Discard Routes

Discard Routes and
Avoiding Routing Loops
CCNA/CCNP
Rick Graziani
Cabrillo College
Note to instructors
• If you have downloaded this presentation from the Cisco Networking

Academy Community FTP Center, this may not be my latest version of
this PowerPoint.
• For the latest PowerPoints for all my CCNA, CCNP, and Wireless
classes, please go to my web site:
http://www.cabrillo.cc.ca.us/~rgraziani/
• The username is cisco and the password is perlman for all of
my materials.
• If you have any questions on any of my materials or the curriculum,
please feel free to email me at graziani@cabrillo.edu (I really don’t
mind helping.) Also, if you run across any typos or errors in my
presentations, please let me know.
• I will add “(Updated – date)” next to each presentation on my web site
that has been updated since these have been uploaded to the FTP
center.
Thanks! Rick
Rick Graziani graziani@cabrillo.edu 2
Cisco IP Routing
by Alex Zinin
Addison-Wesley Pub Co
ISBN: 0201604736
• This book is highly recommended for instructors and CCNP students.

• Special thanks to the author, Alex Zinin, for his help.

Topics
• Situation: Normal
• Link Down
• Solution #1 – no ip classless
• Solution #2 – discard route
• What about packets destined for 192.168.1.0/24?
• Final Notes

Scenario
ISP Network
ISP
ISP has static routes for
172.16.0.0/16 and RTA has a static default
192.168.1.0/24 to RTA route 0.0.0.0/0 to ISP
Central Office Remote Office

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24

Scenario
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
• Customer Network is running a dynamic routing protocol.

• All subnets within the 172.16.0.0 network are contained in this “Customer Network.”
(There are no discontiguous 172.16.0.0 subnets via ISP.)
• Remote Office has 172.16.4.0/24 and 192.168.1.0/24 networks.
• All default traffic is sent to ISP, via 0.0.0.0/0 default route on RTA that is propagated to
RTB and RTC.
• ISP has static routes pointing to RTA for 172.16.0.0/16 and 192.168.1.0/24 networks.
Situation Normal
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
Situation: Normal
• As long as all the networks are up, everything should work fine.
• Actually, we will see later that even when all of our links are up,
there could be a problem.

Situation Normal
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
RouterA#show ip route
172.16.0.0/24 is subnetted, 3 subnets

C 172.16.1.0 is directly connected, Ethernet0
R 172.16.3.0 [120/1] via 172.16.2.1, 00:00:20, Ethernet1
R 172.16.4.0 [120/2] via 172.16.2.1, 00:00:20, Ethernet1
R 192.168.1.0/24 [120/2] via 172.16.2.1, 00:00:20, Ethernet1
S* 0.0.0.0/0 is directly connected, Serial1

Link Down
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
X
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
Link down
• What would happen if our link between RTB and RTC failed?
• Obviously, the Remote Office networks would be cut-off from the
Central Office.
• After the routing tables are updated, where would RTA or RTB send
packets with the destination IP address 172.16.4.10?
Link Down

• After the routing tables are updated, where would RTA or RTB send
packets with the destination IP address 172.16.4.10?
• If the router is running “ip classless,” it will forward the packet using the
default route. (For information on the ip classless command, see the
presentation on Routing Table Structure.)
• These packets will eventually be sent from RTA to ISP.
• Now what will the ISP router do with these packets for 172.16.4.1?

Link Down
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
X
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
• Now what will the ISP router do with these packets for 172.16.4.10?
• Since it has a route for this network pointing back to RTA, it will send it back to
RTA.
• This is known as a “blackhole” in the network.
• Now we have a routing loop!
• Theses packets will eventually be dropped when the TTL (Time-to-live) field, in
the IP headers, is decremented to 0.
• RickIsGraziani
there a solution?
graziani@cabrillo.edu 11
Link down – Solution #1: no ip classless

• One solution could be to change from classless routing behavior to
classful routing behavior using the command: “no ip classless” on RTA
and RTB.
• The affect of this modification is:
– The router would search its routing table for a best-match for
172.16.4.10.
– The router would find the “parent network,” 172.16.0.0, and search
the known subnets, “child routes,” 172.16.1.0/24 and
172.16.2.0/24, but would not find the route 172.16.4.0/24.
– The affect of the “no ip classless” command makes the router drop
any packets within the 172.16.0.0 network where there is no known
subnet, but there is a parent network. (In this case 172.16.4.0/24 is
not known.)
– With the “no ip classless” command, the router does not use any
supernet or default route when the there is at least one known
subnet.
– The packets for 172.16.4.10 would be dropped by RTA and RTB.

• Although this is a remedy, this method cannot always be used.

• We will see that this does not solve the problem for packets destined for
192.168.1.0/24 when this link is down.
• In some situations you may need to have classless routing enabled (ip
classless):
– May have discontiguous subnets and relying on default routing to reach
them.
– May be using route summarization and relying on supernet routes to
reach those specific destinations.
• In any case, modifying the route look-up process with “no ip classless” is not
an ideal solution when you are only trying to solve a specific problem, as
this might have other affects on the routing behavior in your network that
you did not foresee.
Link down – Solution #2: Discard Route
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
192.168.1.0/24
RTB
X RTC

Customer Network
172.16.0.0/16 and 192.168.1.0/24
• A more elegant and scalable solution is to use a discard route.

• A discard route is a route that sends packets to null0, the “bit-bucket,”
when they do not have a route in the routing table and you do not want
them to be sent using the default route.
• Discard Route on RTA: ip route 172.16.0.0 255.255.0.0 null0
• This would cause RTA to drop all packets for subnets in the 172.16.0.0
network, that do not have a specific route in the routing table.
• Using our failed route example and still using classless routing (ip
classless), any 172.16.0.0 packets not matching 172.16.1.0/24 or
172.16.2.0/24, would be routed to null0, using the discard route.
172.16.0.0/16 is subnetted, 3 subnets, 2 masks

S 172.16.0.0/16 is directly connected, Null0
C 172.16.1.0/24 is directly connected, Ethernet0
• Discard Route on RTA: ip route 172.16.0.0 255.255.0.0 null0

• Remember when we said earlier, that even when all of our links are
up, there could still be a problem.
• Well, this also fixes any blackholing of traffic we might have for
packets that are sent to 172.16.0.0/16 subnets that do not exist, for
example, any packets incorrectly sent to 172.16.5.0/24 subnet. (This
is even the case when all the links are up.)
• RTA’s discard route will drop these packets as well!

• When all links are up…


R 172.16.3.0/24 [120/1] via 172.16.2.1, 00:00:20, Ethernet1
R 172.16.4.0/24 [120/2] via 172.16.2.1, 00:00:20, Ethernet1
R 192.168.1.0/24 [120/2] via 172.16.2.1, 00:00:20, Ethernet1

Discard Routes
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
X
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
What about packets destined for 192.168.1.0/24?

• In this case, the “no ip classless” command would not help, as this is
not a subnet of a parent network in the routing tables of RTA or RTB.
• This route would be removed from the routing tables of RTA and RTB
and all packets would be sent to ISP.
• Again, the ISP would send those packets back to RTA, causing
another blackhole.
Discard Routes
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
X
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
What about packets destined for 192.168.1.0/24?

• In many cases your networks can be summarized within a single supernet.
• In these cases, your discard route should cover the entire range of your
network, without including those routes outside your network.
• “The discard route should cover all destinations in the central and remote
offices, but on the other hand should be as specific as possible to prevent
blackholing of traffic going to other subnets of the same summary.” Alex
Zinin, Cisco IP Routing
Discard Routes
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
X
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
What about packets destined for 192.168.1.0/24? (Continued)

• However, in this case the there are networks between 172.16.0.0/16 and
192.168.1.0/24, so a single discard route will not work.
• What about adding a second discard route on RTA?
• 2nd Discard Route: ip route 192.168.1.0 255.255.255.0 null0
• Unfortunately, this would cause RTA to drop all packets for 192.168.1.0/24
whether the link was up or not, because this static route would replace any
dynamic route for this network in the routing table. (Lower administrative
distance)
Discard Routes
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
X
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
What about packets destined for 192.168.1.0/24? (Continued)

• What about modifying the administrative distance?
• 2nd Discard Route: ip route 192.168.1.0 255.255.255.0 null0 200
• Now, this route would only enter the routing table for RTA, when the
dynamic route to 192.168.1.0/24 is deleted.

Discard Routes
172.16.0.0/16 is subnetted, 5 subnets, 2 masks Discard route for

S 172.16.0.0/16 is directly connected, Null0 172.16.0.0 network
R 172.16.3.0/24 [120/1] via 172.16.2.1, 00:00:20, Ethernet1
R 172.16.4.0/24 [120/2] via 172.16.2.1, 00:00:20, Ethernet1
R 192.168.1.0/24 [120/2] via 172.16.2.1, 00:00:20, Ethernet1
If RIP with
RouterA#show ip route AD=120 goes
down, replaced
172.16.0.0/16 is subnetted, 5 subnets, 2 masks with static
S 172.16.0.0/16 is directly connected, Null0 route with
C 172.16.1.0/24 is directly connected, Ethernet0 AD=200
R 172.16.3.0/24 [120/1] via 172.16.2.1, 00:00:20, Ethernet1
R 172.16.4.0/24 [120/2] via 172.16.2.1, 00:00:20, Ethernet1
S 192.168.1.0/24 is directly connected, null0
Discard Routes
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
• So, to protect our network from blackholing traffic for routes that are in our network but
no longer reachable (172.16.4.0/24 and 192.168.1.0/24 examples), or for routes
(subnets) that our ISP is routing back to us (172.16.5.0/24 example), discard routes can
be used.
• This also is independent of the ip classless or no ip classless configuration.
• RTA discard routes:
ip route 172.16.0.0 255.255.0.0 null0
ip route 192.168.1.0 255.255.255.0 null0 200
Discard Routes
ISP Network
ISP

172.16.1.0/24
RTA
172.16.4.0/24
172.16.2.0/24
172.16.3.0/24
192.168.1.0/24
RTB RTC
Customer Network
172.16.0.0/16 and 192.168.1.0/24
Final Notes
• Discard routes can be especially useful for networks that use static routes instead of
dynamic routing, in order to prevent routing loops.
• “Configuring discard routes is the only way to prevent routing loops when several major
networks are summarized into a supernet.” Alex Zinin, Cisco IP Routing
• For examples of these and other scenarios, read Cisco IP Routing, by Alex Zinin.
• For more information on the affect of the “ip classless” and “no ip classless” commands,
read my presentation on “The Routing Table -Structure, Lookups, and the ip classless
command.”
Cisco IP Routing
by Alex Zinin
Addison-Wesley Pub Co
ISBN: 0201604736
• Looking for more?

• This is the book to get!

Questions?
Instructors: If you have any questions or comments, or

if you find any mistakes in this presentation, please
contact me:
Rick Graziani
graziani@cabrillo.edu
www.cabrillo.edu/~rgraziani

Discard Routes

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Discard Routes

Diunggah oleh

Hak Cipta:

Format Tersedia

Discard Routes and

Avoiding Routing Loops

• If you have downloaded this presentation from the Cisco Networking

• This book is highly recommended for instructors and CCNP students.

Rick Graziani graziani@cabrillo.edu 3

Rick Graziani graziani@cabrillo.edu 4

Central Office Remote Office

Rick Graziani graziani@cabrillo.edu 5

Central Office Remote Office

• Customer Network is running a dynamic routing protocol.

Central Office Remote Office

Rick Graziani graziani@cabrillo.edu 7

Central Office Remote Office

172.16.0.0/24 is subnetted, 3 subnets

Rick Graziani graziani@cabrillo.edu 8

Central Office Remote Office

172.16.0.0/24 is subnetted, 3 subnets

Rick Graziani graziani@cabrillo.edu 10

Central Office Remote Office

Link down – Solution #1: no ip classless

172.16.0.0/24 is subnetted, 3 subnets

• Although this is a remedy, this method cannot always be used.

Central Office Remote Office

Link down – Solution #2: Discard Route

• A more elegant and scalable solution is to use a discard route.

172.16.0.0/16 is subnetted, 3 subnets, 2 masks

• Discard Route on RTA: ip route 172.16.0.0 255.255.0.0 null0

172.16.0.0/16 is subnetted, 3 subnets, 2 masks

• When all links are up…

172.16.0.0/16 is subnetted, 5 subnets, 2 masks

Rick Graziani graziani@cabrillo.edu 16

Central Office Remote Office

What about packets destined for 192.168.1.0/24?

Central Office Remote Office

What about packets destined for 192.168.1.0/24?

Central Office Remote Office

What about packets destined for 192.168.1.0/24? (Continued)

Central Office Remote Office

What about packets destined for 192.168.1.0/24? (Continued)

Rick Graziani graziani@cabrillo.edu 20

172.16.0.0/16 is subnetted, 5 subnets, 2 masks Discard route for

Central Office Remote Office

Central Office Remote Office

• Looking for more?

Rick Graziani graziani@cabrillo.edu 24

Instructors: If you have any questions or comments, or

Rick Graziani graziani@cabrillo.edu 25

Anda mungkin juga menyukai