Cisco 3725 routing problem

Unanswered Question
Jun 17th, 2010

We have a Cisco 3700 router that has been working for years using the default route 'route ip 0.0.0.0 0.0.0.0 F0/0'. Strangely, our connection(in/out) suddenly dropped and the only solution that worked was to set  the default route to 'route ip 0.0.0.0 0.0.0.0 1.1.1.99'.

ISP's provided gateway 1.1.1.99

F0/0 - 1.1.1.100

F0/1 - 2.2.2.100

Any idea what happened?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Giuseppe Larosa Thu, 06/17/2010 - 05:58

Hello Emmanuel,

the provider has disabled proxy ARP on its interface for security reasons

note that the right configuration is the new one in order to minimize ARP table size.

With Proxy ARP an ARP request was made for all new destination addresses to the internet, with ISP router that collaborated giving back in answer its MAC adddress (the same answer for each request)

With new configuration the router makes an ARP request for the next-hop and uses it for all IP addresses

Some other colleague had routers crashed by the ARP table becoming too big you have been lucky to run the router for years

see

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094adb.shtml

Hope to help

Giuseppe

slasher UG Fri, 06/18/2010 - 00:22

Thank you for the very informative response Giuseppe.

Here is another :-)

Will it make a difference if I set the default route of our firewall directly to our ISP? See example below.

Current setup.

Inbound:      ISP(1.1.1.99) --> (F0/0 1.1.1.100)Router(F0/1 2.2.2.100) --> (Out 2.2.2.99)Firewall(In 3.3.3.99) --> LAN(3.3.3.0)

Outbound:   LAN --> Firewall --> Router --> ISP

Router's default route set to route 0.0.0.0 0.0.0.0 1.1.1.99

Firewall's default route set to route 0.0.0.0 0.0.0.0 2.2.2.100

New.

Inbound:      ISP(1.1.1.99) --> (F0/0 1.1.1.100)Router(F0/1 2.2.2.100) --> (Out  2.2.2.99)Firewall(In 3.3.3.99) --> LAN(3.3.3.0)

Outbound:   LAN --> Firewall --> ISP

Router's default route set to route 0.0.0.0 0.0.0.0 1.1.1.99

Firewall's default route set to route 0.0.0.0 0.0.0.0 1.1.1.99

Again thanks for the answer.

Manny

Dasuntha Dinesh Fri, 06/18/2010 - 02:07

I have some doubts about the New Setup.

Because, Like to know that if the Firewall can reach the ISP by-passing the Router.

I think it'll be the same, because the all the traffic is going out through the Router to ISP

Regards,

Dasuntha

Dasuntha Dinesh Sat, 06/19/2010 - 06:22

So, Firewall is reaching the ISP through the Router?

You can check it by running a traceroute.

slasher UG Sun, 06/20/2010 - 17:28

traceroute shows both goes through the router. so i guess it makes no difference.

Actions

This Discussion