Scribd Logo
Upload

Welcome to Scribd!

  • DR

    Uploaded by

    baraynavab
    283 views22 pages
    Discard Routes avoids routing loops with Cisco IP Routing. Solution: discard route for packets destined for 192.168.1. / 24. All default traffic is sent to ISP, via 0.0.0. / 0 default route on RTA.

    Original Description:

    Copyright

    © Public Domain

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Discard Routes avoids routing loops with Cisco IP Routing. Solution: discard route for packets destined for 192.168.1. / 24. All default traffic is sent to ISP, via 0.0.0. / 0 default route on RTA.

    Copyright:

    Public Domain
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    283 views22 pages

    DR

    Uploaded by

    baraynavab
    Discard Routes avoids routing loops with Cisco IP Routing. Solution: discard route for packets destined for 192.168.1. / 24. All default traffic is sent to ISP, via 0.0.0. / 0 default route on RTA.

    Copyright:

    Public Domain
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 22

    Cabrillo College

    Discard Routes
    Avoiding Routing Loops with Discard Routes
    - CCNP Semester 5 Advanced Routing
    Rick Graziani, Jan. 20, 2002

    1
    Cisco IP Routing
    by Alex Zinin
    Addison-Wesley Pub Co
    ISBN: 0201604736

     This book is highly recommended for instructors and CCNP


    students.
     Special thanks to the author, Alex Zinin, for his help. 2
    Instructors: If you have any questions or
    comments, or if you find any mistakes
    in this presentation, please contact me:

    Rick Graziani
    graziani@cabrillo.cc.ca.us
    www.cabrillo.cc.ca.us/~rgraziani

    3
    Topics
     Situation: Normal
     Link Down
     Solution #1 – no ip classless
     Solution #2 – discard route
     What about packets destined for
    192.168.1.0/24?
     Final Notes

    4
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    5
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

     Customer Network is running a dynamic routing protocol.


     All subnets within the 172.16.0.0 network are contained in this “Customer
    Network.” (There are no discontiguous 172.16.0.0 subnets via ISP.)
     Remote Office has 172.16.4.0/24 and 192.168.1.0/24 networks.
     All default traffic is sent to ISP, via 0.0.0.0/0 default route on RTA that is
    propagated to RTB and RTC.
     ISP has static routes pointing to RTA for 172.16.0.0/16 and 6
    192.168.1.0/24 networks.
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Situation: Normal
     As long as all the networks are up, everything should work fine.
     Actually, we will see later that even when all of our links are up, there
    could be a problem.

    7
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24

    X
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Link down
     What would happen if our link between RTB and RTC failed?
     Obviously, the Remote Office networks would be cut-off from the Central
    Office.
     After the routing tables are updated, where would RTA or RTB send
    packets with the destination IP address 172.16.4.10?

    8
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24

    X
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Link down (Continued)


     After the routing tables are updated, where would RTA or RTB send
    packets with the destination IP address 172.16.4.10?
     If the router is running “ip classless,” it will forward the packet using the
    default route. (For information on the ip classless command, see the
    presentation on Routing Table Structure.)
     These packets will eventually be sent from RTA to ISP.
     Now what will the ISP router do with these packets for 172.16.4.1?
    9
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24

    X
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Link down (Continued)


     Now what will the ISP router do with these packets for 172.16.4.10?
     Since it has a route for this network pointing back to RTA, it will send it
    back to RTA.
     This is known as a “blackhole” in the network.
     Now we have a routing loop!
     Theses packets will eventually be dropped when the TTL (Time-to-live)
    field, in the IP headers, is decremented to 0.
     Is there a solution?
    10
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB
    X RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Link down – Solution #1: no ip classless


     One solution could be to change from classless routing behavior to classful
    routing behavior using the command: “no ip classless” on RTA and RTB.
     The affect of this modification is:
    – The router would search its routing table for a best-match for
    172.16.4.10.
    – The router would find the “parent network,” 172.16.0.0, and search the
    known subnets, “child routes,” 172.16.1.0/24 and 172.16.2.0/24, but
    would not find the route 172.16.4.0/24.
    – The affect of the “no ip classless” command makes the router drop any
    packets within the 172.16.0.0 network where there is no known subnet,
    but there is a parent network. (In this case 172.16.4.0/24 is not known.)
    – With the “no ip classless” command, the router does not use any
    supernet or default route when the there is at least one known subnet.11
    – The packets for 172.16.4.10 would be dropped by RTA and RTB.
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB
    X RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Link down – Solution #1: no ip classless (Continued)


     Although this is a remedy, this method cannot always be used.
     We will see that this does not solve the problem for packets destined for
    192.168.1.0/24 when this link is down.
     In some situations you may need to have classless routing enabled (ip
    classless):
    – May have discontiguous subnets and relying on default routing to reach
    them.
    – May be using route summarization and relying on supernet routes to
    reach those specific destinations.
     In any case, modifying the route look-up process with “no ip classless” is not
    an ideal solution when you are only trying to solve a specific problem, as
    this might have other affects on the routing behavior in your network that
    you did not foresee. 12
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB
    X RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Link down – Solution #2: Discard Route


     A more elegant and scalable solution is to use a discard route.
     A discard route is a route that sends packets to null0, the “bit-bucket,” when
    they do not have a route in the routing table and you do not want them to be
    sent using the default route.
     Discard Route on RTA: ip route 172.16.0.0 255.255.0.0 null0
     This would cause RTA to drop all packets for subnets in the 172.16.0.0
    network, that do not have a specific route in the routing table.
     Using our failed route example and still using classless routing (ip
    classless), any 172.16.0.0 packets not matching 172.16.1.0/24 or
    172.16.2.0/24, would be routed to null0, using the discard route.

    13
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB
    X RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Link down – Solution #2: Discard Route (Continued)


     Discard Route on RTA: ip route 172.16.0.0 255.255.0.0 null0
     Remember when we said earlier, that even when all of our links are up,
    there could still be a problem.
     Well, this also fixes any blackholing of traffic we might have for packets that
    are sent to 172.16.0.0/16 subnets that do not exist, for example, any
    packets incorrectly sent to 172.30.5.0/24 subnet. (This is even the case
    when all the links are up.)
     RTA’s discard route will drop these packets as well!

    14
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24

    X
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    What about packets destined for 192.168.1.0/24?


     In this case, the “no ip classless” command would not help, as this is not
    a subnet of a parent network in the routing tables of RTA or RTB.
     This route would be removed from the routing tables of RTA and RTB and
    all packets would be sent to ISP.
     Again, the ISP would send those packets back to RTA, causing another
    blackhole.

    15
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24

    X
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    What about packets destined for 192.168.1.0/24?


     In many cases your networks can be summarized within a single
    supernet.
     In these cases, your discard route should cover the entire range of your
    network, without including those routes outside your network.
     “The discard route should cover all destinations in the central and remote
    offices, but on the other hand should be as specific as possible to prevent
    blackholing of traffic going to other subnets of the same summary.” Alex
    Zinin, Cisco IP Routing 16
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24

    X
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    What about packets destined for 192.168.1.0/24? (Continued)


     However, in this case the there are networks between 172.16.0.0/16 and
    192.168.1.0/24, so a single discard route will not work.
     What about adding a second discard route on RTA?
     2nd Discard Route: ip route 192.168.1.0 255.255.255.0 null0
     Unfortunately, this would cause RTA to drop all packets for
    192.168.1.0/24 whether the link was up or not, because this static route
    would replace any dynamic route for this network in the routing table.
    (Lower administrative distance) 17
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24

    X
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    What about packets destined for 192.168.1.0/24? (Continued)


     What about modifying the administrative distance?
     2nd Discard Route: ip route 192.168.1.0 255.255.255.0 null0 200
     Now, this route would only enter the routing table for RTA, when the
    dynamic route to 192.168.1.0/24 is deleted.

    18
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

     So, to protect our network from blackholing traffic for routes that are in our
    network but no longer reachable (172.16.4.0/24 and 192.168.1.0/24
    examples), or for routes (subnets) that our ISP is routing back to us
    (172.16.5.0/24 example), discard routes can be used.
     This also is independent of the ip classless or no ip classless
    configuration.
     RTA discard routes:

    ip route 172.16.0.0 255.255.0.0 null0


    ip route 192.168.1.0 255.255.255.0 null0 200 19
    ISP Network

    ISP
    ISP has static routes for
    172.16.0.0/16 and RTA has a static default
    192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP

    Central Office Remote Office


    172.16.1.0/24

    RTA
    172.16.4.0/24

    172.16.2.0/24

    172.16.3.0/24
    192.168.1.0/24

    RTB RTC

    Customer Network
    172.16.0.0/16 and 192.168.1.0/24

    Final Notes
     Discard routes can be especially useful for networks that use static routes
    instead of dynamic routing, in order to prevent routing loops.
     “Configuring discard routes is the only way to prevent routing loops when
    several major networks are summarized into a supernet.” Alex Zinin,
    Cisco IP Routing
     For examples of these and other scenarios, read Cisco IP Routing, by
    Alex Zinin.
     For more information on the affect of the “ip classless” and “no ip
    classless” commands, read my presentation on “The Routing Table 20
    -Structure, Lookups, and the ip classless command.”
    Cisco IP Routing
    by Alex Zinin
    Addison-Wesley Pub Co
    ISBN: 0201604736

     Looking for more?


     This is the book to get!
    21
    Instructors: If you have any questions or
    comments, or if you find any mistakes
    in this presentation, please contact me:

    Rick Graziani
    graziani@cabrillo.cc.ca.us
    www.cabrillo.cc.ca.us/~rgraziani

    22

    You might also like