected, Serial0/0
S*   0.0.0.0/0 is directly connected, Serial0/0
RT1(config-if)#
----------------------------------------------------------------------
RT2#
00:14:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
RT2#
RT2#ping 200.200.200.1 source 172.16.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/28/48 ms
RT2#

- itcertnotes -

Sunday, March 20, 2011

Specifying a Broadcast Interface for Static Routes

No comments:

Post a Comment