cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
886
Views
5
Helpful
7
Replies

Cisco 3725 routing problem

slasher UG
Level 1
Level 1

We have a Cisco 3700 router that has been working for years using the default route 'route ip 0.0.0.0 0.0.0.0 F0/0'. Strangely, our connection(in/out) suddenly dropped and the only solution that worked was to set  the default route to 'route ip 0.0.0.0 0.0.0.0 1.1.1.99'.

ISP's provided gateway 1.1.1.99

F0/0 - 1.1.1.100

F0/1 - 2.2.2.100

Any idea what happened?

Thanks

7 Replies 7

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Emmanuel,

the provider has disabled proxy ARP on its interface for security reasons

note that the right configuration is the new one in order to minimize ARP table size.

With Proxy ARP an ARP request was made for all new destination addresses to the internet, with ISP router that collaborated giving back in answer its MAC adddress (the same answer for each request)

With new configuration the router makes an ARP request for the next-hop and uses it for all IP addresses

Some other colleague had routers crashed by the ARP table becoming too big you have been lucky to run the router for years

see

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094adb.shtml

Hope to help

Giuseppe

Thank you for the very informative response Giuseppe.

Here is another :-)

Will it make a difference if I set the default route of our firewall directly to our ISP? See example below.

Current setup.

Inbound:      ISP(1.1.1.99) --> (F0/0 1.1.1.100)Router(F0/1 2.2.2.100) --> (Out 2.2.2.99)Firewall(In 3.3.3.99) --> LAN(3.3.3.0)

Outbound:   LAN --> Firewall --> Router --> ISP

Router's default route set to route 0.0.0.0 0.0.0.0 1.1.1.99

Firewall's default route set to route 0.0.0.0 0.0.0.0 2.2.2.100

New.

Inbound:      ISP(1.1.1.99) --> (F0/0 1.1.1.100)Router(F0/1 2.2.2.100) --> (Out  2.2.2.99)Firewall(In 3.3.3.99) --> LAN(3.3.3.0)

Outbound:   LAN --> Firewall --> ISP

Router's default route set to route 0.0.0.0 0.0.0.0 1.1.1.99

Firewall's default route set to route 0.0.0.0 0.0.0.0 1.1.1.99

Again thanks for the answer.

Manny

I have some doubts about the New Setup.

Because, Like to know that if the Firewall can reach the ISP by-passing the Router.

I think it'll be the same, because the all the traffic is going out through the Router to ISP

Regards,

Dasuntha

Yes it can reach our ISP.

So, Firewall is reaching the ISP through the Router?

You can check it by running a traceroute.

traceroute shows both goes through the router. so i guess it makes no difference.

yes, correct.

It'll be the same.

Regards,

Dasuntha

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: