Posts Tagged ‘Recursive Route lookup’
In this network diagram, there are two static routes to the same destination (172.31.10.0/24). One route is a floating static, it is the “backup” or redundant path to the destination network on the LAN. The problem in the scenario is that the floating static route never gets installed in the routing table when the primary link is shut down.
R1 has a default route that points to the Internet Service Provider (ISP) router for Internet access. R1 has two links to R2. The T1 is the primary link and 56 K is the backup link. R1 has a static route for 172.31.10.0/24 which points to the R2 Serial 0 IP address (10.10.10.2) as the next-hop. R1 also has a floating static route for 172.131.10.0/24 which points to the R2 Serial 1 IP address (192.168.20.2), the administrative distance for the floating static route is 250. The idea is for packets to flow over the 56 K line in both directions only if the primary link fails.
This example shows the R1 configuration:
| R1 |
|---|
hostname R1 ! ip subnet-zero no ip domain-lookup ! controller E1 2/0 ! controller E1 2/1 ! interface Serial3/0 description ISP Link ip address 192.168.10.1 255.255.255.252 clockrate 64000 ! interface Serial3/1 no ip address shutdown ! interface Serial3/2 description Primary Link to R2 ip address 10.10.10.1 255.255.255.252 ! interface Serial3/3 description Backup Link to R2 ip address 192.168.20.1 255.255.255.252 clockrate 64000 ! ip classless ip route 0.0.0.0 0.0.0.0 Serial3/0 !---This is the default route to ISP router. ip route 172.31.10.0 255.255.255.0 10.10.10.2 !---This is the preferred route to the LAN. ip route 172.31.10.0 255.255.255.0 192.168.20.2 250 !---This is the floating route to the LAN. |
This example shows the R1 routing table:
| R1 Routing Table |
|---|
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10.0.0.0/30 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Serial3/2
192.168.10.0/30 is subnetted, 1 subnets
C 192.168.10.0 is directly connected, Serial3/0
192.168.20.0/30 is subnetted, 1 subnets
C 192.168.20.0 is directly connected, Serial3/3
172.31.0.0/24 is subnetted, 1 subnets
S 172.31.10.0 [1/0] via 10.10.10.2
!--- The preferred static route to the LAN through the T1.
S* 0.0.0.0/0 is directly connected, Serial3/0
!--- The static default route to the Internet.
|
This example shows the R2 configuration:
| R2 |
|---|
hostname R2 ! enable password ww ! ! ! ! ! ip subnet-zero no ip finger no ip domain-lookup ! ! ! interface Ethernet0 description Local LAN ip address 172.31.10.2 255.255.255.0 ! interface Serial0 description Primary Link to R1 ip address 10.10.10.2 255.255.255.252 clockrate 56000 ! interface Serial1 description Backup Link to R1 ip address 192.168.20.2 255.255.255.252 ! interface TokenRing0 no ip address shutdown ! ip classless ip route 0.0.0.0 0.0.0.0 10.10.10.1 !--- This is the primary default route. ip route 0.0.0.0 0.0.0.0 192.168.20.1 250 !--- The floating default route to be used if the T1 fails. no ip http server ! ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 password ww login ! end |
R2 has the default route installed through 10.10.10.1 and when you use the traceroute command from R2 to the ISP router, the packets use the T1 link. R2 can send pings to the Internet host 192.168.30.1 sourced from 172.31.10.2. The route to 192.168.30.1 is through the default route 0.0.0.0 0.0.0.0.
| R2 Routing Table |
|---|
R2#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 10.10.10.1 to network 0.0.0.0
172.31.0.0/24 is subnetted, 1 subnets
C 172.31.10.0 is directly connected, Ethernet0
192.168.20.0/30 is subnetted, 1 subnets
C 192.168.20.0 is directly connected, Serial1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.10.10.0/30 is directly connected, Serial0
S* 0.0.0.0/0 [1/0] via 10.10.10.1
!--- This is the primary default route.
R2#traceroute 192.168.10.2
Type escape sequence to abort.
Tracing the route to 192.168.10.2
1 10.10.10.1 16 msec 20 msec 16 msec
2 192.168.10.2 32 msec * 32 msec
R2#ping
Protocol [ip]:
Target IP address: 192.168.30.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.31.10.2
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
|
If you shut down Serial 3/2 on R1 to test the failover, you should expect R1 to install the floating static route to the local LAN 172.31.10.0 and for R2 to install the floating static route to 0.0.0.0 through 192.168.20.1. You would expect traffic to flow over the 56K link.
| R1 |
|---|
R1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Serial3/0 192.168.10.1 YES manual up up
Serial3/1 unassigned YES unset administratively down down
Serial3/2 10.10.10.1 YES manual up up
Serial3/3 192.168.20.1 YES manual up up
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int s3/2
R1(config-if)#shut
R1(config-if)#end
2d21h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/2, changed state to down
2d21h: %LINK-5-CHANGED: Interface Serial3/2, changed state to administratively down
R1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Serial3/0 192.168.10.1 YES manual up& up
Serial3/1 unassigned YES unset administratively down down
Serial3/2 10.10.10.1 YES manual administratively down down
Serial3/3 192.168.20.1 YES manual up up
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
192.168.10.0/30 is subnetted, 1 subnets
C 192.168.10.0 is directly connected, Serial3/0
192.168.20.0/30 is subnetted, 1 subnets
C 192.168.20.0 is directly connected, Serial3/3
172.31.0.0/24 is subnetted, 1 subnets
S 172.31.10.0 [1/0] via 10.10.10.2
!--- The static route through the T1 remains in the routing table.
!--- This is not what was expected to happen when Serial 3/2 was shut.
S* 0.0.0.0/0 is directly connected, Serial3/0
!--- The static default route to the Internet.
R2#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 192.168.20.1 to network 0.0.0.0
172.31.0.0/24 is subnetted, 1 subnets
C 172.31.10.0 is directly connected, Ethernet0
192.168.20.0/30 is subnetted, 1 subnets
C 192.168.20.0 is directly connected, Serial1
S* 0.0.0.0/0 [250/0] via 192.168.20.1
!--- It is no longer possible to ping the Internet host 192.168.20.1 if the ping
!--- is sourced from the LAN on R2 because R1 tries to send the replies
!--- via the Serial 3/2, which is down.
R2#ping
Protocol [ip]:
Target IP address: 192.168.30.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.31.10.2
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
|
The floating static route was not installed on R1 and the primary static route is still in the routing table of R1 even though the Serial 3/2 link is shut down. The reason this happens is because static routes are recursive in nature. You always keep the static route in the routing table as long as you have a route to the next hop. In this case, R1 thinks it can get to 10.10.10.2 through 192.168.10.2 because 192.168.10.2 is the next hop for 0.0.0.0 0.0.0.0.
The route to a next hop can be a more specific, a less specific, or a default route. In this problem scenario, you would think that since the link is down you should not have a route to 10.10.10.2, but if you look at the routing table on R1, you see that there is a static default route pointing to the ISP router. R1, therefore believes that it can reach the next hop (10.10.10.2) for 172.31.10.0/24 through this default route, so the static route to 172.31.10.0/24 through 10.10.10.2 remains in the routing table and the floating static route never gets installed.
There is a better way to configure static routes that would allow you to avoid this problem. If you specify the interface through which the next hop should be found, you will install the floating static route only if the next hop IP address is reachable through the specified interface. Before the solution to this problem is presented, you will bring the Serial 3/2 interface on R1 back up again.
| R1 |
|---|
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int s 3/2
R1(config-if)#no shut
R1(config-if)#end
R1#
2d22h: %LINK-3-UPDOWN: Interface Serial3/2, changed state to up
2d22h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/2, changed state to up
2d22h: %SYS-5-CONFIG_I: Configured from console by console
R1#show ip int brief
Interface IP-Address OK? Method Status Protocol
Serial3/0& 192.168.10.1 YES manual up up
Serial3/1 unassigned YES unset administratively down down
Serial3/2 10.10.10.1 YES manual up up
Serial3/3 192.168.20.1 YES manual up up
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
10.0.0.0/30 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Serial3/2
192.168.10.0/30 is subnetted, 1 subnets
C 192.168.10.0 is directly connected, Serial3/0
192.168.20.0/30 is subnetted, 1 subnets
C 192.168.20.0 is directly connected, Serial3/3
172.31.0.0/24 is subnetted, 1 subnets
S 172.31.10.0 [1/0] via 10.10.10.2
S* 0.0.0.0/0 is directly connected, Serial3/0
R1#
|
Solution
The solution is to remove the old static routes to the LAN (172.31.10.0) and configure new static routes, this time specifying the interface through which the next hop must be reached. This allows the floating static route on R1 to get installed when the Serial 3/2 interface is shut.
| R1 |
|---|
R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#no ip route 172.31.10.0 255.255.255.0 10.10.10.2 R1(config)#no ip route 172.31.10.0 255.255.255.0 192.168.20.2 250 R1(config)#ip route 172.31.10.0 255.255.255.0 Serial3/2 10.10.10.2 R1(config)#ip route 172.31.10.0 255.255.255.0 Serial3/3 192.168.20.2 250 R1(config)#end R1# 2d22h: %SYS-5-CONFIG_I: Configured from console by console |
The static route to 172.31.10.0 through 10.10.10.2 is installed in the routing table of R1 if 10.10.10.2 is seen through Serial 3/2. If this condition is not met, the static route through 10.10.10.2 is removed from the routing table and the floating static route to 172.31.10.0 through Serial 3/3 with next hop 192.168.20.2 is installed.
In order to test how this works and bring the T1 link down, shut down Serial 3/2 and see if the floating static route gets installed in the routing table.
| R1 |
|---|
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int s 3/2
R1(config-if)#shut
R1(config-if)#end
R1#
3d00h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/2, changed state to down
3d00h: %SYS-5-CONFIG_I: Configured from console by console
3d00h: %LINK-5-CHANGED: Interface Serial3/2, changed state to administratively down
R1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Serial3/0 192.168.10.1 YES manual up up
Serial3/1 unassigned YES unset administratively down down
Serial3/2 10.10.10.1 YES manual administratively down down
Serial3/3 192.168.20.1 YES manual up up
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
192.168.10.0/30 is subnetted, 1 subnets
C 192.168.10.0 is directly connected, Serial3/0
192.168.20.0/30 is subnetted, 1 subnets
C 192.168.20.0 is directly connected, Serial3/3
172.31.0.0/24 is subnetted, 1 subnets
S 172.31.10.0 [250/0] via 192.168.20.2, Serial3/3
S* 0.0.0.0/0 is directly connected, Serial3/0
R1#
|
Now R1 can ping the Internet host 192.168.20.1 with packets sourced from the LAN.
| R2 |
|---|
R2#ping Protocol [ip]: Target IP address: 192.168.20.1 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: y Source address or interface: 172.31.10.2 Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms |
The floating static route gets installed as expected.