My Stupid Moments: Interface Default Route

Years ago I was faced with an interesting challenge: an Internet customer was connected to our PE router with an Ethernet link and I did not want to include the PE router’s IP address in the default route on the CE router.

The latest IOS release in those days was probably somewhere around 11.x; none of the DHCP goodies were available.

After pondering the problem for a while, I got a “brilliant” idea: if I would use an interface default route, proxy-ARP would solve all my problems. This is the configuration I’ve deployed on the CE-router:

interface Ethernet 0
 description Uplink to the ISP
 ip address 10.0.1.2 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 ethernet 0

We tested this configuration in the middle of the night and it worked as expected. What do you think happened in the morning?

Recent posts in the same categories

20 comments:

  1. IanH 09 October 2009 08:21
    Ran out of CPU, with the ARP process going nuts. Aaah, yes, seen that one before.


    - I.
  2. Robert Larsen 09 October 2009 08:59
    The uplink to the ISP went down, but your default route stayed in the routing table (which, from memory, is what happens to statics that use an interface as the target), which resulted in all your outbound traffic being black-holed silently (as opposed to the default route being withdrawn and the router dropping the traffic in a more graceful way). For example, if you were to ping out to the WAN, you would get timeouts rather than the CE router responding with "no route to host".

    BTW, I'm curious as to why you didn't want to include the PE router's IP address in the default route?

    Cheers,
    Rob.
  3. HAT 09 October 2009 09:36
    The Router was out of memory and it became sluggish?
  4. lochii 09 October 2009 10:51
    your ARP table was full of internet addresses, causing it to fill up.
  5. pav 09 October 2009 11:01
    arp table expired and cleared out and this whole thing stop working.
  6. shivlu jain 09 October 2009 11:06
    The Ethernet will never go down because of that if the ISP fails the traffic will be black holed.To solve the issue use the RTR. Even if you use the PE ip address in case of ethernet, in that case the route will never flush from routing table. So anyhow need to track the interface.
  7. Amit 09 October 2009 12:36
    Proxy-ARP is enabled by default in Cisco IOS. So, for all ARP queries by the CE router, the PE router "fakes" the identity and replies to the CE router. So, for every internet prefix, the destination MAC address will be the MAC address of the PE router. May be eventually the ARP table will become too big and will interfere with router's performance.

    OR

    May be other PE routers started to reply for CE router's ARP queries and hence CE router cannot distinguish between those replies.
  8. pav 09 October 2009 13:12
    Amit,

    Yes you are right. there will be arp entry for each address where cpe trying to send packet to.
  9. Scott 09 October 2009 15:27
    1. You awoke the next morning to find that your network was slammed with ARP traffic because the router was ARPing for the entire Internet?

    2. Your router was running out of memory because the ARP cache was overloaded (not exactly sure how the ARP cache functions... does it expire entries or just eat up resources until... CRASH prolly depends on the router-hardware/version)?

    3. Performance slowed to a crawl?

    4. All of the above?
  10. eric 09 October 2009 15:38
    You found that your client was no longer a client because you effectively made problems worse due to the router ARPing for every internet address your client was going to?
  11. Pete 09 October 2009 16:02
    From: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml

    "This kind of default route, especially if it is used by a lot of packets to many different destination subnets, can cause high processor utilization and a very large ARP cache (along with attendant memory allocation failures)."
  12. Anonymous 10 October 2009 01:39
    sometimes you loose - sometimes you win @ status you def loose - might work with some copp magic like plt (permanent looped topologies) :)
  13. xabrouck 11 October 2009 23:03
    and that's why I filed CSCsi14493 "add warning when configuring a default route with next-hop = interface" 940 days ago... still not resolved btw...
  14. Xtrem 18 November 2009 07:19
    i quote from : http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml

    ""With this type of configuration, a router performs Address Resolution Protocol (ARP) on the Ethernet for every destination the router finds through the default route because the router considers all of these destinations as directly connected to Ethernet 0""

    its not wise to use static route on an interface
    :-P
  15. Ivan Pepelnjak 18 November 2009 10:28
    It's OK as long as the interface is a point-to-point one.
  16. tititech 23 March 2010 16:39
    The Router will run out of memory because of ARP reply. For every packet to the default route, the router will send an ARP request for the destination IP address.
  17. Muddasir Khan 25 March 2010 23:15
    Ivan can u reply pleaseeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee what happend the next morning????? *DONT_KNOW*
  18. vikash kumar 12 April 2011 00:51
    With this type of configuration, a router performs Address Resolution Protocol (ARP) on the Ethernet 0 for every destination the router finds through the default route because the router considers all of these destinations as directly connected to Ethernet 0.

    This kind of default route, especially if it is used by a lot of packets to many different destination subnets, can cause high processor utilization and a very large ARP cache (along with attendant memory allocation failures)
  19. Unknown 17 May 2013 12:19
    As cisco and ivan said, watch out for whether it's broadcast or p2p..
Add comment
Home
Sidebar