cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5653
Views
0
Helpful
22
Replies

Default Gateway Exit Interface

Hi All,

Can you explain to me how does default routing out of the exit interface work? for example ip route 0.0.0.0 0.0.0.0 f0/0. I know that if you use the next hop IP address in the default router configuration (ip route 0.0.0.0 0.0.0.0 192.168.1.1), router can resolve the next hop IP to the MAC Address to put in the data link frame as destination. How does router know what to put in data link frame as the destination address if it has no IP address to resolve? How does it work? Thanks a lot

1 Accepted Solution

Accepted Solutions

It certainly does allow you to specify an Ethernet interface as the exit in a static route, including a static default route. There are several things that make this a problematic thing to do:

- it means that the router will send an ARP request for EVERY layer 3 destination address, so it is generating lots of traffic.

- it will only be successful in the next hop router has enabled proxy-arp, and increasingly some organizations regard proxy-arp as a security weakness and disable it. This means that now the success of your routing is dependent on something that you may not control.

- if the next hop router does enable proxy-arp then the MAC address gets added to the ARP table which contains ALL of the destination IP addresses to which the router has forwarded, so the ARP table gets very large, consuming memory and CPU cycles to maintain it.

So the best advice is that static routes specifying the exit interface are ok if the exit interface is some point to point link like HDLC, PPP, Frame Relay but otherwise it is much better to specify the nex hop address.

HTH

Rick

HTH

Rick

View solution in original post

22 Replies 22

paolo bevilacqua
Hall of Fame
Hall of Fame

Hi, the data-link destination address never changes. In your example, will be always the mac address for 192.168.1.1.

CriscoSystems
Level 5
Level 5

Zdrast, Anatoliy!!

If the outgoing interface is multiaccess, it can use the broadcast address.

If it's a point-to-point interface, there doesn't really need to be a laye 2 destination specified since there's only one host at the other end of the link.

In the case of frame relay (where the frames do need a layer 2 value (DLCI) specified), it will use the DLCI that is assigned (via either LMI or static config) to the interface you specified in your ip route statement.

Spasibo! So let me clarify, if you set the default gateway as exit interface, the data link layer will just use broadcast (on multiaccess network) as the destination address instead of resolving next hop IP as in the case if we configured next hop IP as the default gateway?

If the outgoing interface is multiaccess, it can use the broadcast address.

Actually that never happens, unless the L3 dst address is subnet bcast, in which case router will use a L2 bcase, or is multicast, in which case router will map to L2 mcast address.

Dasvidania.

But then wait a minute - that just underlines Anatoliy's question. If it's going out an Ethernet interface, the router's got to put _something_ in the destination address field of the Ethernet frame, doesn't it?

Stolichnaya.

That is exactly what I want to know. What does the router put in the destination address in the frame. We don't have the gateway IP to resolve since we are using the exit interface instead.

Well if the route points to an exit interface the router will arp out for every single destination.

On a multi-access network it really isn't a good idea to do this as you may get multiple replies.

As Paolo said the 192.168.1.1 router may well respond with it's own mac-address.

Jon

When you say arp out you mean broadcast?

I mean the router sends an arp request to get the mac-address of the next-hop. When it gets a response it can then send the packet.

But it doesn't actually broadcast out the data packet. It uses the arp response to unicast the packet to the next hop.

Jon

But, what next-hop? Anatoliy's scenario is a gateway-of-last-resort scenario, with an INTERFACE, not a host, specified in the ip route statement.

Exactly, how does the router know where the next hop is? Can somebody explain it to me please, I has been bothering me all day.

Jon do you mean it well send an arp query on the L3 address that is the packet's FINAL destination? Doesn't that furthermore mean that if the packet's final destination isn't on the same subnet as the default-exit-interface, the packet is blackholed?

'Cause the whole (or at least major) point of having default gateways is for the packet to transit to a place that has (or might have) sturdier routing for it.

"Jon do you mean it well send an arp query on the L3 address that is the packet's FINAL destination ?"

Edit - actually yes i do mean that't what it does. See below for proxy-arp details.

It's to do with proxy-arp. If none of the routers accessible from the router interface are running proxy-arp then no router would respond with it's mac-address and the arp would fail.

This is why on a multi-access network like ethernet you should never use the exit interface as the next-hop. You should only do this on P2P links.

Jon

Just as an addition. I have never actually tested whether a router will allow you to use an ethernet interface as next-hop. Assume it would and if anoher router is using proxy-arp it would respond but perhaps i should test it sometime :-)

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: