13 Replies Latest reply: Jun 16, 2019 5:48 AM by Steven Davidson RSS

    DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)

    CiscoLadder

      OK, for most of you, this may sound very stupid and wholly ridiculous and I’m not sure if you’ll even understand what I’m asking. NOTE: There’s several questions within this question.


      But I’m not getting some of the theory behind default static routes.


      I understand the difference between Default-Gateway and Default Static Routes i.e. IP Routing OFF (GWLR) or ON (DSR).


      • Why do we need any static routes period, other than the 0.0.0.0 0.0.0.0, if a default static route of 0.0.0.0 0.0.0.0 sends traffic on its way to the next router ? /// What am I missing here ?


      • Aren’t we saying, ‘Hey, If you don’t know how to get somewhere, use 0.0.0.0 0.0.0.0.’  ?


      • I mean, isn’t 0.0.0.0 0.0.0.0 basically taking care of finding all the networks a Router doesn’t know about ?


      • Or is it simply to do with pointing out a specific interface/gateway ?


      • Could you have a router setup as only having a DR as 0.0.0.0 0.0.0.0 ? If so, why would you ?


      • The last portion of this question is: Which router’s PERSPECTIVE should I be looking at default routes and default gateways ?


      Best Regards,

      Dave

      ciscoladder@gmail.com


        • 1. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
          Ing_Percy

          Hi!

           

          Here is a blog that could help you

           

          When talking about default gateways on PCs and default routes on routers and switches, it's important to differentiate between the two. A PC only connects to the network with a single interface, and it isn't a router; a switch (unless it's a Layer 3 switch) fits into the same category as the PC.

           

          On the other hand, a router — as long as it's really routing and not bridging — has multiple interfaces. It uses a default route to know where to send traffic that isn't on one of the known networks.

           

          Think of a default route as a "gateway of last resort." This special route tells computers or other routers to contact the next hop of the default router if they don't have a more specific route. Without a default route, a router will drop a request for a network that isn't in its routing table and send ICMP Destination Unreachable to the source of the traffic.

           

          Source: News, Tips, and Advice for Technology Professionals - TechRepublic

           

          Regards!

          • 2. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
            ciscodaze1



            • Why do we need any static routes period, other than the 0.0.0.0 0.0.0.0, if a default static route of 0.0.0.0 0.0.0.0 sends traffic on its way to the next router ? /// What am I missing here ?


            You don't necessarily "need" static routes - you are likely getting all your routes through a routing protocol.

            The choice to use static routes is simply an administrative choice.  A DSR is like a hail mary pass...it may or may not reach its destination, but if you know what you are doing, your regular static routes likely WILL reach their destination, (with less processing by the router).  DSRs are not a way to "save time" or work in networking, they are a way to (hopefully) get traffic to its destination, when you have no route for it.


            • Aren’t we saying, ‘Hey, If you don’t know how to get somewhere, use 0.0.0.0 0.0.0.0.’  ?


            Yes


            • I mean, isn’t 0.0.0.0 0.0.0.0 basically taking care of finding all the networks a Router doesn’t know about ?


            No, its a hail mary. Its doesn't "find" anything. Nothing is guaranteed, if the next router has a path then it will deliver the data. It gets passed along router to router until either one of them just drops the traffic, or it finds its destination.


            • Or is it simply to do with pointing out a specific interface/gateway ?


            Typically you are just pointing to your networks uplink to the service provider.


            • Could you have a router setup as only having a DR as 0.0.0.0 0.0.0.0 ? If so, why would you ?


            Yes that is the basic format for a catch all DSR, again, pointing to your service provider.  You don't typically exchange routes with your service provider.  Your routing domain is your business, and anything that needs to go out of your domain can do that with just the DSR on your edge router, leading out of your network.


            • The last portion of this question is: Which router’s PERSPECTIVE should I be looking at default routes and default gateways ?


            Not sure what you mean...



             


             

            • 3. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
              Omer

              CiscoLadder wrote:


              • The last portion of this question is: Which router’s PERSPECTIVE should I be looking at default routes and default gateways ?

               

               

              From the routers perspective, you should be looking at the default route. Consider this analogy .. you have to escape from a room ..

              Default gateway = only one door to get out of the room.

              Default route = multiple doors to different destination addresses to get out of the room. Lets says doors are numbered .. /16 /24.

              If two doors lead to the same destination, based on the longest prefix size (/24 > /16) longer match is used to get out. If the destination address is not on the door the use default route. Out of all the doors, there is one door with leads to unknown destinations.

              • 4. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                Omer

                CiscoLadder wrote:

                 

                OK, for most of you, this may sound very stupid and wholly ridiculous and I’m not sure if you’ll even understand what I’m asking.

                 

                Not stupid and ridiculous at all.

                I believe.. no question is stupid if it helps with clearing the concepts.

                • 5. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                  NewCareer86

                  I'm no expert but here's my TCW....

                   

                  We use static routes on branch office routers.

                   

                  You can create a "redundant" route to a destination network/subnet that the router will use if the primary route fails. (Set the AD of the route so it isn't selected as long as the primary route is available.

                   

                  And I'm sure many more reasons. JMO.

                   

                  Happy Saturday!

                  • 6. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                    NewCareer86

                    No! No question is stupid if you ask it to learn and better yourself! Every Guru was once a Noob

                    • 7. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                      NewCareer86

                      Not stupid and ridiculous at all.

                      I believe.. no question is stupid if it helps with clearing the concepts.

                      RIGHT ON, OMER!

                      • 8. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                        Steven Davidson

                        CiscoLadder wrote:

                         

                        • Why do we need any static routes period, other than the 0.0.0.0 0.0.0.0, if a default static route of 0.0.0.0 0.0.0.0 sends traffic on its way to the next router ? /// What am I missing here ?


                         

                        If a router had a single WAN interface and a single LAN interface and a dynamic routing protocol was configured to learn about all of the networks on the LAN side and the WAN side was to be used for all unknown destinations then a single default static route pointing to the WAN interface as a next-hop would be all that is required.  However a router seldom has only a single path to unknown destinations.  When a router has two or more paths to unknown destinations and you want to prefer one path over the other for a subset of unknown destinations then you need to use static route(s) which are more specific than the default.

                        • 9. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                          CiscoLadder

                          Thanks to all of you that responded !


                          Sooo...

                          Must a ‘Default’ Static Route always be set with 0.0.0.0 ?

                          OR

                          Could a Static ‘Default’ Route be the address of a next hop router that knows more about a topology ?

                          (If so, would this simply be ubiquitous to a plain vanilla static route ?)


                          Now...per my original question, (please just entertain me here) what I’m trying to say is (and this is where I think I‘m ‘thinking too much’)


                          A] 0.0.0.0 covers EVERYTHING no ?


                          B] If there’s a route pointing to 0.0.0.0, why do we need any static routes at all ? In other words, why can’t each router simply have (one) entry and (one) entry only, of 0.0.0.0 (on each interface) (no other entries) pointing to each other, (besides their directly connected networks (thus the router will do its job and send traffic to the appropriate directly connected network(s).


                          I told you it’s stupid and ya’ll didn’t believe me ! The thing is, I’m actually pretty bright yet I don’t get why I’m running into this roadblock.


                          I really wish I could convey what my head is thinking and stuck on.


                          One HUGE concept that I’m unclear on (and I think it’ll help tremendously), is this:

                             *** Doesn’t a Router implicitly know how to route traffic between ‘It’s own’ directly connected interfaces ? ***

                               This is much to do with my confusion with default static route of 0.0.0.0.

                                   I understand most of the ‘MECHANICS’ of the routing, I’m just stuck on the ’Core’ theory...


                          So...a Router is basically a ‘DUMB’ device at its core unless we tell it ’EXACTLY’ what we want it to do ?


                          Best Regards,

                          Dave - CiscoLadder

                          ciscoladder@gmail.com




                          • 10. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                            Juergen Ilse CCNA R&S

                            CiscoLadder schrieb:

                             

                            • Aren’t we saying, ‘Hey, If you don’t know how to get somewhere, use 0.0.0.0 0.0.0.0.’  ?

                            Exactly. But you can also look at it in a different way: If you have for eample a route for 192.168.0.0/16 and another route for 192.168.23.0/24, which onne would be used for the destination 192.168.23.42? The more specific route (i.e. the route to 192.168.23.0/24) will be used, because "more specific routes always go first". That is the way, how CIDR works. Now have a look at the default route. It is a route to 0.0.0.0/0, which is the least specific network possible. So this route will only be used, if there is no more specific route. Just because of the rules of CIDR, the default route works like you wrote: it is used whereever no more specific route is available, or as you wrote "when you don't know how to get somewhere".

                             

                            Btw.: You wrote "(Address) or (Interface)". It may be a good idea to specify both (yes, you can specify both). If you only specify the interface without the ip next hop, it may not work, if the link is not a point-to-point link. What happens, if you specify only he interface with ethernet? The router will then send out arp requests for every destination, and those arp requests will only be answered, if the next-hop router will do proxy-arp (which may be disabled because of security reasons). Just lab it:

                             

                            R1:

                             

                            interface fa0/0

                                 ip address 192.168.0.1 255.255.255.252

                                 no shutdown

                            exit

                            ip route 0.0.0.0 0.0.0.0 fa0/0

                            end

                             

                            R2:

                             

                            interface fa0/0

                                 ip address 192.168.0.2 255.255.255.252

                                 no ip proxy-arp

                                 no shutdown

                            exit

                            interface fa0/1

                                 ip address 192.168.23.1 255.255.255.0

                                 no shutdown

                            end

                             

                            no think of a host 192.168.23.42 connected to fa0/1 of R2 with it's default route pointing to 192.168.23.1. Would you be able to ping this host from R1? No, you wouldn't because R2 will not do proxy-arp for that host on inbterface fa0/0, so R1 does not get an answer to its arp request for the (not directly connected) ip address 192.168.23.42.

                            Now let us change the default-route on R1 and specify interface and next-hop ip address:

                             

                            ip route 0.0.0.0 0.0.0.0 fa0/0 192.168.0.2

                             

                            Now the ping will work, even if ip proxy-arp is disabled on fa0/0 of R2. That is because now R1 will sent out the arp request for the specified ip next-hop, and that will be answered even without ip proxy-arp, because that ip next-hop address is the ip address of R2 in that network.

                            So don't rely on ip proxy-arp, if you can avoid it: don't use a default-route without specifying the next-hop ip address (except on point-to-point links, where it may work without ip proxy-arp).

                            • 11. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                              Juergen Ilse CCNA R&S

                              CiscoLadder schrieb:

                               

                              B] If there’s a route pointing to 0.0.0.0, why do we need any static routes at all ? In other words, why can’t each router simply have (one) entry and (one) entry only, of 0.0.0.0 (on each interface) (no other entries) pointing to each other, (besides their directly connected networks (thus the router will do its job and send traffic to the appropriate directly connected network(s).

                               

                              Yes, a router already knows about its directly connected networks, but not about the routes to networks, thare not directly connected. Ket's look at an example, where one static default-route is not enough:

                               

                              A router R1 has interface fa0/0 configured with 192.168.0.1/24 and fa0/1 with 10.0.0.1/30 connected to fa0/0 of a router R2.

                              R2 has fa0/0 configured as 10.0.0.2/30 and fa0/1 configured with 10.0.1.2/30 connected to fa0/1 of a router R3.

                              R3 has fa0/1 configured with 10.0.1.1/30 and fa0/0 configured with 192.168.1.1/24.

                               

                              Now the routing: R1 has a default-route pointing to 10.0.0.2 (R2), R3 has a default-route to 10.0.1.1 (R2).

                              What static routes on R2 are needed to allow hosts from network 192.168.0.0/24 to ping hosts in network 192.168.1.0/24? None of those 2 networks is directly connected to R2, but R2 must send packets for 192.168.0.0/24 to R1 and packets for 192.168.1.0/24 to R3, otherwise the ping will not work. How can you achieve that with only one default static route on R2? Simple answer: you can't. So you need at least 2 static routes on R2 (if no routing protocols are involved), where only one covers 192.168.0.0/24 and the other covers 192.168.1.0/24.

                               

                              If R2 has only a default static route to R1, R1 will send packets destined to 192.168.1.0/24 to R2 (because of it's default static route) and R2 would send the packet back to R1 because of it's default static route. The routers will play pingpong with the packet and the packet will never reach it's destination. You really need a second route to 192.168.1.0/24 on R2 to make it work.

                              • 12. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                                Sergey

                                CiscoLadder,

                                 

                                Important thing to remember here, is that a "route" always consists of two parts: destination and direction. In other words, one part of it specifies WHERE you want to get and another part specifies HOW to get there. So, when you say "Could a static 'Default' Route be the address of a next hop router that knows more about a topology?", you imply that a route can only consist of one part. And that's not how route is defined. There have to be two parts. In case of default route, the destination is 0.0.0.0/0, which is in IP protocol lingo means "anywhere else" and the direction is either the interface (if it is a point-to-point interface) or IP address of next hop router.

                                 

                                Basically any computer is absolutely dumb device and only does exactly what you instruct it to do. Not specific to routers only

                                • 13. Re: DUMB QUESTION - Default Static Route Of 0.0.0.0 0.0.0.0 (Address) or (Interface)
                                  Steven Davidson

                                  CiscoLadder wrote:

                                   

                                  Must a ‘Default’ Static Route always be set with 0.0.0.0 ?

                                  OR

                                  Could a Static ‘Default’ Route be the address of a next hop router that knows more about a topology ?

                                  (If so, would this simply be ubiquitous to a plain vanilla static route ?)


                                   

                                  A default route is 0.0.0.0 so yes it must be 0.0.0.0

                                   

                                  CiscoLadder wrote:

                                   

                                  A] 0.0.0.0 covers EVERYTHING no ?


                                   

                                  Correct, everything matches 0.0.0.0/0

                                   

                                  CiscoLadder wrote:

                                   

                                  B] If there’s a route pointing to 0.0.0.0, why do we need any static routes at all ? In other words, why can’t each router simply have (one) entry and (one) entry only, of 0.0.0.0 (on each interface) (no other entries) pointing to each other, (besides their directly connected networks (thus the router will do its job and send traffic to the appropriate directly connected network(s).


                                   

                                   

                                  Suppose this is the topology:

                                   

                                  PC1 - R1 - R2 - R3 - PC2

                                   

                                  PC1 is 192.168.1.100

                                  PC2 is 192.168.3.200

                                   

                                  R1 has a default pointing to R2

                                  R3 has a default pointing to R2

                                  R2 has a default route to R1 and to R3

                                   

                                  Scenario #1

                                  PC1 pings PC2.  The packet arrives on R1.  The destination does NOT match any of R1's connected nets.  R1 forwards the packet to R2 based on the default.  R2 receives the packet.  The packet does NOT match any of R2's connected nets.  R2 has two equal-cost routes based on the default.  One is back to R1 and one is to R3.  Based on the selection algorithm R2 chooses R3 and forwards the packet.  R3 receives the packet.  The destination matches a connected network.  R3 figures out the destination MAC of PC2 and sends a frame to PC2.  PC2 receives the frame.

                                   

                                  Scenario #2

                                  PC1 pings PC2.  The packet arrives on R1.  The destination does NOT match any of R1's connected nets.  R1 forwards the packet to R2 based on the default.  R2 receives the packet.  The packet does NOT match any of R2's connected nets.  R2 has two equal-cost routes based on the default.  One is back to R1 and one is to R3.  Based on the selection algorithm R2 chooses R1 and forwards the packet.  R1 receives the packet and the destination does NOT match any connected networks.  R1 again chooses R2 and forwards the packet.  This repeats until the TTL of the packet expires.


                                  CiscoLadder wrote:

                                   

                                  One HUGE concept that I’m unclear on (and I think it’ll help tremendously), is this:

                                     *** Doesn’t a Router implicitly know how to route traffic between ‘It’s own’ directly connected interfaces ? ***


                                   

                                  A router can easily route traffic between its own connected networks.  However, it still uses the same logic when making the routing decision.  In other words, it can do it easily because the connected networks are in the routing table.  If I could somehow create a static route, on the router, that matches the prefix of a connected network such that the static route had a better administrative distance than the attached route I would be able to misdirect traffic destined even to an attached network.

                                   

                                  The thing to keep in mind is that (using traditional routing) a router only matches the default route when no other route (including connected/attached routes - routes added because they are networks assigned to the router's interfaces) matches.  You don't even need the default route to still cover all possible destinations.  You could technically make longer match static routes to cover the entire address space.  For example...

                                   

                                  0.0.0.0/1 could point in one direction for all destinations between 1.x.x.x and 126.y.y.y.y

                                  128.0.0.0/1 could point in a different direction for all destinations between 128.x.x.x and 223.y.y.y

                                   

                                  Neither of these are a default route but all destinations would match one or the other of these two routes so a router with just these two static routes would match a route on every packet received.

                                   

                                  You could even blackhole traffic to a specific destination on a router's attached network by adding a more specific route (more specific to the one added by the router for connected/attached networks) which points to null0.  For example:

                                   

                                  R1 - 12.0.0.0/24 - R2 - 23.0.0.0/24 - R3:

                                   

                                  R1#ping 23.0.0.3 repeat 1 time 1

                                  Type escape sequence to abort.

                                  Sending 1, 100-byte ICMP Echos to 23.0.0.3, timeout is 1 seconds:

                                  !

                                  Success rate is 100 percent (1/1), round-trip min/avg/max = 164/164/164 ms

                                  R1#traceroute 23.0.0.3 num time 1

                                  Type escape sequence to abort.

                                  Tracing the route to 23.0.0.3

                                  VRF info: (vrf in name/id, vrf out name/id)

                                    1 12.0.0.2 96 msec 88 msec 88 msec

                                    2 23.0.0.3 128 msec 92 msec 96 msec

                                   

                                  R2#show ip cef 23.0.0.3

                                  23.0.0.3/32

                                    attached to GigabitEthernet0/0.23

                                   

                                  R2#conf t

                                  Enter configuration commands, one per line.  End with CNTL/Z.

                                  R2(config)#ip route 23.0.0.0 255.255.255.128 null0

                                  R2(config)#do show ip cef 23.0.0.3

                                  23.0.0.0/25

                                    attached to Null0

                                   

                                  R1#ping 23.0.0.3 repeat 1 time 1

                                  Type escape sequence to abort.

                                  Sending 1, 100-byte ICMP Echos to 23.0.0.3, timeout is 1 seconds:

                                  U

                                  Success rate is 0 percent (0/1)

                                  R1#traceroute 23.0.0.3 num time 1

                                  Type escape sequence to abort.

                                  Tracing the route to 23.0.0.3

                                  VRF info: (vrf in name/id, vrf out name/id)

                                    1 12.0.0.2 140 msec 92 msec 92 msec

                                    2 12.0.0.2 !H  !H  !H

                                   

                                  As you can see from the above example, simply making a slightly more specific static route to a destination which covers 23.0.0.3 allows me to blackhole traffic to 23.0.0.3.  The connected route is a /24.  The static is a /25.  Longest match wins and in this case longest match goes to a special Null0 destination which tells R2 to eat the packet.

                                   

                                  As strange as this sounds, even though R2 has an ARP entry for 23.0.0.3, R2 still is unable to ping R3:

                                   

                                  R2(config)#do show ip arp

                                  Protocol  Address          Age (min)  Hardware Addr   Type   Interface

                                  Internet  12.0.0.1                4   ca01.48b0.0008  ARPA   GigabitEthernet0/0.12

                                  Internet  12.0.0.2                -   ca02.2b08.0008  ARPA   GigabitEthernet0/0.12

                                  Internet  23.0.0.2                -   ca02.2b08.0008  ARPA   GigabitEthernet0/0.23

                                  Internet  23.0.0.3               21   ca03.2334.0008  ARPA   GigabitEthernet0/0.23

                                  R2(config)#do ping 23.0.0.3 repeat 1 time 1

                                  Type escape sequence to abort.

                                  Sending 1, 100-byte ICMP Echos to 23.0.0.3, timeout is 1 seconds:

                                  .

                                  Success rate is 0 percent (0/1)

                                   

                                  This is because R2 follows a very rigid packet handling procedure.  Receive packet.  Perform lookup of destination in routing table.  Select exit interface/next-hop that belongs to the longest match.  It's not smart enough to say "hey, I'm going to ignore this Null0 next-hop for 23.0.0.3 because I can see, from my ARP cache, that this destination is layer 2 adjacent and I can just send a frame to this guy".