Hi, I have seen a few operators adding static routes like: 0.0.0.0/1 some next-hop and 128.0.0.0/1 some next-hop. Why would anyone want to add such static routes? What does 0.0.0.0/1 mean. Note that the netmask is 1 and not 0. Thanks, Glen
Protection against learning a bad default route through whatever routing protocol they are learning, since these two routes would be more specific than any typical default route. They probably got burned learning a default route. On Sep 23, 2011, at 7:12 PM, Glen Kent <glen.kent@gmail.com> wrote:
Hi,
I have seen a few operators adding static routes like: 0.0.0.0/1 some next-hop and 128.0.0.0/1 some next-hop.
Why would anyone want to add such static routes? What does 0.0.0.0/1 mean. Note that the netmask is 1 and not 0.
Thanks, Glen
Wouldn't it make more sense to filter in bound default? or use a single static default if you where worried about that? -jim On Fri, Sep 23, 2011 at 10:18 PM, Joel Maslak <jmaslak@antelope.net> wrote:
Protection against learning a bad default route through whatever routing protocol they are learning, since these two routes would be more specific than any typical default route. They probably got burned learning a default route.
On Sep 23, 2011, at 7:12 PM, Glen Kent <glen.kent@gmail.com> wrote:
Hi,
I have seen a few operators adding static routes like: 0.0.0.0/1 some next-hop and 128.0.0.0/1 some next-hop.
Why would anyone want to add such static routes? What does 0.0.0.0/1 mean. Note that the netmask is 1 and not 0.
Thanks, Glen
On Fri, Sep 23, 2011 at 9:57 PM, jim deleskie <deleskie@gmail.com> wrote:
Wouldn't it make more sense to filter in bound default? or use a single static default if you where worried about that?
there's lots of smarter things you COULD do :) this, it seems to me, is a great thing for the operations bcp folks to work out though :)
On Fri, Sep 23, 2011 at 8:57 PM, jim deleskie <deleskie@gmail.com> wrote:
Wouldn't it make more sense to filter in bound default? or use a single static default if you where worried about that?
Yes, the aesthetics of using a "/1 route" for that purpose are very poor. Don't implement design objectives using subtle side-effects, when a proper tool is available -- human errors later are likely. Using a /1 static to achieve a "longer prefix" to override a default falls in that category, when routers have a filtering mechanism capable of explicitly expressing the desired policy :)
-jim -- -JH
Joel, Glen, Le 24/09/2011 03:18, Joel Maslak a écrit :
Protection against learning a bad default route through whatever routing protocol they are learning, since these two routes would be more specific than any typical default route. They probably got burned learning a default route.
Having a default route, or rather having a route to every possible adresses, is required when you expunge your routing tables of some prefixes yet you still wish to contact them relying on the next-hop's table. Simple application is to filter incoming routes longer than /20 or /21 to free up some memory on your routers (reducing the global table from 377k to less than 100k routes is a nice perspective ;) ) But a default route is an obvious move and could easily be leeked by an upstream, yet replacing yours if not properly filtered. So, using more precise routes (/1s to /8s) helps avoiding these risks and yet lets you roughly balance load to several gateways. -- Jérôme Nicolle
On Sat, 24 Sep 2011, Glen Kent wrote:
Hi,
I have seen a few operators adding static routes like: 0.0.0.0/1 some next-hop and 128.0.0.0/1 some next-hop.
It means half the IPv4 internet goes one way. Half goes the other way. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Well considering that native multicast isn't enabled end to end Internet wide, and class E address space isn't used, it's more like half your IPv4 Internet goes one way, and ~38% goes the other way... :-b Stefan Fouant JNCIE-M, JNCIE-ER, JNCIE-SEC, JNCI Technical Trainer, Juniper Networks Follow us on Twitter @JuniperEducate Sent from my iPad On Sep 23, 2011, at 10:15 PM, Jon Lewis <jlewis@lewis.org> wrote:
On Sat, 24 Sep 2011, Glen Kent wrote:
Hi,
I have seen a few operators adding static routes like: 0.0.0.0/1 some next-hop and 128.0.0.0/1 some next-hop.
It means half the IPv4 internet goes one way. Half goes the other way.
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
I found I had to do this many years ago on some Cisco routers to get them to load balance (per packet) across two links. Adding 0.0.0.0/0 routes across both links just resulted in traffic routing across one link. Broke it into two /1's per link and it worked perfectly. On 24 September 2011 02:12, Glen Kent <glen.kent@gmail.com> wrote:
Hi,
I have seen a few operators adding static routes like: 0.0.0.0/1 some next-hop and 128.0.0.0/1 some next-hop.
Why would anyone want to add such static routes? What does 0.0.0.0/1 mean. Note that the netmask is 1 and not 0.
Thanks, Glen
On Sep 25, 2011, at 3:37 AM, Tom Storey <tom@snnap.net> wrote:
I found I had to do this many years ago on some Cisco routers to get them to load balance (per packet) across two links. Adding 0.0.0.0/0 routes across both links just resulted in traffic routing across one link. Broke it into two /1's per link and it worked perfectly.
Two other reasons for this too: 1) Something won't redistribute 0.0.0.0/0 on the network. Either because the person doesn't know the command to tell the router to do it, or because the router simply won't redistribute a default route. 2) Could also be failover. One router might be advertising 0.0.0.0/0 on one end of the network. A different router on a different part of the network might be advertising the two /1's. The /1's would be used unless they became unreachable.
participants (9)
-
Christopher Morrow
-
Glen Kent
-
jim deleskie
-
Jimmy Hess
-
Joel Maslak
-
Jon Lewis
-
Jérôme Nicolle
-
Stefan Fouant
-
Tom Storey